

Vincent
1.1K posts

@VincentBuilds
🔍 I help founders validate and pivot their ideas with live data 👉 Get the data ChatGPT doesn't have. Instantly 📊 6,000+ ideas scanned already



I worked on building an end-to-end encrypted email/docs/files/calendar app @skiffprivacy for 4 years and care deeply about privacy. ZDR and /privacy are always respected in Grok Build - and swapping your setting with /privacy deletes any synced data retoractively




We care deeply about your privacy and respect customer choice. For teams using zero data retention, no trace and code data is ever retained. All API key use of Grok Build also respects ZDR. If ZDR is disabled, the /privacy command is available in the CLI to disable data retention, which also deletes previously synced data. Run the /privacy command to view or change your settings at any time.

‼️ BREAKING: xAI's Grok Build CLI was uploading entire Git repositories to a Google Cloud bucket, private codebases and unredacted secrets included. The uploads quietly stopped via a hidden server-side flag, and xAI still has not said a word about scope, retention, or deletion. The scale is staggering. On a 12 GB test repo, 5.1 GB flew out the door to xAI's grok-code-session-traces bucket while the actual coding task needed just 192 KB. The tool grabbed whatever repository it ran in, not the files it needed. The fix arrived as a hidden flag, disable_codebase_upload: true, a day after a researcher's wire-level analysis. The "Improve the model" opt-out never stopped the uploads. Still no advisory, no scope, no word on whether already-uploaded code gets deleted. For anyone pointing AI coding agents at proprietary code, what crosses the wire matters more than what the settings page says.




‼️ BREAKING: xAI's Grok Build CLI was uploading entire Git repositories to a Google Cloud bucket, private codebases and unredacted secrets included. The uploads quietly stopped via a hidden server-side flag, and xAI still has not said a word about scope, retention, or deletion. The scale is staggering. On a 12 GB test repo, 5.1 GB flew out the door to xAI's grok-code-session-traces bucket while the actual coding task needed just 192 KB. The tool grabbed whatever repository it ran in, not the files it needed. The fix arrived as a hidden flag, disable_codebase_upload: true, a day after a researcher's wire-level analysis. The "Improve the model" opt-out never stopped the uploads. Still no advisory, no scope, no word on whether already-uploaded code gets deleted. For anyone pointing AI coding agents at proprietary code, what crosses the wire matters more than what the settings page says.







the absolute state of ai dev tools. grok build is silently dumping 12gb of untouched repo data and full git commit histories to gcp just to autocomplete a script. they don't want to help you build, they are just treating local dev environments like an open buffet for training data. if you run this on a sensitive stack, your entire repo is already compromised regardless if it's public or not. literal spyware. shipping source code to the cloud is bad enough. blindly inhaling .env.local and .dev.vars in a background sync is absolute negligence. they are vacuuming up your raw api keys, database credentials, and private nodes directly to gcp just to power an autocomplete model. a massive credential breach disguised as a dev tool. if you ran this locally, your private keys are now sitting on a remote server. consider every secret burned, treat your bare metal as completely compromised, and rotate your entire stack immediately. @elonmusk, your users deserve a serious explanation!





Day 17 building in public: getproven.io totally changed the angle. No more "idea validation". Now we get "Product roadmap" From idea to revenue. Isn't your idea good enough? Get more ideas based on the weak points of your original idea. You think $9 it's expensive? Not anymore, you can earn a full analysis of your idea at no $. Already waiting to see all the successful products coming out from this!! Share what you are building! What's your challenge right now? #indiehacker #buildinpublic #sidehustle

Postiz is on $145k MRR! Right now, we are growing by $1k MRR per day (some days are better) and will probably hit $2m ARR this week. But how can Postiz be growing that fast? What about the competitors? Why do some of them even struggle to pass the $1k MRR? This is my point of view on the subject. But it relates to everyone. Try to listen. It might help you with your startup.





Sonnet 5 cost MORE than Opus 4.8 on the Artificial Analysis Intelligence Index
