Recent findings have revealed that xAI’s Grok Build, a command-line interface (CLI) tool designed to assist developers by integrating artificial intelligence into coding tasks, has been uploading entire Git repositories—including full commit histories—to xAI’s Google Cloud Storage, rather than limiting uploads to the specific files required for a given task.
A researcher operating under the pseudonym ‘cereblab’ conducted tests on Grok Build version 0.2.93 and discovered that the tool transmitted complete Git repositories to a storage bucket managed by xAI. This behavior was observed even when the AI model did not access or read the majority of the files within the repository. For instance, in one test involving a 12 GB repository, the model’s interaction with the files amounted to approximately 192 KB of data, while the storage channel transmitted about 5.10 GiB—indicating a significant discrepancy between the data utilized by the model and the data uploaded.
The uploads were segmented into 73 chunks, each approximately 75 MB in size, all of which received HTTP 200 responses, confirming successful transmission. The destination bucket, identified as ‘grok-code-session-traces,’ was explicitly named within the binary and associated metadata files, indicating a deliberate design choice rather than an inadvertent data leak.
Further analysis revealed that Grok Build also transmitted sensitive information without redaction. When the tool accessed a file containing environment variables (e.g., ‘.env’), it uploaded the file’s contents, including sensitive data such as API keys and database passwords, to the storage bucket. This occurred regardless of whether the ‘Improve the model’ setting was enabled or disabled, suggesting that user-configurable settings did not influence this data transmission behavior.
In response to these findings, xAI appears to have taken corrective action. As of July 13, the same version of Grok Build ceased making storage requests, and server responses indicated that codebase uploads had been disabled. This change suggests that xAI has acknowledged the issue and implemented measures to prevent unauthorized data transmission.
While xAI’s prompt response is commendable, this incident underscores the importance of transparency and user control in AI-assisted development tools. Developers must be assured that their proprietary code and sensitive information remain secure and are not transmitted without explicit consent. As AI continues to integrate into development workflows, maintaining robust privacy and security practices will be essential to foster trust and ensure the responsible use of these technologies.