Router GraveyardJuly 10, 2026

At Least Seven New 'Route Your Subscriptions' Products Launched in the Last Year. Most Won't Survive.

The April 4, 2026 Anthropic ban kicked off a gold rush of 'route your existing consumer subscriptions' routers. At least seven shipped between mid-2025 and mid-2026. Most repeat the same structural mistakes as the 2023-2024 graveyard: ToS exposure, hosted concentration, learned routers that rot, and zero moat on policy. Here's the actual list, the failure modes, and the only pattern that survives.

At Least Seven New 'Route Your Subscriptions' Products Launched in the Last Year. Most Won't Survive.

Twelve months ago, “subscription router” was not a category. The phrase existed in scattered GitHub READMEs and a few Discord threads, but no serious product called itself one. As of this writing, at least seven distinct products launched between mid-2025 and mid-2026 do. Most have raised nothing, sell nothing, and route traffic through accounts they do not own.

The catalyst was the April 4, 2026 Anthropic ban on Claude Pro and Max through third-party routers, the same week xAI tightened its anti-resale language and OpenAI’s Codex CLI fingerprinting started showing up in enforcement actions. For a few weeks it looked like arbitrage on consumer subscriptions might be the new hot AI infrastructure vertical. It was not. It was the same shape as the 2023-2024 router graveyard, just wearing a different mask.

This post surveys the public products we could confirm, names the structural failure modes they share, and explains why the only durable position in this category is the one that refuses to be in it at all.

The signal that started the rush

Three things happened within ninety days of each other, and they read like a single coherent shift:

  • April 4, 2026, Anthropic ban. Claude Pro and Max could no longer be used through third-party routers, proxies, or “smart model pickers.” Providers had been signaling for months. This was the first explicit enforcement tied to a consumer tier. Gray-market routers that had been quietly operating on OAuth and shared sessions started losing access within days.
  • June 2026, xAI ToS update. Anti-resale language targeting “unofficial clients” and “aggregator or reseller” patterns. Less enforcement theater, more language hardening. The signal was the same.
  • Rolling OpenAI Codex fingerprinting. Reports of rustls-based clients on non-macOS platforms producing detectable fingerprints. Wrapper tools that routed Codex OAuth through third-party endpoints got throttled or banned.

Each event on its own would have been background noise. Together, they produced a clear pattern: providers were done tolerating subscription pooling. Anyone still building a business on top of consumer accounts was about to find out how fast that floor could drop.

The rush that followed was predictable. Within weeks, “use your existing Claude Pro / Max / ChatGPT Plus / Grok subscriptions through a unified API” became a Product Hunt category. Discord launches, X threads, npm packages, GitHub repos with stars in the hundreds and READMEs that were mostly screenshots of someone else’s paywall.

We tracked them. Below is the list of products we could verify were actually shipping traffic through consumer accounts, with what they claimed, what they charged, and what was visible about their ToS posture. Some were built on top of one another (forks and wrappers). All seven were public enough to document.

The actual products

A note on naming: we used the names and claims from public launch posts, GitHub READMEs, Product Hunt submissions, and Discord announcements. Where a project changed name, rebranded, or went dark after launch, we noted it. Pricing figures are as advertised at launch unless otherwise stated.

1. cc-router

cc-router shipped in May 2026 as a Node-based proxy that exposed a single OpenAI-compatible endpoint backed by Claude Code CLI sessions running on pooled consumer Pro accounts. The pitch: “Point your existing Claude Code at this, get a clean OpenAI-shaped API for free.” It was free and open source on GitHub, with a hosted version offered at $19 per month for “managed Pro/Max rotation.”

The product leaned hard on Anthropic’s own CLI as a harness. Multiple accounts behind a load balancer. Session tokens rotated on a schedule. Within six weeks of launch, GitHub issues filled with reports of accounts being banned, and the hosted version quietly removed the Pro/Max path while keeping the first-party API path.

What it claimed: a free endpoint for your existing Claude subscription, with managed rotation for a small fee.

What it actually was: Tier 3 gray-market OAuth, sitting in the same category as the products the April 4 ban was written about.

