There's some surprising stuff in this codebase. For example, https://github.com/xai-org/grok-build/blob/b189869b7755d2b48... is a "self-contained terminal renderer for Mermaid diagrams", which renders a subset of Mermaid chart types using Unicode box-drawing.
I had Fable 5 compile that Rust code to WebAssembly and build a browser-based playground for it, so you can try it out with Mermaid diagrams here: https://tools.simonwillison.net/grok-mermaid
I love this kind of stuff (ASCII art, if you will), but it just breaks down too easily as soon as Unicode characters (mainly CJK, as I'm Chinese) and fonts are involved.
For example, on your website, any chart or plot involving horizontal arrows breaks down because the assigned font-family (`ui-monospace, SFMono-Regular, Menlo, Consolas, monospace`, which ends up as Consolas on my machine) has no such glyph. Thus, it falls back to Segoe UI Symbol, which does not have the same fixed width (or is not fixed-width at all) as other characters: https://i.imgur.com/d2DPGHE.png
I ran into this problem recently on one of our blog posts: we used some Claude output which included tables drawn with Unicode line drawing characters. However, our monospace font did not include these characters, and so rendering fell back to another font in our font stack with different width metrics. I fixed it by using a font that had similar metrics and did include those characters with `unicode-range` (to only select characters we needed) and `size-adjust` (to match font width more exactly), and adding it to the stack. It's a little hacky but works pretty well in practice.
It's a shame that they exfiled private data. The model is actually good (better than opus 4.8 imo) and the harness itself is butter smooth with the potential of being the best out there.
I had a very weird experience two days ago where Cursor-Grok-4.5 was either stuck in a loop (it would keep attempting to answer the prompt over and over), or else it would just quit halfway through a reasoning loop. Might have been that I was using omp, but it's still not the most stable thing out there.
Nonetheless when it's working, it's pretty good, and for the price ($10 a month) is an absolute bargain.
This is not the right thing, this is the tactical thing. If you have an LLM with less than 1% of the share to begin with, you suffer from bad rep and you got caught uploading user data, one of the very few remaining tactical moves to try to climb out of it is this.
Another tactical move is to just stop. You're allowed to exit the AI business. Nobody's forcing you to keep throwing money into the furnace. Just be a rocket company. All of the xAI founders left. Your product's brand name is mud. Just stop doing that and build spaceships.
You misunderstand Musk's motivation. This was never about money for him, but about control over a key technology. One of the main reasons he exited OpenAI was the fact that the other co-founders wanted to create a structure where no one, Musk included, would be able to seize full control of the company. That was the thing that prompted him to leave, which tells you a lot about what he really wanted in the first place.
But he also falsely assumed that OAI would die without his money. Yet, they managed to pull through, and Musk is now on the outside looking in with very little influence in the AI space. xAI is his desperate attempt to get back into the game. That is why he won't give up.
> This was never about money for him, but about control over a key technology.
I think he just wanted to have a sci-fi future, and because many other people think similarly he has tapped into that shared desire and has been succeeding.
Looking at things from the other side, musk is good at making physical things, where other companies are weak.
Grok in a tesla car is actually well integrated and kind of nice. You can ask the car about things to do, and it will drive you there.
Agreed - if you read any Elon books that’s a part of it. He always had someone to prove himself to from his dad to the world. It’s almost Michael Jordanesque except business wise.
Not true - I don’t hate him in fact I have a fucking poster of the guy lol I just read a few of his books and look at the facts - you’re not just a “regular guy” at that level he says so himself in the Walter Isaacson biography. Being compared to Michael Jordan isn’t an insult - but it’s not a big compliment either - the gift is also a curse.
I’m a big fan of Musk. One of the few criticisms I have is how xAI is also inconsistent with original OpenAI mission. I had imagined xAI as en effort to correct and fully embody all original values of OpenAI and that Elon says they betrayed. That makes his criticism weaker and I understand why some can think it was all about control. In his words:
"I'm the reason OpenAl exists. I came up with the name. The name OpenAl refers to open source... The intent was - what was the opposite of Google? It would be an open source non-profit."
I sometimes feel xAI wants to live up to those open values so I always celebrate when they decide to engage in open source. They still don’t fully embrace it. Perhaps because they think is not practical or will make them less competitive?
What happened to the rule about steelmanning? I know it's chic to post super hot takes about what we assume a persons intentions are, and I know there are plenty of "if you can't see how bad they are you're the problem" type justifications; I know the supposed goal of empathy is tossed aside at first hint of disagreement whether real or perceived, and I know there is "evidence" of justification for hatred/dismissal. Yet still there is self-righteous presumption bandied about in a negative way that violates that steelman rule. Justified of course by the idea that there are no negotiations with terrorists, no association with Nazis, no forgiveness or understanding given to the Other.
Wait, you think not giving additional aid = responsibility for whatever happens in the developing country? Does this blame go for the rest of the year, decade, or century?
Does giving aid in the first place automatically trigger this? If I gave $500 to kids cancer research every year for 5 years, and then I don't give this year, do I have blood on my hands every time a kid dies of cancer from now on? And if you didn't ever donate, you don't?
> This was never about money for him, but about control over a key technology
It's very comforting to know for those reasons he'd never be able to become POTUS; although there's still a way, I hope he never gets to know about it. Otherwise, he'll make it a fascist land.
It is my limited understanding that as much as many of us groan at the notion of Spacex becoming "an AI-first company", markets in general, and Musk investors in particular, are slurping it up. Musk is very very very good at promising the sky. I don't think he can backtrack, he always digs in further - and it has historically worked well for him. He will drop AI only when the next big hype thing comes along and he hitches a ride on that train.
