Skip to main content

SpaceXAI's Grok Uploaded Users' Full Codebases to Cloud

Elon Musk has pledged that all data previously uploaded by SpaceXAI's Grok Build AI coding tool will be "completely and utterly deleted," following re

1 min read2 views5 tags
Originally reported bytheverge

Elon Musk has pledged that all data previously uploaded by SpaceXAI's Grok Build AI coding tool will be "completely and utterly deleted," following revelations that the tool was uploading users' entire codebases to Google Cloud.

The incident came to light after Grok Build was observed transferring comprehensive code repositories, including files specifically excluded from its purview and sensitive secrets already removed from history. The Register, citing findings published by Cereblab on Monday, reported that this level of data retention significantly exceeded that of comparable tools like Claude Code. The company reportedly disabled the functionality after the issue was brought to attention.

Researchers confirmed that as of Monday, their tests indicated SpaceXAI's servers were returning a "disable_codebase_upload: true" flag, confirming that the codebase upload mechanism "no longer fires."

Responding to the situation on X, Musk assured users of the complete deletion of previously uploaded Grok Build data. In a separate post, he also stated that "privacy settings are always respected" but simultaneously requested users to permit SpaceXAI to retain their data, suggesting it is "helpful for debugging issues."

Dr. Lukasz Olejnik, an independent security researcher at King’s College London, corroborated to The Verge that this extent of data retention is "excessive." He highlighted the potential risks, which could encompass "proprietary source code, information about security vulnerabilities, personal data, infrastructure details, [and] credentials."

SpaceXAI's initial response via a post suggested that if zero data retention was disabled, the `/privacy` command within the CLI could be used to disable data retention and delete previously synced data. However, Cereblab countered this, clarifying that `/privacy` is merely a "per-session retention toggle" and not the fundamental fix implemented, thus it should not be presented as the primary control for the issue.

#AI News#SpaceXAI#Grok Build#Data privacy#Code upload
ES
Editorial StaffEditor

The Editorial Staff at AIChief is a team of professional content writers with extensive experience in AI and marketing. Founded in 2025, AIChief has quickly grown into the largest free AI resource hub in the industry.

View all posts
Reader feedback

What did you think of this story?

User Comments

Filter:
No comments yet. Be the first to comment!
Continue reading
View all news