Grok Was Caught Uploading Your Entire Codebase

xAI's Grok CLI was caught uploading entire git repositories, full history and .env secrets included, even when told not to open a single file. We break down the wire-level analysis that exposed it, how Claude Code, Codex, and Gemini handle the same test, and why the "improve the model" opt-out did nothing. EDIT: Since making this video xAI has responded further and made the Grok CLI opensource: https://x.com/SpaceXAI/status/2077494... 🔗 Relevant Links Security Research: https://cereblab.com/ ❤️ More about us Radically better observability stack: https://betterstack.com/ Written tutorials: https://betterstack.com/community/ Example projects: https://github.com/BetterStackHQ 📱 Socials Twitter:   / betterstackhq   Instagram:   / betterstackhq   TikTok:   / betterstack   LinkedIn:   / betterstack   📌 Chapters: 0:00 - Intro 0:29 - The Viral Tweet 0:52 - The Wire-Level Analysis 1:37 - How Other Tools Compare 1:55 - xAI's Response 3:07 - The Upload Code Is Still There 3:26 - What /privacy Actually Does 4:17 - Check Your Logs & Protect Yourself 4:49 - Final Thoughts