llm-kb
← Back to news
Incident

Grok Build CLI uploads entire repo as git bundle to xAI's Google Cloud, ignores privacy toggle

A user discovered that Grok Build CLI v0.2.93 uploads the entire repository history as a git bundle to xAI's Google Cloud, regardless of which files are opened. The 'Improve the model' toggle does not prevent this upload. Sensitive files like .env are also sent to cli-chat-proxy.grok.com.

10 engagement·1 source·Sat, Jul 11, 2026, 02:34 AM
A Reddit user ran Grok Build CLI v0.2.93 through mitmproxy and found that it uploads the entire repo as a git bundle (full history) to xAI's Google Cloud, independent of what files are opened. Even with the prompt 'do not read or open any files,' a planted file was recovered verbatim when cloning the captured upload. Additionally, files it reads (including a .env with API_KEY/DB_PASSWORD) are sent to cli-chat-proxy.grok.com verbatim. The 'Improve the model' toggle does not stop this upload—it only governs training, not upload. The user provided full method and evidence including SHA-256s, repro commands, and the git bundle recovering the file.

Entities

Google Cloud(company)Grok Build CLI(tool)xAI(company)mitmproxy(tool)Google Cloud(concept)cli-chat-proxy.grok.com(tool)

Related

Tool ReleaseSat, Jul 11, 2026, 07:07 PM

agentsweep CLI scans AI coding agent history files for leaked secrets

A new open-source CLI tool called agentsweep scans history files of AI coding agents (Codex, Cursor, Claude Code, Cline, Aider) for plaintext secrets like API keys, DB URLs, and crypto seed phrases. It uses ~191 detection rules from gitleaks plus a dedicated BIP-39 seed phrase detector, addressing a security risk where pasted secrets persist in agent context and can be re-exposed.

1 engagement·1 source·reddit
ProductSun, Jul 12, 2026, 12:30 PM

Local-first CLI that masks PII and secrets before sending to LLMs

LocalMask is a command-line tool that runs locally to detect and mask personally identifiable information (PII) and secrets before data is sent to large language models. It solves the privacy and compliance problem for developers and organizations that need to use LLMs without exposing sensitive data.

2 engagement·1 source·hackernews
ProductSat, Jul 11, 2026, 10:33 PM

Git-aware AI debugger that checks out old commits to fix production bugs

A tool that makes AI coding assistants (like Cursor or Claude Code) automatically checkout the git commit corresponding to a production error before debugging, preventing the agent from analyzing current code that has shifted. It solves the problem of AI agents hallucinating fixes because they look at the present state of files while the bug existed in a past commit.

5 engagement·2 sources·reddit
ProductSat, Jul 11, 2026, 05:29 PM

Upload project folder to get optimized markdown for LLM context

A web tool that lets users upload an entire project folder and receive a single, clean, optimized markdown file ready to paste into Claude or Codex. It solves the problem of manually preparing context for LLMs by automatically consolidating and formatting code files. All processing is done client-side for privacy.

1 engagement·1 source·reddit
Tool ReleaseFri, Jul 10, 2026, 01:45 AM

MCP servers and Claude Code CLI updated with new features and fixes

On July 10, 2026, the Model Context Protocol (MCP) servers and Claude Code CLI received updates. The MCP servers release v2026.7.10 updated packages for filesystem, time, fetch, and git. Claude Code CLI v2.1.206 added directory path suggestions for /cd, a /doctor check for trimming CLAUDE.md files, and improved git push handling.

14 engagement·2 sources·github