THE article discusses a significant privacy issue with Grok Build, a tool used by developers that was found to upload entire local repositories to cloud storage without explicit permission. Security researcher @Cereblab revealed that this behavior compromised sensitive information, leading to developer concerns. SpaceXAI, the company behind Grok Build, advised users to activate a '/privacy' command to stop data sharing, but this command does not prevent repository uploads.
The true control mechanism for uploads is managed by an HTTP request header, which Grok Build has since disabled on the server side. The article concludes that the real solution requires removing the header control entirely, as relying solely on the '/privacy' command misleads users regarding their data security.