• Category: Security
  • Status: developing
  • Sources: wire-level analysis (gist), HN 48877371, HN 48892468
  • Summary: The researcher who wire-captured xAI's Grok Build CLI v0.2.93 uploading entire repositories and .env secrets to the Google Cloud Storage bucket grok-code-session-traces retested within 24 hours and reported the storage channel now sends nothing, with the server returning trace_upload_enabled: false and disable_codebase_upload: true. The change is a server-side flip, not a client update, and xAI published no statement as of 2026-07-14. A separate account claimed the CLI uploaded an entire home directory rather than only the working repository, widening the reported scope. That claim is a single unverified account.
  • Comments: HN commenters note the fix is server-controlled, so older clients stay dependent on xAI keeping the flag off, and repeat that any user-run tool can read local files, recommending sandboxed execution for coding CLIs.
  • Why it matters: A widely distributed coding CLI shipped whole-repository and secret upload on by default, and a silent server-side disable leaves the client behavior and the retention of already-uploaded data unaddressed.
  • Follow-up: Watch for an xAI statement, a client patch, deletion of uploaded traces, and independent reproduction of the retest.

Send feedback on this story