AIToday

SpaceXAI's Grok Build uploaded users' full codebases to cloud

The Verge AI1h ago
SpaceXAI's Grok Build uploaded users' full codebases to cloud

Key takeaway

SpaceXAI's Grok Build coding tool was automatically uploading users' complete code repositories—including files marked not to open and deleted secrets—to Google Cloud storage before the company shut off the feature after security researchers disclosed the issue on Monday. A security expert confirmed the data retention was excessive and could have exposed source code, security vulnerabilities, credentials, and other sensitive information; Elon Musk promised all previously uploaded data will be deleted, though the company's initial response mischaracterized the privacy controls available to users.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    SpaceXAI's Grok Build AI coding tool was uploading entire user codebases to Google Cloud, including files users instructed it not to open and deleted secrets, before the company disabled the feature after it was reported by Cereblab on Monday.

  • Why it matters

    The scale of data retention was significantly larger than similar tools like Claude Code, and could have exposed proprietary source code, security vulnerability information, personal data, infrastructure details, and credentials—according to security researcher Dr. Lukasz Olejnik at King's College London, the retention was "excessive."

  • What to watch

    Elon Musk said all previously uploaded data will be "completely and utterly deleted," though SpaceXAI initially defended the practice by pointing to a /privacy command that Cereblab noted does not actually control the codebase upload feature.

In Depth

On Monday, security researchers at Cereblab published findings detailing how SpaceXAI's Grok Build command-line interface (CLI) was collecting and uploading far more user data than comparable AI coding tools. The tool was packaging entire code repositories and sending them to Google Cloud storage. Critically, this included files that users had explicitly instructed the tool not to open, as well as secrets that had been deleted from Git history—indicating the tool was capturing data at a deeper level than developers would typically expect.

When the findings were published, SpaceXAI moved quickly to shut down the behavior. By Monday, the company's servers had begun returning a "disable_codebase_upload: true" flag, and the codebase upload function "no longer fires," according to Cereblab's testing. Elon Musk, SpaceXAI's leader, acknowledged the incident on X (formerly Twitter), stating that all data Grok Build had previously uploaded would be "completely and utterly deleted." In a follow-up post, Musk asked users to allow SpaceXAI to retain their data, describing it as "helpful for debugging issues," while asserting that "privacy settings are always respected."

However, the company's initial defense of the practice drew criticism. SpaceXAI's first response claimed that users could disable data retention via the /privacy command available in the CLI, which would also delete previously synced data. Cereblab immediately pushed back, noting that /privacy is only a per-session retention toggle—not the control that had fixed the underlying codebase upload issue. This discrepancy raised questions about either the design of SpaceXAI's privacy controls or the accuracy of the company's communication.

Dr. Lukasz Olejnik, an independent security researcher at King's College London, validated the concern by confirming to The Verge that this level of data retention was "excessive." He enumerated the types of sensitive information that could have been at risk: proprietary source code, information about security vulnerabilities, personal data, infrastructure details, and credentials. For developers and enterprises relying on the tool, the potential exposure of such information represented a serious compliance and security risk.

Context & Analysis

SpaceXAI's Grok Build became the subject of scrutiny when Cereblab, a research group, conducted testing and found the coding tool was engaging in far more aggressive data collection than users likely expected or consented to. The tool was not simply syncing limited session data or anonymized telemetry; it was capturing entire codebases—the complete set of source files a developer works on—and transmitting them to Google Cloud storage. Notably, this behavior persisted even for files developers explicitly instructed the tool not to access, and even for secrets that had been deleted from version history, suggesting the tool was capturing data at a low level of the file system without respecting user intent or best practices around credential handling.

The incident highlights a gap between SpaceXAI's stated privacy posture and its actual behavior. When initially confronted, the company pointed to a /privacy command as the mechanism for disabling data retention. However, Cereblab's analysis revealed that /privacy only toggles per-session retention—it does not control the codebase upload feature that had been activated by default. This discrepancy suggests either poor design or misleading communication about where users could actually control their data. Dr. Lukasz Olejnik's assessment that the retention was "excessive" carries weight given his role as an independent security researcher, and his catalog of potential exposures—from proprietary source code to infrastructure details—underscores the business and operational risk posed by this behavior.

FAQ

How much data was SpaceXAI uploading from Grok Build?
Grok Build was packaging and uploading entire code repositories, including files it was told not to open and secrets deleted from history. This was significantly more data retention than similar tools like Claude Code.
When was this issue discovered and fixed?
Cereblab published findings on Monday showing the upload behavior. As of Monday, SpaceXAI's servers returned a "disable_codebase_upload: true" flag and the codebase upload "no longer fires."
What types of sensitive information could have been at risk?
According to Dr. Lukasz Olejnik, an independent security researcher at King's College London, the data potentially at risk could include proprietary source code, information about security vulnerabilities, personal data, infrastructure details, and credentials.

Discussion

No comments yet. Be the first to share your thoughts!

Log in to join the discussion

Related Articles

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →