Grok Build CLI uploads your whole repo — full git history + .env secrets — to xAI's cloud, and the opt-out doesn't stop it (wire-captured)

Reddit r/LocalLLaMA News

Summary

A security analysis reveals that the Grok Build CLI tool uploads entire repositories, including full git history and .env secrets, to xAI's cloud, and the provided opt-out mechanism does not actually prevent this behavior.

No content available
Original Article

Similar Articles

Grok CLI uploaded the whole home directory to GCS

Hacker News Top

A user reports that the Grok CLI tool uploaded their entire home directory, including SSH keys and password databases, to xAI's servers, raising serious privacy and security concerns.

Grok uploaded my user directory to xAI's servers

Hacker News Top

A user claims that Grok, an AI model from xAI, uploaded their entire user directory containing SSH keys, password database, documents, and media to xAI's servers, raising serious privacy concerns.

xai-org/grok-build, now open source

Simon Willison's Blog

xAI faced backlash after its Grok CLI tool was found to upload entire directories to its servers. In response, xAI deleted retained data, disabled default data retention, and open-sourced the entire Grok Build codebase under Apache 2.0 to regain user trust.