Grok Build was uploading entire Git repositories to xAI’s cloud, including committed secrets XAI's Grok Build coding CLI was found uploading entire Git repositories, including committed secrets and API keys, to a Google Cloud Storage bucket, with upload volume 27,800 times greater than needed. Security researcher cereblab published a wire-level analysis on July 12 proving the breach, contradicting xAI's claims that nothing from codebases was transmitted. Elon Musk confirmed the uploads and said prior user data would be deleted, but no independent audit has verified the deletion. A security researcher published a wire-level analysis on July 12 proving that xAI’s Grok Build coding CLI was packaging developers’ entire tracked repositories, including full Git history, committed secrets, and API keys, and sending them to a Google Cloud Storage bucket. The upload volume was roughly 27,800 times greater than the data the coding task actually required, according to the analysis. https://www.theverge.com/ai-artificial-intelligence/965600/spacexai-grok-build-repository-upload The researcher, publishing as cereblab, tested version 0.2.93 of Grok Build, intercepted the upload, cloned the git bundle from the captured request, and recovered a file the AI agent had been explicitly told not to open. xAI had marketed the tool with claims that “ nothing from your codebase transmitted to xAI servers during a session. ” The wire data directly contradicts this. The privacy toggle that was supposed to prevent data transmission did nothing, according to multiple reports. Grok has a history of privacy issues https://thenextweb.com/news/grok-chatbot-trains-on-x-user-data-in-very-likely-breach-of-eu-law , including training on X user data without consent in what regulators called a “ very likely ” breach of EU law. A quarter of European firms have banned Grok entirely in favour of alternatives with better security controls. Elon Musk confirmed the uploads and said SpaceXAI would delete all prior Grok Build user data. The company documented a “ zero data retention ” policy and added a /privacy endpoint. A same-client retest observed a server-side flag disabling the uploads. However, no independent audit has confirmed the deletion. Grok Build launched alongside Grok 4.5 https://thenextweb.com/news/spacexai-grok-4-5-cursor-opus-class-coding-model as xAI’s answer to Claude Code and Cursor, making the privacy breach particularly damaging for a product positioned to win enterprise developer trust. Get the TNW newsletter Get the most important tech news in your inbox each week.