Anthropic locks down OpenClaw access

Anthropic briefly suspended OpenClaw creator Peter Steinberger on April 10 after flagging his Claude account for “suspicious” activity, then restored access a few hours later after the case blew up publicly. That sounds like one developer account getting tripped by mistake, but it landed one week after Anthropic changed how Claude works with outside tools like OpenClaw. On April 4, Anthropic stopped letting standard Claude subscriptions cover usage through third-party harnesses and pushed that traffic onto pay-as-you-go billing through the Claude application programming interface. A harness is the software layer that sits between a model and the real world. Instead of one chat box and one reply, a harness can keep retrying, call tools, browse, edit files, and loop until a task is done, which turns one prompt into a much heavier workload. OpenClaw is one of those harnesses. It is an open-source wrapper that lets people plug Claude into broader automation flows, which is why it became popular with developers who wanted more than the normal Claude website or desktop app. Anthropic’s argument is simple: a flat monthly subscription was priced for ordinary human use, not for software that can run long control loops and burn through far more compute. The Register reported that Anthropic’s consumer terms have barred unapproved automated access since at least February 2024, even if enforcement stayed loose until 2026. Anthropic also spent 2025 tightening its rules around “agentic” use, which is the company’s term for systems that can take multi-step actions on a user’s behalf. In its August 15, 2025 policy update, Anthropic said those tools raise risks tied to malware, cyberattacks, and other scaled abuse, and added more explicit restrictions for that category. That is why the April 10 suspension felt bigger than a billing change. CXO Digital Pulse reported that Anthropic has added technical safeguards against unofficial integrations, especially ones using OAuth tokens from consumer accounts to connect external tools. The company’s public line after the backlash was narrower than the first suspension message. TechCrunch reported that an Anthropic engineer told Steinberger the company had “never banned anyone for using OpenClaw,” which suggests the account action was either an enforcement error or a security system catching behavior that looked like one. Steinberger said he was not trying to dodge the new billing rules. According to TechCrunch, he was using an application programming interface key to test whether OpenClaw still worked for Claude users, which is exactly the path Anthropic says third-party tools should use now. The fight here is partly about safety and partly about economics. Third-party wrappers can become the product users love while the model company pays the compute bill underneath, and Anthropic is now drawing a hard line between its own subscription products and outside software built on top of Claude. So the practical change is not that Claude disappeared from OpenClaw. The practical change is that unofficial access paths are now more likely to trigger billing blocks, policy enforcement, or security reviews, even when the developer involved is a well-known name testing a live integration.