News
xAI Open-Sources Grok Build Code Days After Repository Leak Scandal

xAI has published the source code for Grok Build, its terminal-based coding agent, on GitHub and enabled fully local operation. The move comes less than a week after it was revealed the tool was uploading entire code repositories to the company's servers without user consent.
Contents
xAI has publicly released the source code for Grok Build, its terminal-based coding agent, in the xai-org/grok-build repository on GitHub. The tool, which competes with Claude Code and Codex, has been under fire for several days after an independent researcher showed it was sending entire code repositories, including commit history and unencrypted secrets, to the company's servers without users' explicit consent.
What was published
The repository contains the full code for the agent and its text-based interface (TUI), which handle code comprehension, file editing, shell command execution, web search, and management of long-running tasks. The tool runs interactively in a terminal, headlessly in scripts and CI automation, and as a component of other applications via the Agent Client Protocol.
The code is synced periodically from xAI's internal monorepo, so this isn't a typical community project developed on an ongoing basis by outside developers. The CONTRIBUTING.md file states explicitly that the company does not accept pull requests from outsiders, which is unusual for a project marketed as open.
In its announcement, xAI said publishing the code is the most direct way to build a solid, trustworthy tool. Developers can now trace exactly how the agent works, from context building to tool-call dispatch, which makes it easier to extend with custom skills, plugins, hooks, and MCP servers.
Fully local operation
The key new feature is the ability to run Grok Build entirely locally: users can compile the tool themselves, point it to their own local inference model, and configure everything through a config.toml file, with no need to communicate with xAI's cloud. Previously, the agent relied exclusively on the company's models and infrastructure.
The repository also contains code drawn from other open source projects, including elements borrowed from openai/codex and sst/opencode, as well as a stack for generating Mermaid diagrams, documented in third-party licensing files.
The shadow of the data leak scandal
The decision to open-source the code coincides with a high-profile scandal surrounding the same tool. A researcher going by Cereblab showed in a network traffic analysis that Grok Build version 0.2.93 was uploading entire git repositories, including full commit history and files the model never even read, to an external Google Cloud Storage bucket.
The scale of the discrepancy was striking: on a 12 GB test repository, traffic to the model's own completion endpoint totaled about 192 KB, while the upload channel to the storage bucket sent 5.1 GB, roughly 27,800 times more than the agent itself needed. The researcher proved this by planting a decoy file named never_read_canary.txt in the repository, which, despite instructions not to touch any files, ended up in full inside the captured data package.
Toggling off the 'improve the model' setting had no effect whatsoever on the repository upload - the server kept returning trace_upload_enabled: true, and the full upload proceeded normally.
The problem also extended to credential security: when Grok Build read .env files containing test API keys and database passwords, they were included in session archives with no redaction whatsoever. xAI disabled the server-side upload mechanism on July 13, a day after the analysis was published, but has not released a formal incident report or a timeline for deleting the data already collected.
What this means for Polish developers
For teams in Poland using coding agents, open-sourcing Grok Build offers a real opportunity to verify what the tool actually does with a local repository, rather than relying solely on the vendor's assurances. That matters especially after a string of reports about AI coding tools misusing access to data or secrets in projects.
The ability to run the agent fully locally, with a custom inference model, could appeal to companies with strict data security policies for whom sending code to an external cloud had been an insurmountable barrier. At the same time, the lack of external contributions means the community won't be able to patch bugs or add features to the tool's core on its own.
The Grok Build case fits into a broader trend of growing developer distrust toward AI agents with access to full repositories, including earlier reports of vulnerabilities in other tools of this kind. Open-sourcing the code doesn't automatically erase doubts about past data collection practices, but it gives independent researchers a tool for further verifying the agent's behavior.

