> > It sounds like some of these companies call the OpenAI or Anthropic APIs directly from their frontend.

> Which would be a major security hole.

An officially supported security hole

https://platform.openai.com/docs/api-reference/realtime-sess...