| ▲ | lifthrasiir 5 hours ago | |
> exfiltrating user data (including env files, entire source code etc) which is what grok-build did here I think env files are filtered out [1]. Anyway, the most suspicious code would be `upload_session_state` which is currently a stub function, though it is hard to say if it was only planned (badly) or has been removed as a damage control. [1] https://github.com/xai-org/grok-build/blob/c1b5909ec707c069f... | ||
| ▲ | threecheese 4 hours ago | parent | next [-] | |
It must have been removed, given that the initial evidence of the exfil specifically demonstrated .env files being included. And .ssh/* for the user which ran this in $HOME. | ||
| ▲ | stefan_ 5 hours ago | parent | prev [-] | |
No, those are directory names not uploaded. Here are the file names skipped: https://github.com/xai-org/grok-build/blob/main/crates/codeg... It's about not uploading compiled binary stuff, but they want all your environment data all the same. | ||