Grok Build 0.2.93 Found Uploading Entire Git Repositories and Secrets
2026-07-13 09:45

Woofun AI reports that security researchers identified a critical data exfiltration issue in Grok Build CLI version 0.2.93. Packet capture analysis confirmed the xAI programming agent uploads the complete current Git repository to the cloud, encompassing all tracked files and the entire commit history, rather than limiting transmission to code actively read by the agent.

Tests demonstrated that even when instructed to ignore files, the tool reconstructed unopened decoy files from the upload package. In a trial with a 12GB repository, 5.5GB of data was transmitted before termination.

Furthermore, if the .env file is processed, embedded API keys and database passwords are sent verbatim in model requests and session logs. This full repository upload persists even after disabling the "Improve the model" feature, contradicting official documentation which claims only prompts and specific file contents are sent for inference.

Disclaimer: Views are the author's own and do not represent the platform. Do not reproduce without permission. Content is for reference only, not investment advice. Trade at your own risk.
Tags:
Grok Build
Grok Build CLI
Grok
xAI
Share:
back