xAI Grok Build CLI whole-repository/secrets exfiltration (July 2026)
incident · incident:xai-grok-build-cli-repo-exfiltration-2026-07
Researcher Cereblab's wire-level analysis found xAI's Grok Build CLI silently bundled and uploaded developers' entire Git repositories (full history plus secrets) to a SpaceXAI-controlled Google Cloud Storage bucket regardless of the prompt; xAI applied a silent server-side fix (disable_codebase_upload) on 2026-07-13 with no advisory and Musk pledged deletion of previously uploaded data (The Register, 2026-07-14).
Aliases: Grok Build data leak, Grok Build CLI upload incident
Story timeline
No published entries reference this entity yet.
Entries about xAI Grok Build CLI whole-repository/secrets exfiltration (July 2026)
No published entry references this entity yet · entries match by registry key, by the entity's name or a public alias appearing in the entry title or body, or (for CVE entities) by exact CVE id.