ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

SpaceXAI Grok Build uploaded users’ entire repositories to Google Cloud

Source headline: SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 1 day ago

Intelligence Summary

SpaceXAI’s Grok Build CLI was found packaging and uploading users’ full codebases to Google Cloud. The uploads could include files users intended not to share, along with sensitive data such as secrets that were removed from repository history. The behavior was identified before a public disclosure and prompted SpaceXAI to disable codebase uploads. Test results indicate the service now returns a flag to prevent further repository exfiltration. Developers using Grok Build should review what data was uploaded previously and rotate any exposed credentials.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#ai-development-tool #codebase-upload #data-retention #google-cloud #secrets-exposure
Original reporting The Verge SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage
Open original source