2. claude-code-llm-router

A Python wrapper that turned Claude Code’s internal claude binary into an HTTP server. Launched in early 2026, before the Anthropic ban made the wave obvious. The original author described it as a “local hack” and explicitly told users not to use it for production. By May, it had 1,800 stars, multiple forks adding Grok and ChatGPT support, and a paid “Pro” tier that ran the same wrapper in a hosted container.

The paid tier took a 30% cut on top of whatever Anthropic charge the account. It is now offline. The README still exists; the homepage returns 404.

What it claimed: turn your Claude Code subscription into a hosted API.

What it actually was: the canonical example of an open-source personal project that picked up enough attention to become a liability the moment Anthropic started enforcing.

3. involvex-claude-router

A Discord-driven project that billed itself as “anti-ban cloaking for Claude Pro.” It claimed to use residential proxies and browser fingerprint randomization to evade Anthropic’s detection. Launched June 2026, weeks after the ban, almost certainly in direct response to it.

The product page (still up at the time of writing) is candid about its ToS posture. It labels itself as a “Tier 3 convenience layer” and tells users to use at their own risk. Pricing was $39 per month, plus the cost of your own Pro subscription.

What it claimed: anti-detection routing for Claude Pro/Max, with explicit risk acknowledgment.

What it actually was: a price tag on top of a ToS violation, with the operator charging you to take the risk Anthropic is actively enforcing against.

4. Flow Router (flowork)

A unified multi-subscription router that tried to pool Claude Pro/Max, ChatGPT Plus, and Grok consumer accounts behind one endpoint. Launched July 2026 with a Product Hunt campaign and a “save 80% on your subs” headline. The marketing emphasized that you could “use the subscriptions you already pay for” rather than buying API credits.

Free tier capped at 1,000 requests per day. Pro tier was $29 per month. The site lists integrations with MCP server tools, claiming “the first MCP-native multi-sub router.”

What it claimed: one endpoint for all your subscriptions, MCP-native, with no API markup.

What it actually was: three separate Tier 3 paths in a trench coat. If any one provider enforces, two of the three endpoints stop working and the third goes down within hours.

5. Golden Router (G-ROUTER)

Branded as “the legitimate subscription router,” a name choice that does most of the work of telling you what the rest of the category looks like. Launched late June 2026, marketed heavily on X and through a paid newsletter. Pricing was $49 per year per account connected, with an “enterprise” tier at $499 per year for shared pools.

The product used OAuth flows to subscribe consumer accounts, then exposed them through a single API. The marketing copy walked right up to the line of the ToS language. It did not cross it explicitly, but it also did not surface risk anywhere in the user flow.

What it claimed: a legitimate, paid subscription-router product with enterprise pricing.

What it actually was: the same gray-market OAuth model with a marketing budget. The “legitimate” framing is the tell: the people building these know they are not legitimate, and they are betting you will not notice.

6. llm-router and its forks

llm-router was the generic name several projects chose, leading to a family of forks: llm-router-pro, llm-router-multi, llm-router-mcp, and at least four others we could verify. The base project was an MIT-licensed router that started life targeting first-party API keys. Within months, multiple forks added OAuth pooling for consumer subscriptions and rebranded with the same set of marketing claims.

The forks are the most instructive part of the pattern. They are not coordinated, but they are interchangeable. They share the same architecture (consumer OAuth → OpenAI-compatible endpoint), the same pricing model (free OSS, hosted $19-29/month), and the same future (banned, deprecated, or pivoted).

What it claimed: an open ecosystem of subscription routers, with “Pro” and “Multi” flavors.

What it actually was: the same gray-market product in different packaging, none of which has a defensible position against the providers they depend on.

7. playground.chat

Not a router in the API sense, but a chat surface that pooled consumer subscriptions behind a unified interface. Launched April 2026, peaked around May-June, then went dark after the Anthropic ban. The product was positioned as a “developer playground” that “uses your existing accounts” rather than charging for tokens.

What it claimed: a unified chat surface for your existing Pro/Max subscriptions, free.

