SpaceXAI Grok Build uploaded users’ entire repositories to Google Cloud
Source headline: SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage
Intelligence Summary
SpaceXAI’s Grok Build CLI was found packaging and uploading users’ full codebases to Google Cloud. The uploads could include files users intended not to share, along with sensitive data such as secrets that were removed from repository history. The behavior was identified before a public disclosure and prompted SpaceXAI to disable codebase uploads. Test results indicate the service now returns a flag to prevent further repository exfiltration. Developers using Grok Build should review what data was uploaded previously and rotate any exposed credentials.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.