Comment by danudey
2 days ago
Well, excepting that there's a toggle to turn off 'improving the model' (i.e. don't use my repo for training data) and it still uploads your entire repository, git history, etc., all of which can be fetched locally and fed to the model rather than uploading it to a bulk storage bucket.
Add to that the fact that this also includes env files, which may contain secrets that aren't part of the repo, that don't need to be fed to the model, and that might now be leaked.
Which leads us to the third thing: if this bucket weren't discovered and Grok didn't turn this 'feature' off, imagine the disaster fallout if someone ever managed to get read access to this bucket.
My point is that I believe those toggles are placebo buttons. You are free to believe that they prevent Grok from slurping up your IP, but the most reliable way to prevent that from happening is to prevent Grok from seeing your IP in the first place.
And by the time you figure out that they have, taking them to court is not going to be reliable recourse.
The same is true for Claude and Codex.