A security researcher discovered that the AI programming tool Grok Build breached its promise of being 'local-first.' Despite explicit user instructions, the tool privately uploaded the entire code repository containing decoy keys, as well as data from the computer's main directory. The toggle for 'helping improve the model' failed to prevent this data transmission. This incident sparked panic among developers, with many choosing to change their keys or uninstall the software. Initially, xAI quietly halted data uploads without any explanation. Subsequently, the official team acknowledged the issue and introduced privacy-related features. Ultimately, Musk personally ordered the complete deletion of all previously uploaded user data to ensure no remnants remained. However, developers still harbor doubts about the data security of AI programming tools.
