AI Tools & Products

SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

· July 14, 2026
SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

What happened

SpaceXAI’s Grok Build AI coding tool was found uploading users’ entire code repositories to Google Cloud, including files it was explicitly instructed to ignore and even deleted secrets from version history. The company disabled this functionality after Cereblab highlighted the extensive data collection on Monday. This behavior contrasts with other coding assistants like Anthropic’s Claude Code, which retain significantly less data.

The risk

Uploading complete codebases, including sensitive files and deleted secrets, exposes users to serious privacy and security risks. Developers often work with proprietary code and confidential information. When that data leaves local environments without clear consent or controls, it increases the chance of leaks and unauthorized access. The practice of preserving deleted secrets compounds the risk, potentially exposing credentials or internal keys thought removed.

Why it matters

This incident pressures AI tool providers to be transparent and strict about data collection boundaries, especially in developer-focused products handling sensitive source code. For teams and enterprises using AI coding assistants, trust in data handling is vital. Grok’s actions erode trust and raise costs in managing compliance and security. It also sets a warning for users to thoroughly vet AI tools’ data policies before adoption and continuously monitor what code or data gets uploaded.

Who should pay attention

Developers, DevOps teams, and security officers should take note. Builders relying on AI assistants for coding need to understand the data flows and by default switch off any tools that upload entire repositories. Enterprise CIOs and legal teams must reassess vendor privacy practices in AI coding tools to avoid breaches and regulatory issues. Investors and operators in AI developer tools will watch for backlash and tighten regulatory scrutiny.

What to watch next

Watch for SpaceXAI’s response in fixing or clarifying Grok’s data handling policies and controls. Other AI code assistant providers may come under pressure to audit and clearly limit what data their tools access or upload. Expect security audits on similar developer tools to become more routine. Regulators might step in with new rules governing AI assistants processing sensitive intellectual property or secrets.

AI Quick Briefs Editorial Desk

Stay ahead of AI Get the most important AI news delivered to your inbox — free.