github.com via Hacker News

xAI Open-Sources Grok Build CLI in Rust, Resets User Limits

TL;DR

  • xAI published Grok Build under Apache 2.0 at xai-org/grok-build on July 15, 2026, a Rust terminal agent that now targets Grok 4.5.
  • The release follows a July 10 wire-level report that earlier CLI versions uploaded entire Git repos, including .env secrets, to a Google Cloud bucket.
  • Usage limits were reset for all users, and the repo notes external contributions are not being accepted per CONTRIBUTING.md.

The reason xAI's open-sourcing of Grok Build lands with weight is what happened five days earlier, not the release itself. On July 15, 2026, xAI published the source of its terminal coding agent as xai-org/grok-build under Apache 2.0, written almost entirely in Rust, and reset usage limits for every account. The drop lands about a week after Grok 4.5, the model the CLI now targets.

The backdrop is a wire-level report published on July 10 by a security researcher and covered by outlets including The Agent Report. The finding: earlier versions of the Grok Build CLI packaged the entire tracked Git repository, full commit history included, as a bundle and shipped it to a Google Cloud Storage bucket named grok-code-session-traces. On a 12 GB test repository the live model-turn channel moved roughly 192 KB while a parallel storage channel moved about 5.10 gigabytes across 73 chunks. The 'Improve the model' privacy toggle, per the report, controlled training consent but not the transmission itself, with /v1/settings continuing to return trace_upload_enabled: true even after users flipped it off.

Open-sourcing the harness is xAI's structural answer. Project lead Andrew Milich, quoted by CryptoBriefing, framed the release as letting developers 'audit exactly what the tool does, modify it for their workflows, and verify that no data leaves their machine.' Elon Musk added that 'zero anything whatsoever will remain' of the previously uploaded data. The repository is also explicit that external contributions are not being accepted, so audit-and-fork is possible, upstream-fix is not.

The honest caveat is that a released source tree changes future risk, not past exposure. Anyone who ran the CLI before July 13, 2026 on a repo containing API keys, database passwords, cloud tokens or webhook secrets in tracked files or Git history should treat those credentials as potentially transmitted and rotate them. The reporting also does not say whether Grok 4.5 inference itself can run outside xAI infrastructure, which is what would actually make the 'no data leaves your machine' pitch complete. What the release does earn is a template: when an AI tooling vendor tells you a toggle disables data collection, there is now a public standard for what proving that looks like.