NewsAI SecurityData ProtectionxAI

Grok Build: xAI's Coding Tool Transmitted User Data Without Redaction

Security researchers at Cereblab have proven that Elon Musk's AI coding assistant sent API keys, passwords, and entire Git repositories to xAI servers without redaction or filtering.

5.10 GiB unintentionally transmitted instead of 192 KiB needed

Grok Build: xAI's Coding Tool Transmitted User Data Without Redaction

The security firm Cereblab has uncovered a significant data protection vulnerability in Grok Build, the coding assistant from xAI (formerly SpaceX AI). Analysis of network traffic from Grok Build version 0.2.93 reveals: the tool transmitted API keys, database passwords, and authentication data unprocessed to xAI's servers – without masking or filtering them.

Key Facts

  • Grok Build uploaded entire Git repositories, including files the AI model never read
  • In a test with an 11.2 GiB repository, at least 5.10 GiB were transmitted, even though the model only needed 192 KiB for inference
  • API keys and passwords appeared without redaction in inference communications and session logs
  • Data was stored in a Google Cloud Storage bucket named 'grok-code-session-traces'

What Grok Build Actually Sends

Grok Build is an AI agent that analyzes source code and provides program descriptions and bug fixes. For cloud-based code assistants, it's technically standard to transmit portions of code to servers – this is necessary for operation. The problem arises when transmission occurs without proper controls.

Cereblab simulated real authentication data using tracking data and logged communications. The results are alarming: not only data that Grok actually analyzed was sent. The tool also uploaded a "Git bundle" – the complete Git repository including full commit history – even when users explicitly instructed: "Just say OK without reading the files."

The Data Volume Discrepancy

The numbers tell a clear story:

Metric Value
Test repository size 11.2 GiB
Data actually transmitted at least 5.10 GiB
Data needed for AI inference 192 KiB
Ratio: Transmitted to Needed ~26,500:1

This means: Grok sent a multiple of what the model needed for analysis. Particularly critical: even when users disabled the "Use for model improvement" setting, this did not stop repository uploads.

What This Means for You

If you've already used Grok Build, you should review your repositories. Did they contain API keys, access tokens, database passwords, or other credentials? If so: These must be revoked or regenerated immediately. The data may be stored in xAI's cloud infrastructure.

Those planning to use Grok Build in the future should implement security measures: prepare working repositories without sensitive data, remove credentials from Git management, and instead pass them as environment variables through secrets management services.

Implications: What This Means for Enterprise Users

For German companies evaluating AI coding tools, this vulnerability is an important warning signal. It demonstrates that the mere existence of a "privacy setting" does not guarantee that sensitive data won't be transmitted. Before selecting an AI assistant, decision-makers should clarify: What data is actually sent? Are there independent security audits? Where is data stored? Grok Build shows that even established providers – xAI is backed by Elon Musk – don't automatically meet data protection standards.

Sources

Editorially owned by Ideal Syka. Sources and method: Newsroom & method. Tips and corrections: ai@i6eal.de.

Share
← All articles

All analyses are based on i6eal's own measurements or on clearly labelled sources. Figures are snapshots and may change; corrections are disclosed transparently.