Grok Build, xAI's command-line coding assistant, stopped uploading users' entire Git repositories after an independent security researcher disclosed the behavior, raising concerns about how the coding assistant handles private source code.
AI safety researcher Cereblab reported that Grok Build version 0.2.93 was sending complete Git repositories, including commit history and, in some cases, sensitive information, to a Google Cloud Storage bucket instead of transferring only the files needed for coding tasks.
According to the researcher, the behavior continued even when Grok Build was instructed not to read any files. In one test, the tool was told to simply reply "OK," yet it still uploaded the full repository and its Git history. Similar tests reportedly produced the same results on separate repositories.
Cereblab also found that when Grok Build read files, their contents, including unredacted .env files containing test API keys and database passwords, were transmitted and stored without redaction. However, the researcher said the investigation found evidence of data transmission and storage, not that xAI trained its AI models on the uploaded code or that employees accessed it.
The use of a Google Cloud Storage bucket identifies the hosting infrastructure; the report does not allege that Google accessed or used the repositories.
xAI rolls out server-side change
Following public disclosure, xAI changed Grok Build's behavior through a server-side configuration rather than a software update.
Cereblab said repeated tests showed the service now returns a disable_codebase_upload: true setting, preventing large repository uploads. Other developers reportedly observed the same change. The company addressed the issue through posts on X.
SpaceXAI said, "We care deeply about your privacy and respect customer choice." The company added, "For teams using zero data retention, no trace and code data is ever retained." It also advised users without Zero Data Retention enabled to use the /privacy command to disable retention and delete previously synchronized data.
However, Cereblab argued the privacy command was not responsible for fixing the problem, writing: "/privacy is a per-session retention toggle, not the switch that fixed this, so it shouldn't be pointed to as the control. And no developer should have to run an opt-out after every session to keep their own code off someone else's servers. The right default is off," according to The Register.
Musk promises data deletion
Elon Musk also responded publicly after the findings gained attention.
"As a precautionary measure, all user data that was uploaded to SpaceXAI before now will be completely and utterly deleted," Musk wrote. "Zero anything whatsoever will remain."
In a separate post, Musk encouraged users to continue allowing some data collection, saying retaining limited information helps with debugging. Despite the promise, there has been no independent verification that previously uploaded data has been deleted.
Bigger questions for AI coding tools
The incident puts renewed focus on how AI coding assistants handle sensitive developer data. These tools require access to source code to generate useful responses, but the Grok Build findings suggest the amount of data collected can differ significantly between products.
For businesses evaluating AI coding assistants, the episode highlights the need to verify privacy controls rather than relying solely on marketing claims. Features such as data retention settings, enterprise safeguards, and independent security documentation may become more important factors in purchasing decisions as AI development tools continue to gain adoption.
While xAI acted quickly to halt the uploads and pledged to erase previously collected data, the company has not yet explained why full repositories were uploaded by default, how long the behavior existed, or how many users may have been affected.
Also read: Grok 4.5 enterprise pricing gives buyers a lower-cost coding and workflow option, but the trade-off is greater scrutiny over data controls and enterprise safeguards.


