Elon Musk has pledged that X’s codebase will be made open source days after it was discovered that the platform’s Grok coding tool transmits files it interacts with “verbatim and unredacted.”
The billionaire SpaceXAI owner said the move would be made once the firm has completed a review for security vulnerabilities, with third parties encouraged to examine the system, adding: “Trust through total transparency is the only thing that should be believed.”
The move came after independent AI safety checker Cereblab uncovered that the Grok 4.5-powered Build coding agent was up entire Git repositories and commit histories to a Google Cloud Storage bucket run by xAI.
An exposé posted on GitHub reveals that Grok would bundle files and all “independent of what the agent reads.” The coding tool even did this for files users explicitly told it not to open, with the feature found to be active by default.
The flaw doesn’t mean xAI is using wholly scraped information to train and improve its flagship model.
SpaceXAI said in a statement that it “care[s] deeply” about privacy and respects customer choice, and a later post confirmed that data retention has since been switched off by default, with all retained data deleted.
"With all retained data deleted, retention default off, and an open-source harness, we are offering complete user privacy,” the post on social-media platform X reads. “You can also run Grok Build fully open-source and local-first with your own inference.”
SpaceXAI has also launched a bug bounty program, offering developers between $100 and $20,000 in rewards for reporting security vulnerabilities.