securityonline.info 7/14/2026, 9:10:22 AM · external

Grok Build secretly uploads dev repos, privacy switch fails

Grok Build secretly uploads dev repos, privacy switch fails
CyberSIXT Evidence Panel
Primary Source x.com

THE article discusses a significant privacy issue with Grok Build, a tool used by developers that was found to upload entire local repositories to cloud storage without explicit permission. Security researcher @Cereblab revealed that this behavior compromised sensitive information, leading to developer concerns. SpaceXAI, the company behind Grok Build, advised users to activate a '/privacy' command to stop data sharing, but this command does not prevent repository uploads.

The true control mechanism for uploads is managed by an HTTP request header, which Grok Build has since disabled on the server side. The article concludes that the real solution requires removing the header control entirely, as relying solely on the '/privacy' command misleads users regarding their data security.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline