If you’ve been using xAI’s Grok Build CLI to help you write code, there’s a decent chance your private repository, its full commit history, and any secrets tucked into your .env files took an unplanned vacation to a Google Cloud Storage bucket you never agreed to.
A security researcher known as cereblab recently disclosed that Grok Build CLI version 0.2.93 was silently uploading complete local Git repositories to a GCS bucket called grok-code-session-traces, managed by xAI. The uploads included untracked files, full commit histories, and unredacted secrets. In one documented case, the tool transferred 5.1 GiB of data when roughly 192 KB would have been sufficient for the model to generate a response.
How the leak was discovered
Cereblab captured the rogue uploads using mitmproxy, a tool that intercepts and inspects network traffic between a client and server. The data was being sent through a /v1/storage endpoint, and the uploads happened even during sessions where users had explicitly told the model not to read their files.
A toggle within the CLI designed to let users opt out of their data being used to “improve the model” had zero effect on the upload behavior. The repos were being transferred regardless of that setting.
xAI’s response, and what’s still missing
xAI disabled the upload feature server-side and introduced a new configuration option called disable_codebase_upload within the CLI. As of July 13, 2026, xAI has not issued a formal public statement about the incident. There’s been no disclosure about the scope of affected users, no clarification on data retention policies for the material already uploaded, and no confirmation that previously collected repositories and secrets have been deleted from the grok-code-session-traces bucket.
The new disable_codebase_upload option also lacks detailed reporting functionality. Users can flip the switch, but they can’t easily audit what was previously sent or verify that the setting is working as intended.
What developers should do now
Developers using Grok Build or any similar tool should audit their network traffic immediately. Tools like mitmproxy, which cereblab used to catch this leak, are freely available. Rotating any secrets that may have been exposed, including API keys, database credentials, and authentication tokens, is not optional. It’s urgent.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

2 hours ago
17








English (US) ·