What it actually was: an unmonetized consumer-facing version of the same Tier 3 model, with no business model and no path to one.

Honorable mentions (collapsed, rebranded, or in maintenance)

A few more that did not quite make the main list but worth naming:

  • Merlio and Mindly-style “unified subscription surfaces.” Both briefly tested the same pitch, both quietly rebranded to “AI workflow automation” within weeks of the April 4 ban.
  • NadirClaw, a CLI wrapper that pooled Pro/Max with explicit anti-detection. The author posted the launch, deleted the repo two weeks later, and posted a public apology that read like a draft ToS disclosure had finally landed.
  • A handful of smaller forks and Telegram-channel products that never reached public launch. Most have already gone dark.

The collapse is faster than the launch. That ratio is itself the signal.

The failure modes they share

Every product on that list, plus the ones we could not include for length, walks into one or more of the same traps. The graveyard taught us to name them, so here they are in order of how quickly they kill a product.

ToS exposure (Tier 3 gray-market)

In RoutePlane’s ToS-Risk classification, Tier 3 is OAuth through pooled consumer subscriptions, reverse-engineered clients, or “cloaked” wrappers. The April 4, 2026 Anthropic ban made Tier 3 an explicit enforcement target. The xAI June 2026 ToS update and the Codex fingerprinting work made it a category.

The routers above do not hide that they are Tier 3. Some are explicit about it (involvex). Others brand around it (Golden Router). All of them carry the same structural risk: the day a provider tightens enforcement, the product stops working. The operator does not control this. The user does not control this. Only the provider does.

This is the fastest failure mode on the list, and the one every single product in the wave walks into by definition.

Cost of inference if you proxy

If a router sits between the user and the provider, it has to either pass traffic through (and lose the ability to do anything interesting) or hold the provider account itself and pay the inference bill. The latter is the only way to charge per-token or to do anything beyond literal passthrough. It is also the path that turns a “free” product into a negative-margin one the moment usage scales.

The hosted versions of cc-router, claude-code-llm-router, and the llm-router forks all hit this. A handful of cents per request to the provider, a handful of cents per request back to the user, and a margin so thin that growth makes the loss bigger. The product either dies, pivots to a markup the consumer sees, or raises prices until the value proposition is gone.

No moat on policy

Every router on the list sells “smart routing” or “anti-ban cloaking” or “unified policy across subscriptions.” None of it is defensible. A policy that works against one provider’s detection can be copied in a weekend. A classifier that learns when to use Claude vs Grok rots the same way RouteLLM’s preference model did, at the speed of model releases.

RouteLLM is the case study. Trained preference model, frozen against mid-2024, last commit August 2024. The pattern repeats at every layer: anything that depends on a snapshot of provider behavior becomes a depreciating asset the moment the snapshot ages out.

The only durable routing surface is the one that encodes your intent (tiers, failover order, cost ceilings) rather than a learned view of the world. That is a YAML file. You cannot sell a YAML file at venture scale.

Concentration if hosted

If you run a hosted subscription router, you are in the middle. You sit between the user and the provider. You pool hundreds of accounts behind one endpoint. When one provider decides to enforce, you go down. When many decide at once (the April 4 plus June 2026 plus rolling Codex pattern), you go dark.

OpenRouter’s $1.3B raise and the Portkey/PANW acquisition are the two proof points for the same lesson: the hosted layer survives only by becoming a billing aggregator or a security gateway. Neither of those is “route your subscriptions.”

Subscription routers cannot take the aggregator path because their input is not a billing relationship, it is a contract they do not have. They cannot take the security path because they are not selling governance. They are stuck in the middle, with no path to margin.

The 2023-2024 graveyard, again

RouteLLM, Keywords AI, Unify, Martian-as-router, Helicone-as-gateway, kluster.ai, Yupp. The body count from the first wave is long enough that the new wave should know better.

The shape is the same. Smart model picker. Funded or forked. Pivots to observability, governance, or nothing. Dies quietly. The new wave has the same shape plus a worse starting position: its inputs (consumer subscriptions) are actively being taken away by the providers.

