Grok CLI uploaded the whole home directory to GCS
Summary
A user reports that the Grok CLI tool uploaded their entire home directory, including SSH keys and password databases, to xAI's servers, raising serious privacy and security concerns.
View Cached Full Text
Cached at: 07/13/26, 01:52 PM
@XBToshi Okay, grok has uploaded my entire user directory to xAI’s servers. It contains my SSH keys, my password manager database, my documents, photos, videos, everything… https://t.co/s8eSs9DGzF
Similar Articles
Grok uploaded my user directory to xAI's servers
A user claims that Grok, an AI model from xAI, uploaded their entire user directory containing SSH keys, password database, documents, and media to xAI's servers, raising serious privacy concerns.
Grok Build CLI uploads your whole repo — full git history + .env secrets — to xAI's cloud, and the opt-out doesn't stop it (wire-captured)
A security analysis reveals that the Grok Build CLI tool uploads entire repositories, including full git history and .env secrets, to xAI's cloud, and the provided opt-out mechanism does not actually prevent this behavior.
@TheAhmadOsman: "xAI's Grok Build CLI was uploading entire Git repositories to a Google Cloud bucket" Yet another reason to move to Ope…
xAI's Grok Build CLI was found to be uploading entire Git repositories to a Google Cloud bucket, including private code and secrets, without proper disclosure or acknowledgment.
SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage
SpaceXAI's Grok Build AI coding tool was found uploading users' entire codebases to cloud storage, including files it was told to ignore and deleted secrets. The company has disabled the feature and promises to delete uploaded data.
xai-org/grok-build, now open source
xAI faced backlash after its Grok CLI tool was found to upload entire directories to its servers. In response, xAI deleted retained data, disabled default data retention, and open-sourced the entire Grok Build codebase under Apache 2.0 to regain user trust.