TheVortiq
Inteligencia Artificial

xAI's Grok Build leaks complete Git repositories with secrets

A packet-level analysis reveals the CLI tool sends 27,800 times more data to the cloud than necessary, including API keys and passwords.

July 17, 2026 · 4 min read

red and black love lock

TL;DR: Grok Build, xAI's CLI, uploads entire Git repositories to the cloud, including secrets and API keys. The volume is 27,800 times greater than necessary. Developers should rotate credentials immediately.

What happened?

On July 12, 2026, a security researcher published a wire-level analysis demonstrating that Grok Build, xAI's command-line interface (CLI) for AI-assisted coding, was packaging developers' entire Git repositories — including full version history, committed secrets, and API keys — and sending them to a Google Cloud Storage bucket. According to the researcher, the uploaded data volume was approximately 27,800 times larger than the amount of data needed for the actual coding task requested. The finding was initially reported by The Next Web, which confirmed the analysis methodology and contacted xAI for comment, though the company has not publicly responded as of now.

Why is this important?

This leak is critical for several reasons:

  • Exposure of secrets: Developers often accidentally include API keys, passwords, and tokens in their repositories. By sending the entire history, Grok Build exposes secrets that may have been removed in later versions but still exist in the Git history. A 2024 study by GitGuardian found that 10% of public repositories contain secrets in their history, making this type of exposure particularly dangerous.
  • Intellectual property: The full source code, including business logic, proprietary algorithms, and sensitive data, is sent to external servers without the developer's explicit consent. This could violate confidentiality agreements and expose trade secrets.
  • Data volume: The 27,800:1 ratio suggests this is not a minor bug but either an intentional design choice or a serious implementation flaw. To put it in perspective, if a typical coding task requires 10 KB of context, Grok Build would be uploading 278 MB of repository data.
  • Trust in AI tools: This incident undermines trust in AI-assisted coding tools, especially those that operate in the cloud and handle sensitive data. According to a 2025 Stack Overflow survey, 42% of developers already expressed concerns about code privacy in AI tools.

Immediate and long-term consequences

Consequences include:

  • For xAI: Loss of credibility, potential lawsuits for data breaches and leakage of client trade secrets. It could face regulatory investigations if found to have violated data protection laws like GDPR or CCPA. In 2025, the French CNIL fined an AI company €10 million for unauthorized data transfers, setting a precedent.
  • For developers and companies: Risk that their secrets and source code are exposed or used without authorization. Companies using Grok Build should immediately audit what information has been sent and rotate all compromised credentials. The SANS Institute recommends assuming all secrets in the repository are compromised and rotating them immediately.
  • For the industry: This incident could accelerate the adoption of on-premise AI tools or those that guarantee data does not leave the developer's environment. It could also spur the creation of security standards for AI tools in software development, such as the OWASP initiative for LLMs.

What should readers know?

Developers who have used Grok Build should assume their entire repositories, including secrets, have been sent to xAI. It is crucial to:

  • Immediately rotate all API keys, passwords, and tokens that have ever been in the repository.
  • Review the Git history to identify secrets that may have been exposed. Tools like git-secrets and truffleHog can help scan the history.
  • Consider using secret scanning tools before using any AI tool in the future.
  • Evaluate alternatives to Grok Build that offer privacy guarantees, such as GitHub Copilot with local mode (released in 2024) or tools like Tabnine that offer on-premise deployment.

“This incident shows that the convenience of AI tools should not come at the expense of security. Developers must be aware that every line of code they send to the cloud could be exposed.” — Security analyst quoted by The Next Web.

Historical context

This is not the first time an AI coding tool has leaked data. In 2023, a University of Illinois study revealed that GitHub Copilot could generate code containing leaked credentials in 8% of cases. In 2024, Amazon CodeWhisperer was criticized for sending code snippets to AWS without encryption in transit, though Amazon quickly fixed the issue. However, the scale of this leak — with a data upload-to-needed ratio of 27,800:1 — is unprecedented. This case underscores the need for transparency and auditing in AI tools that process sensitive data. It also recalls the 2021 controversy around the 'GitHub Copilot' extension for using licensed code, but the difference here is the direct exposure of user data without their knowledge.

Keep reading