A wire-level analysis released on July 12 revealed that xAI’s Grok Build, marketed as a secure AI coding assistant, was silently sending developers’ entire Git repositories to a Google Cloud Storage bucket. The researcher, who posts under the name cereblab, captured traffic from version 0.2.93 of the CLI, cloned the transmitted git bundle and recovered a file the AI had been explicitly instructed not to open. The data dump included full commit history, embedded API keys and other credentials—information that the tool promised would never leave a user’s system.

The volume of data transferred was staggering. According to the analysis, the upload size was roughly 27,800 times larger than the code actually required for the AI coding task. The privacy toggle that xAI advertised as a safeguard against data transmission did nothing, a finding echoed by multiple independent reports. This breach adds to a growing list of privacy concerns surrounding Grok, which has previously been accused of training on X user data without consent—a practice regulators described as a "very likely" violation of EU law.

In response, Elon Musk acknowledged the issue publicly. He said SpaceXAI would delete all prior Grok Build user data and highlighted a newly documented "zero data retention" policy, along with a newly added /privacy endpoint. A follow‑up test by the same client showed a server‑side flag that appeared to disable the uploads, but no third‑party audit has yet confirmed that the data has been fully purged.

The timing of the breach is especially damaging. Grok Build launched alongside Grok 4.5 as xAI’s answer to competing AI coding assistants such as Claude Code and Cursor, positioning the product to win the trust of enterprise developers. A quarter of European firms have already banned Grok entirely in favor of alternatives that offer stronger security controls.

While xAI has taken steps to address the immediate fallout, the incident raises broader questions about the security of AI‑driven developer tools. Companies that rely on such assistants now face the prospect that sensitive code and credentials could be exposed without explicit user consent. Until an independent audit validates the claimed deletions, the breach will likely fuel ongoing skepticism among developers and regulators alike.

Questo articolo è stato scritto con l'assistenza dell'IA.
News Factory APP - notizie agentiche per potenziare il tuo SEO e AEO.