SpaceXAI's coding tool, Grok Build, was discovered to be uploading users' entire codebases to Google Cloud. The firm quickly shut it down after reports that the software captured more than intended, including secret files.
Elon Musk has promised all previously sent data will be deleted, but privacy concerns remain. Users are being asked to consent to data retention, purportedly for debugging but possibly compromising their security.
Dr Lukasz Olejnik from King’s College London noted the volume of retained information is “excessive,” potentially putting proprietary code and credentials at risk if mishandled.
In an initial response, SpaceXAI suggested users could toggle data retention with a command. However, critics point out this just switches off new uploads rather than deleting old ones, leaving a trail of data behind.
The incident highlights the fine line between leveraging user data for improvement and safeguarding privacy in the AI age. Will trust be rebuilt, or is the genie now permanently out of the bottle?