The ones that will survive

Strip away the marketing, the launches, and the Discord hype, and a small number of subscription-routing-adjacent projects will be around in eighteen months. They share three properties.

Treat license as proof, not gate. The product is open source. You can use it without paying. Paying gets you a license key that proves you supported the work, plus whatever features the maintainer chooses to put behind that key without breaking the open core. This is the model RoutePlane uses for Pro. It is also the model used by every durable open-source router we have seen survive a wave.

Local or clear BYOK. The router runs on your machine, with your keys, against providers you pay directly. No pooled accounts. No shared sessions. No “we hold the key for you.” When a provider changes terms, you change your policy file. When a provider bans a path, you pick a different one. The router does not get in the way.

Explicit policy over magic. Tiers, failover order, cost ceilings, region preferences, ToS-Risk classification. Written by you, version-controlled by you, executed by the router. No learned quality model that needs retraining. No classifier that rots. No anti-detection that gets detected.

If you sort the products on the list above by those three properties, almost none of them make it. That is the point.

RoutePlane’s bet

We have been public about what we are building since the first Router Graveyard post. The bet did not change when the subscription wave hit. It got reinforced.

  • Your routing policy is a YAML file on your machine. Not someone else’s config UI. Not a hosted dashboard you can lose access to.
  • You bring your own keys. You pay providers directly. We do not sit in the token path. We do not meter. We do not take a cut. The router is a one-time purchase at $49 for Pro, and that is the only transaction we are in.
  • We surface ToS-Risk tiers in routeplane status instead of pretending they do not exist. Tier 1 (first-party keys), Tier 2 (documented harnesses), Tier 3 (gray-market OAuth). We do not block Tier 3 by default. We name it. The user decides.
  • We do not phone home. The binary works offline. License validation is local. The machine you run it on is the machine it stays on.

The subscription router wave is the most direct empirical argument for this bet. Every product in it is in the middle of something. Every product in it depends on a contract it does not have. Every product in it will either die, pivot, or quietly start charging for what it pretended was free. The graveyard is not a metaphor. It is the next eighteen months.

What to ask before you adopt any of them

If you are evaluating subscription routers right now, the only question that matters is the one almost no one asks at the demo:

Who pays when the provider changes the rules?

Not “what does it cost today.” Not “how smart is the routing.” Who pays (in money, in account bans, in legal exposure, in the loss of the routing layer itself) the day Anthropic (or xAI, or OpenAI, or the next one) decides that the path your router depends on is no longer theirs to give.

If the answer is “the operator absorbs it,” the operator is now a regulated reseller of consumer subscriptions, which is not what they incorporated to do. If the answer is “you absorb it,” you should know that before you wire your application to their endpoint. If the answer is “we have a workaround,” ask what the workaround costs when it stops working.

The honest answer is the one that survives: there is no provider contract that makes subscription pooling durable, so don’t build on top of one. Use first-party keys, document your harness assumptions, and keep your routing policy somewhere the provider cannot take it from you.


CTA: If you’re evaluating routers right now, ask the hard question first: who pays when the provider changes the rules? See pricing for the local-first alternative, or the activation guide to see the full buyer flow.

Sources and references (as of 2026-07): product launch announcements and Product Hunt submissions for cc-router (May 2026), claude-code-llm-router (early 2026), involvex-claude-router (June 2026), Flow Router / flowork (July 2026), Golden Router / G-ROUTER (June 2026), and playground.chat (April 2026); GitHub repositories and READMEs for the llm-router family of forks; pricing pages and Discord announcements where public; cross-references to prior Router Graveyard posts on the April 4 Anthropic ban, OpenRouter $1.3B, the Portkey/PANW acquisition, the 2023-2024 first-wave graveyard, and the RoutePlane ToS-Risk tier system in the daemon. Specific funding figures, account counts, and post-launch operational metrics for the listed products are not referenced where public confirmation is incomplete. Names that appear in private Discords or paywalled newsletters but did not produce public launch artifacts are omitted by design.