# Grok Build Open-Sourced After Covert Upload: Code to Exfiltrate Repos Stays In

_Thursday, July 16, 2026 at 8:00 AM EDT · Security · Latest · Tier 2 — Notable_

![Grok Build Open-Sourced After Covert Upload: Code to Exfiltrate Repos Stays In — Primary](https://d.techtimes.com/en/full/462790/social-media-users-shocked-find-grok-answering-questions.jpg)

xAI open-sourced its Grok Build terminal coding agent on Wednesday under the Apache 2.0 license, releasing 844,530 lines of Rust to GitHub hours after the tool's covert full-repository upload behavior exposed developer SSH keys, credentials, and commit histories to the company's Google Cloud Storage infrastructure, the company announced. Security researchers have confirmed that the code capable of exfiltrating entire codebases remains present in the published binary, held off only by a server-side configuration flag that xAI can re-enable without pushing a software update. Any developer who ran Grok Build before July 13, 2026 in a directory containing a Git repository should treat every credential in their tracked files and commit history as potentially transmitted to xAI's servers. The crisis was documented by a security researcher publishing as cereblab, who routed Grok Build CLI version 0.2.93 through the open-source network interception proxy mitmproxy on July 12. The analysis revealed that every session triggered two simultaneous network channels, including a storage channel that uploaded 5.10 gigabytes of data as a Git bundle containing the repository's entire tracked contents plus its complete commit history. xAI had marketed Grok Build with the claim that nothing from a user's codebase was transmitted to its servers during a session. The wire captures directly contradict that claim. Disabling the "Improve the model" toggle did not stop the upload. When xAI responded on July 14, company staff directed affected users to run the /privacy CLI command, but cereblab said a silent global flag stopped the upload and that /privacy is a per-session retention toggle. Developers who examined the repository confirmed the upload infrastructure is present in the source code. The function upload_session_state() now returns a hard-coded error, meaning the pathway exists but is blocked at the function level. Security firm Hive Security characterized the server-side flag as a mitigation that matters but not a durable client-side security boundary.

## Sources

- [techtimes.com](https://www.techtimes.com/articles/320671/20260716/grok-build-open-sourced-after-covert-upload-code-exfiltrate-repos-stays.htm)

---
Canonical: https://techandbusiness.org/newswire/y1PGz9YaK2U8EH89Ii36xl
Retrieved: 2026-07-16T10:29:50.046Z
Publisher: Tech & Business (techandbusiness.org)
