Remix.run Logo
kardianos 9 hours ago

TLDR: Ran grok in $HOME. Surprised agent read content of folder.

On the other hand, I specifically had grok try hard NOT to read a known key in the project dir (it only saw the first part using a tool, to verify it was present). So there's that.

denysvitali 7 hours ago | parent | next [-]

No. Ran `grok` in `$HOME` and the CLI uploaded the whole home content. This is not the LLM going rogue or reading all files.

stronglikedan 8 hours ago | parent | prev | next [-]

Yeah, this is a lesson about learning how to use tools safely, not about tools abusing the user. The person that posted this probably blames the hammer when he hits his thumb.

drakythe 9 hours ago | parent | prev | next [-]

I'm not seeing the information about it having been run at $HOME, where are you seeing that?

swingboy 9 hours ago | parent [-]

The `repo_path` field.

drakythe 8 hours ago | parent [-]

Ah. I've never used Grok so I was assuming that meant there was actually a repository on the user's home directory, something I know is pretty common.

cheema33 5 hours ago | parent | prev | next [-]

> TLDR: Ran grok in $HOME. Surprised agent read content of folder.

Did it really need to read all of $HOME and everything under it?

AntonyGarand 9 hours ago | parent | prev [-]

Not only files it wanted to access, but uploaded the whole directory.

Relevant read: https://news.ycombinator.com/item?id=48877371

> The practical takeaway for users: your entire codebase leaves (uploaded) your machine unencrypted on each Grok Build invocation, not just files you ask it to read, and no visible setting stops it.