You Are Building on Infrastructure You Do Not Control.

Two things happened in the last few weeks that every builder using AI coding tools should be paying attention to.

Two weeks ago, Cursor launched Composer 2 and called it a proprietary breakthrough with "frontier-level coding intelligence." Within hours, a developer found the model ID in the API response: kimi-k2p5-rl-0317-s515-fast. It was Kimi K2.5, an open-source model from Beijing-based Moonshot AI. A $50 billion company shipped someone else's model and did not mention it.

Last week, Anthropic throttled Claude during peak hours. Max subscribers paying $100 a month watched their 5-hour session limits evaporate in 90 minutes. A prompt caching bug drained tokens at abnormal rates. Five platform outages in a single month. Anthropic acknowledged it publicly: "People are hitting usage limits way faster than expected."

These are not isolated incidents. They are the same story viewed from two angles.

You are building your workflow, your product, your startup on infrastructure you do not control. And the terms can change while you are mid-sprint.

The Claude situation is worse than the headlines suggest

The headline is that Anthropic throttled peak hours. The reality is more complicated.

Two separate problems hit simultaneously. First, a prompt caching regression caused tokens to drain at abnormal rates. GitHub issue #38335 documents Max plan users burning through their entire 5-hour session in under 90 minutes on identical workloads that had been stable for weeks. One user reported a single prompt consuming 7% of their Max 5x session.

Second, Anthropic intentionally tightened session limits during peak hours. Between 5am and 11am Pacific on weekdays, users now move through their session limits faster. Anthropic's Thariq Shihipar said roughly 7% of users would hit limits they had not hit before. The community reports suggest the real number is higher.

The root cause is a demand surge Anthropic could not absorb. After OpenAI signed a Pentagon contract in late February, ChatGPT uninstalls spiked 295% in a single day. The QuitGPT movement claimed 2.5 million participants. Claude hit number one on the US App Store. Web traffic jumped over 30% in a month.

You can sign up 100,000 new subscribers overnight. You cannot add 100,000 GPUs of inference capacity overnight. The gap shows up somewhere. In this case, it showed up as your primary build tool becoming unreliable during your working hours.

One Pro subscriber on Discord: "It is maxed out every Monday and resets Saturday. Out of 30 days, I get to use Claude 12." A Max 5x user: "I used up Max 5 in 1 hour of working. Before, I could work 8 hours."

The part that should concern builders most: Anthropic does not publish its token limits. The Pro plan promises only "at least five times the usage compared to our free service." There is no SLA. There are no published numbers. You cannot plan your workday around limits you cannot see.

Anthropic's advice to developers: shift token-intensive work to off-peak hours. An AI company telling builders when they can and cannot work productively is a utility company telling customers to conserve power to avoid brownouts.

That is not how infrastructure works. That is how rationing works.

The Cursor situation is a transparency problem

Two weeks ago, Cursor launched Composer 2. The benchmarks were real. 61.7% on Terminal-Bench 2.0, beating Claude Opus 4.6 at one-tenth the cost. The performance improvement is genuine. That is not the issue.

The issue is that a company valued at $50 billion launched what it described as a proprietary breakthrough and did not mention that the foundation was Kimi K2.5, built by Moonshot AI, a Chinese company backed by Alibaba and HongShan.

A developer found the model ID in the API response within hours. The identifier was kimi-k2p5-rl-0317-s515-fast. Literally "Kimi K2.5 plus reinforcement learning." They did not even rename it. Elon Musk's response: "Yeah, it's Kimi 2.5."

Moonshot AI's head of pretraining ran a tokenizer analysis. Identical match. Confirmed.

Cursor's VP of developer education acknowledged it: "Yep, Composer 2 started from an open-source base." He said only about 25% of the compute came from the base model. Cursor's co-founder called the omission "a miss."

This is not the first time. When Composer 1 launched in November 2025, the community discovered the tokenizer was identical to DeepSeek's. Two models, two launches, two times the foundation was built in China and not disclosed.

Kimi K2.5's modified MIT license requires that any commercial product exceeding $20 million in monthly revenue must prominently display "Kimi K2.5" in its user interface. Cursor's revenue exceeds that threshold by roughly eight times. As of today, Cursor's interface does not display "Kimi K2.5" anywhere.

The systems lesson here is not about geopolitics. It is about what is actually running under the hood of the tools you depend on. If the tool you use every day can swap its foundation model without telling you, you do not know what is processing your code. You are not using a product with a stable contract. You are using a wrapper around decisions someone else made without informing you.

The pattern is the same everywhere

Claude throttles you during working hours. Cursor hides what model is actually running. Both have opaque pricing, no published SLAs, and terms that can change without notice.

Alternatives exist. OpenAI's Codex CLI runs locally, though the model behind it still requires a ChatGPT subscription. Same vendor dependency, different vendor. Open-source models like Kimi K2.5 and Llama are increasingly capable and can be self-hosted, but running them demands GPU infrastructure and operational overhead most builders do not have.

The uncomfortable reality is that there is no fully independent option right now that matches what Claude or Cursor deliver in terms of capability. You are, to some degree, dependent on a vendor. The question is not whether you have dependency. It is whether you are aware of it, and whether you are managing it.

What this means for builders

If you are building a product, a startup, or your career on top of AI coding tools right now, here is what the last few weeks should teach you.

Your primary build tool is not infrastructure. It is a subscription. A subscription can change its terms, pricing, and availability overnight. Infrastructure has SLAs, published limits, and contractual guarantees. No AI coding tool offers any of these. The next time Claude goes down during your sprint, there is no recourse. No credit. No escalation path. Just a wait.

The model under your tool can change without notice. Cursor swapped its foundation model and did not tell users. Anthropic can change how Claude handles your context window, how tokens are metered, or how caching works. You will find out when your session breaks, not when the change is made.

Diversification is not indecision. It is risk management. The developers who had the smoothest March were the ones who could switch between tools when one went down. The 70% of professional developers using two to four AI tools simultaneously are not being scattered. They are managing the risk that any single tool can become unreliable on any given day.

Track your actual costs. Claude does not tell you how many tokens you have left or how many each prompt consumed. If you are building a business on top of a tool that cannot tell you what it charges per unit of work, you are operating blind. Check /cost in Claude Code after every significant task. Build a mental model of what things cost. If a session climbs past $10 and you are still on the same task, something is wrong.

Have a fallback plan. Not a full migration strategy. Just a plan for what you do when your primary tool is unavailable for a day. Which tasks can wait? Which ones can be done with a secondary tool? Which critical paths need a local option? Having an answer to these questions before the outage is the difference between a frustrating day and a lost one.

The real observation

Every previous generation of developer tools had a property we took for granted: availability. Your IDE did not throttle you during peak hours. Your compiler did not have a monthly limit. Your terminal did not run on someone else's servers with opaque metering.

AI coding tools broke that assumption. We traded local, reliable, unlimited tools for cloud-hosted, rate-limited, vendor-controlled ones. The capability gain was enormous. But we forgot to price in the dependency risk.

The tools are worth using. That is not the question. The question is whether you are treating them as reliable infrastructure or as the volatile services they actually are.

Claude throttled. Cursor hid its model. Both happened in the same month. Neither gave users advance notice. Neither offered compensation.

March 2026 is the month the dependency risk became visible.

Build accordingly.

InsideTheStack: how real systems actually work.