Security researchers discovered that xAI's Grok CLI (version 0.2.93) automatically uploads entire Git repositories and sensitive files like .env to Google Cloud Storage, even when prompts instruct not to read specific files. Disabling the 'improve model' setting does not prevent the upload. This vulnerability exposes users' proprietary code, API keys, and credentials by default, posing a severe privacy and security risk. It undermines trust in AI-assisted coding tools and raises questions about data handling practices. The tool sends file contents via two channels: embedded in model conversation requests and as a git bundle file. In a test with a 12 GB repository, over 5 GiB of data was successfully uploaded without rejection. The opt-out toggle in settings had no effect on the upload behavior.
Background
Grok CLI is a command-line interface developed by xAI that leverages Grok models to assist developers with coding tasks. It can read the entire codebase to provide context-aware suggestions. A git bundle is a single-file archive of a Git repository. This design of automatically uploading the whole repository for context is common among AI coding assistants, but the lack of an effective opt-out mechanism here is problematic.