They might be sending some user requests to Anthropic to gather trading data for their own models. If they do so, perhaps they need to add some tracer to request that they prefer to hide.
Verbally minimising potential threats is not a valid approach to managing risk. We have seen mass misuse of tokens acquired through nefarious means to distill models and enhance training as a way of catching up recently, among other related issues. It is quite appropriate to wonder what else might be going on.
The request would need to be done from their service, so as not to expose the API key, and because it just makes sense. They could probably directly proxy it and Wireshark couldn't catch it, due to everything being HTTPS. But people could probably catch it by decompiling, so it would make more sense to have the server make the request as part of a GLM request. Not that I think this is plausible - I'm not sure.
Everyone should distrust them equally. Only local agents in a detached network namespace are safe from data leaks. It is perfectly reasonable to assume they are using our sessions to train on, since everything else short of nuclear launch codes is already there, and they need to keep feeding it.
Here on HN we discuss facts, jumping straight into racism has no place here.