TheVortiq
Inteligencia Artificial

xAI's Grok Build Uploads Entire Code Repos to Cloud Without Permission

Elon Musk's AI coding tool sent complete repositories to Google Cloud, including secrets and excluded files, until researchers reported it.

July 15, 2026 · 5 min read

Cyber security concept shown on grunge-style background highlights the importance of digital protection.

TL;DR: Grok Build, xAI's AI tool, uploaded users' entire repositories to Google Cloud without consent, including excluded files and secrets. After the report, xAI disabled the feature. The case exposes privacy risks in AI coding tools.

What Happened?

Last Monday, July 14, 2026, security lab Cereblab published an explosive report demonstrating that the command-line interface (CLI) of Grok Build, the AI coding tool from xAI (Elon Musk's company), was packaging and uploading complete code repositories to Google Cloud, including files users had explicitly excluded and secrets removed from Git history. According to The Register, the tool retained significantly more data than similar tools like Anthropic's Claude Code. The Cereblab report details that Grok Build uploaded not only active source code but also configuration files, API keys, access tokens, environment variables, and .git files with full history, including secrets developers had removed using commands like git filter-branch or BFG Repo-Cleaner, but which remained accessible in Git history.

After the public disclosure, Elon Musk responded on X (formerly Twitter) claiming the issue had already been fixed. Indeed, Cereblab's tests showed that xAI's servers began returning a disable_codebase_upload: true flag, and code uploads stopped. However, Musk offered no details on how long the leak was active, how many users were affected, or whether uploaded data was deleted from Google Cloud servers. The Verge confirmed that, as of Monday, Cereblab's tests showed the upload had been disabled, but xAI's lack of transparency has sparked a wave of criticism in the developer community.

Why Is This Important?

This incident is serious for several reasons that go beyond a mere technical error:

  • Privacy and Security: Uploading entire repositories, including secrets and excluded files, exposes credentials, API keys, internal configurations, and intellectual property. Any breach in Google Cloud, whether from an external attack or an internal xAI error, could compromise thousands of developers and companies. Recall that in 2023, a similar incident with Amazon's CodeWhisperer tool exposed customer data, albeit on a smaller scale. Here, the risk is greater because Grok Build uploaded the entire repository, not just code snippets.
  • Trust in AI Tools: Tools like Grok Build are marketed as productivity boosters, but this case shows the hidden cost can be loss of control over source code. Transparency about what data is collected and how it is stored is crucial. Unlike GitHub Copilot, which was sued for copyright infringement by training on public code (a lawsuit still in court), Grok Build goes a step further: it not only uses code for training but uploads the entire repository to the provider's cloud, posing an additional risk of leakage or misuse. Moreover, the fact that the upload included files users had explicitly excluded (such as .env directories or .gitignore) suggests negligent or intentional design.
  • Comparison with Other Cases: This is not the first time an AI coding tool has sparked controversy. In 2024, OpenAI's coding tool Codex was criticized for storing code snippets on its servers without explicit user consent. However, Grok Build surpasses these incidents in severity because the upload was complete and not selective. It also echoes the case of the VS Code extension "Tabnine," which in 2023 was accused of sending code to its servers without permission, though Tabnine quickly fixed the issue and published a detailed report—something xAI has yet to do.

Consequences and Next Steps

For now, xAI has disabled the upload feature, but questions remain unanswered: what data was uploaded exactly? How long was it stored? Was it used to train models? Was it shared with third parties? The company has not provided a detailed explanation, and Elon Musk limited himself to a vague tweet. This contrasts with Anthropic's response when a similar issue was discovered in Claude Code in 2025: the company published a full forensic analysis and offered an audit tool for users to verify what data had been sent.

For developers and companies using Grok Build, the recommendation is to review activity logs and consider whether sensitive information has been exposed. In the future, they should opt for tools that offer clear guarantees of local (on-device) processing or allow auditing of code sent. Companies like Sourcegraph (with Cody) already offer fully offline modes, while tools like GitHub Copilot allow disabling telemetry. This incident should push regulators to demand greater transparency in AI tools, especially those handling source code, which is the most valuable asset of many startups and tech companies. The European Union, with its AI Act, could use this case as an example to tighten transparency and consent requirements for coding tools.

What Should Readers Know?

If you use Grok Build or any similar tool, assume your code could be uploaded to the cloud unless you have an explicit guarantee otherwise. Review privacy policies, disable telemetry features when possible, and consider isolated environments for sensitive projects. Tools like mitmproxy or Wireshark can help you monitor network traffic from these tools to detect unauthorized uploads. Additionally, it is advisable to use local repositories with version control and avoid storing secrets in code, using secret managers like HashiCorp Vault or AWS Secrets Manager. The security community is already developing patches and scripts to audit Grok Build's behavior, such as the open-source project "GrokWatch" on GitHub.

"Trust in AI tools is built on transparency. This case is a reminder that code is not just text: it is intellectual property, trade secrets, and sometimes the foundation of an entire business."

In summary, the Grok Build incident underscores the need for developers to adopt a "zero trust" stance toward AI tools, and for companies to prioritize privacy and security by design, not as an afterthought. The ball is now in xAI's court: if it does not provide a full explanation and corrective measures, it could face a massive loss of trust and potential class-action lawsuits.

Keep reading