Top stories
Grok Build CLI whole-repo upload disabled server-side without comment
- Category: Security
- Status: developing
- Sources: wire-level analysis (gist), HN 48877371, HN 48892468
- Summary: The researcher who wire-captured xAI's Grok Build CLI v0.2.93 uploading entire repositories and
.envsecrets to the Google Cloud Storage bucketgrok-code-session-tracesretested within 24 hours and reported the storage channel now sends nothing, with the server returningtrace_upload_enabled: falseanddisable_codebase_upload: true. The change is a server-side flip, not a client update, and xAI published no statement as of 2026-07-14. A separate account claimed the CLI uploaded an entire home directory rather than only the working repository, widening the reported scope. That claim is a single unverified account. - Comments: HN commenters note the fix is server-controlled, so older clients stay dependent on xAI keeping the flag off, and repeat that any user-run tool can read local files, recommending sandboxed execution for coding CLIs.
- Why it matters: A widely distributed coding CLI shipped whole-repository and secret upload on by default, and a silent server-side disable leaves the client behavior and the retention of already-uploaded data unaddressed.
- Follow-up: Watch for an xAI statement, a client patch, deletion of uploaded traces, and independent reproduction of the retest.