Grok Build uploaded entire codebases to cloud storage before SpaceXAI turned it off

Reviewed byNidhi Govil

7 Sources

Share

SpaceXAI's Grok Build AI coding tool was discovered uploading users' entire code repositories to Google Cloud storage, including deleted secrets and files it was instructed not to access. Security researchers found the tool transmitted 27,800 times more data than needed. Elon Musk promised complete deletion of all uploaded data, and SpaceXAI subsequently open sourced the tool to rebuild trust.

SpaceXAI's Grok Build Caught Uploading Entire Codebase to Cloud Storage

SpaceXAI's Grok Build AI coding tool was discovered uploading user repositories far beyond what was necessary to complete coding tasks, raising serious data privacy concerns among developers. Security researchers at Cereblab published findings on July 12 showing the command-line interface was packaging and uploading entire code repositories as Git bundles to Google Cloud storage, including files it was explicitly told not to open and committed secrets deleted from history months prior. In one test, Grok Build uploaded 5.1 gigabytes of data even though the coding task required just 192 kilobytes—approximately 26,000 times more data than needed

5

. The wire-level analysis directly contradicted xAI's marketing claims that "nothing from your codebase transmitted to xAI servers during a session"

4

.

Excessive Data Retention Raises Security Alarms

Source: Axios

Source: Axios

The scale of data retention was significantly more invasive than similar AI coding tools like Claude Code, which only open individual files rather than entire repos before uploading them. Dr. Lukasz Olejnik, an independent security researcher at King's College London, confirmed to The Verge that this amount of data retention is "excessive," adding that the sensitive data potentially at risk could include "proprietary source code, information about security vulnerabilities, personal data, infrastructure details, [and] credentials"

1

. Cereblab's tests showed that even when instructed with a benign prompt to simply reply with "OK" and specifically ordered not to open any files, Grok Build uploaded the entire repo regardless, along with its full Git history

3

. Other users reported similar results, including one whose entire user directory containing SSH keys, password manager databases, and API keys was opened and uploaded without user consent.

Elon Musk Promises Complete Data Deletion

Source: Digit

Source: Digit

After Cereblab's report attracted widespread attention, Elon Musk responded to the incident in a post on X, promising that all data Grok Build previously uploaded will be "completely and utterly deleted." As of Monday, researchers confirmed that SpaceXAI's servers were returning a "disable_codebase_upload: true" flag, and the backend change stopped the codebase upload from firing

1

. SpaceXAI initially tried to reassure users by stating that zero data retention (ZDR) was respected for enterprise customers and that the /privacy command could disable data retention. However, Cereblab pointed out that "/privacy is a per-session retention toggle, not the switch that fixed this, so it shouldn't be pointed to as the control"

1

. The researcher emphasized that "no developer should have to run an opt-out after every session to keep their own code off someone else's servers. The right default is off"

3

.

SpaceXAI Open Sources Grok Build to Rebuild Trust

As part of promises to restore confidence, Musk said SpaceXAI would open source Grok Build after the codebase was audited for security vulnerabilities. On Wednesday, that promise was fulfilled with the entire project published on GitHub as a single commit with no pull requests or git history

2

. According to Simon Willison, creator of Datasette and co-creator of Django, the Grok Build codebase comprises 844,530 lines of Rust code, and while the code responsible for sending repos to the cloud remains, it appears altered to reverse the behavior

2

. SpaceXAI acknowledged that data retention was enabled by default for non-enterprise users in the early beta, which has now been corrected. The company stated: "With all retained data deleted, retention default off, and an open-source harness, we are offering complete user privacy"

2

.

Implications for Developer Trust and AI Tool Security

Source: The Register

Source: The Register

The incident poses significant implications for developers whose Git repositories contained API keys, cloud credentials, or database passwords. These users may need to rotate those credentials, since deleting the uploaded data doesn't eliminate the risk that proprietary code was exposed

5

. It remains unclear how many SpaceXAI users were affected, which versions of Grok Build uploaded repositories, how long the data was stored, whether it was ever accessed, and how customers can independently verify deletion

5

. SpaceXAI invited security researchers to probe Grok Build for security issues and report them to its bug bounty program, which offers rewards ranging from $100-$20,000 depending on severity

2

. The privacy breach is particularly damaging for a product positioned to win enterprise developer trust, launched alongside Grok 4.5 as xAI's answer to Claude Code and Cursor

4

. Grok has a history of privacy issues, including training on X user data without consent in what regulators called a "very likely" breach of EU law, with a quarter of European firms having banned Grok entirely in favor of alternatives with better security controls

4

.

Today's Top Stories

© 2026 TheOutpost.AI All rights reserved