Skip to content

SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

8.6 relevance
Score Breakdown
technical depth
8
novelty
9
actionability
9
community
8
strategic
8
personal
10

Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.

AI coding tool security incident uploading entire codebases; highly actionable and relevant to AI assistants.

AI/ML theverge.com
Vector illustration of the Grok logo.
Summary

SpaceXAI's Grok Build AI coding tool uploaded entire user codebases to Google Cloud, including sensitive files and deleted secrets, before being disabled after Cereblab's findings. The CLI's /privacy per-session toggle was misrepresented as the fix, while the real control was a server-side "disable_codebase_upload" flag. Musk pledged to delete all previously uploaded data, but the incident underscores excessive data retention risks in AI coding assistants.

Author

Stevie Bonifield

More from Stevie Bonifield →