Post by @a_green_being
Okay, grok has uploaded my entire user directory to xAI's servers. It contains my SSH keys, my password manager database, my documents, photos, videos, everything...
Thread
1. @XBToshi
the absolute state of ai dev tools. grok build is silently dumping 12gb of untouched repo data and full git commit histories to gcp just to autocomplete a script. they don't want to help you build, they are just treating local dev environments like an open buffet for training data. if you run this on a sensitive stack, your entire repo is already compromised regardless if it's public or not. literal spyware.
shipping source code to the cloud is bad enough. blindly inhaling .env.local and .dev.vars in a background sync is absolute negligence. they are vacuuming up your raw api keys, database credentials, and private nodes directly to gcp just to power an autocomplete model.
a massive credential breach disguised as a dev tool. if you ran this locally, your private keys are now sitting on a remote server. consider every secret burned, treat your bare metal as completely compromised, and rotate your entire stack immediately.
@elonmusk, your users deserve a serious explanation!
2. @XBToshi
anyone ever used Grok Build, please check your grok logs.
cat ~/.grok/logs/unified.json | grep repo_state.upload
you will be pissed.
3. @a_green_being
Okay, grok has uploaded my entire user directory to xAI's servers. It contains my SSH keys, my password manager database, my documents, photos, videos, everything...




