Grok CLI Uploads Entire Repos, Secrets to Google Cloud

Get the Tech newsletter
Daily tech — startups, AI labs, chips, the launches that shape the next decade. Free.
- xAI's Grok Build CLI transmits the full contents of files it reads—including unredacted .env secrets—to xAI via POST /v1/responses and archives them in a session_state uploaded to Google Cloud Storage, with no redaction or user warning.
- Grok Build CLI uploads entire Git repositories, including never-read files and full git history, as a codebase snapshot to the grok-code-session-traces GCS bucket, verified by a 5.10 GiB upload from a 12 GB repo with zero storage failures.
- Google Cloud Storage hosts the grok-code-session-traces bucket where Grok's session data is stored, a mechanism embedded in the CLI binary but not disclosed in install or quickstart documentation.
- The CLI binary contains a first-party Rust crate (xai-data-collector) that enables file tracking and GCS uploads, with constants and source paths like 'gcs.rs' and 'storage.googleapis.com' hardcoded and observable via strings extraction.
- Disabling 'Improve the model' in settings does not stop trace uploads: /v1/settings returns trace_upload_enabled: true, confirming the data transmission persists even when users opt out of model improvement.
Why it matters: Developers using Grok risk exposing sensitive credentials and full codebases without consent, as uploads occur by default and cannot be fully disabled through settings, increasing data leakage risks for organizations relying on private repositories. The 27,800× data volume disparity between model interaction and storage confirms bulk collection is systemic, not incidental.