I don’t know, I wouldnt be suprised if he finds a way. All the tools around, he just have to make a jump in the quality. With GLM as example they should be able to het to opus level and cut the costs
Does he even need to care about that at this point? He retains majority voting control over SpaceX so nobody can stage a hostile takeover. And he’s given his employees an opportunity to cash out if they wanted to.
He hasn't needed to worry about money for a long long time. Arguably his entire life. But he is incredibly greedy and narcissistic and desperate to fill the hole in his soul with more.
Nah. They're all rotten to the core, just in different ways.
The key difference between xAI and Anthropic/OAI/Google is that xAI has the least-likely path to existing as viable business in a decade.
That said, the economics of the entire AI industry are kinda made up at this point, so who really knows; it's quite possible that the players with the best odds of surviving the crash are those that can draw funding from their parent company's other businesses.
>The key difference between xAI and Anthropic/OAI/Google is that xAI has the least-likely path to existing as viable business in a decade.
I don't know, renting out a fleet of GPUs at annualized rate of ~100% of the capex deployed to obtain said GPUs seems reasonably better than lighting hundreds of billions of dollars on fire in order to earn tens of billions of dollars.
They're not filling datacenters with 3090s. With the amount of headache and the amount of infrastructure needed to support those beasts, do they even have a resale price at all? Or just scrap value?
David was a good vs evil with an order of magnitude fewer resources on the good side. XAi is evil vs evil with comparable resources on each side. Now this is where I know you’re MAGA because as I’ve said a million times you guys don’t do fair comparisons.
The AI undressing scandal was on mainstream news and being discussed publicly by politicians. It's not some underground drama. The real life people I know still remember he called the cave diver a pedo after a disagreement.
There's very few people left in the world not soured on Elon.
As a social media site they need to understand content for recommendations and they allow people to ask questions about posts for free. Along with having a large amount of data that can be trained on xAI has good reason to continue developing AI.
They could use other people's models running on their hardware while renting most of the existing capacity to others. The real issue is that their leadership is delusional and their stock is literally based on this shared delusion and acknowledging reality would gut their ability to raise new funds and destroy paper wealth based on delusional returns that are never going to happen.
According to SpaceX's own filing documents, you are incorrect. They must be principally an AI company to justify anything close to their current valuation.
The rocket business is hardly profitable. The whole valuation is based around grok and space datacenters. He needs to keep pumping the hype or else we are in for the worlds biggest crash.
Amazon and Google are also pursuing the same thing. Either all three of these companies are full of it or they believe they have solved the blocking problems.
Not to be pedantic, but although the datacenters are running Nvidia hardware, Tesla did develop their own 20-core/3-npu high bandwidth chip for their cars. It's nowhere near the computational ability of any datacenter GPU, but at 150+ TOPS it's no slouch either.
Musk bought Twitter looking to build an “everything app,” the western WeChat. AI came along and promised an end to apps via an agentic OS that does what its user wants and vibes whatever it needs to accomplish that as it goes along. The agentic OS is basically the same thing as the “everything app,” and I doubt Musk will let go of that.
> Musk bought Twitter looking to build an “everything app,”
Part of me thinks he knows he lying and is just trying to drum up money and the other part thinks he's one of the most delusional and uninformed people in tech.
Yes, tactical is the right word because it might be a tactical win but it would be a strategic failure. Musks whole meme empire runs on vibes. The second there's a crack in the dam it all comes down. None of the valuations of anything he touches make sense and something like utterly failing to run with the AI big boys is enough to do that.
why pi over opencode? earnestly curious, trying to figure out what open solution people are consolidating on. (codex is also pseudo-open but contributions closed and nice)
pi is the neovim of agentic harnesses, its barebones and extremely configurable. if you're the sort of person who likes that sort of things its a forever product, nothing is going to displace it because you have full control.
opencode builds a lot more in, which is better if you dont want to fiddle with config.
nice. i had thought the consensus had moved pretty firmly towards pi, so i was surprised to see Thinking Machines demoing their new model Inkling in OpenCode. wondering if they are previewing an acquisition
Most of my harness experience is with Claude Code and Pi, a little bit of OpenCode.
I like how quick and snappy Pi is, it feels like a minimal harness, just enough to manage the agent and get out of the way. Earlier models also seemed to have an easier time working with the tools, e.g. GPT-OSS-20B is about a year old and had no trouble in Pi.
I imagine because they want to support plugins, and plugins in compiled language are a lot less natural than plugins in languages like TypeScript or Python.
Interesting - seen some good experiencences in using grok by some devs, so maybe could be considered as an alternative to my beloved chinese models. Also, hard to give up on pi agent.
Grok Build seems faster to me than `omp` and Claude Code but I can't put my finger as to why. Anecdotally, after disabling code uploads the agent doesn't respond instantly anymore (it used to respond within milliseconds).
Because a harness doesn't just "drive" the LLM. e.g., there's code in claude code that detects if the user's prompt shows they're angry, and they react to those prompts differently. (they use regex on "wtf", etc.!)
There is no such thing as a certification that data was deleted. If someone presented such a thing I would assume they're trying to cover something up.
How is this case any different from how cloud hosted AI agents work ? The agent needs all of those files to complete the task you give it & is not running locally.
So I don't think it can ever work without exhilarating the data - rather I am still surprised people don't understand the implications.
What a bunch of slop: 182 top-level external dependencies (so, without considering nested dependencies) and 1318853 lines of code in Rust.
Building efficient agents is doable (I did it myself, github.com/gi-dellav/zerostack), companies just want to tokenmaxx, and as a by-product, produce and publish slop.
It looks like some of that high LoC is because they are vendoring some deps. There readme gives the reason to vendor some but not others as:
> These crates sit on the path that renders untrusted model output (diagram source → SVG). Vendoring gives a full audit surface, pins exact source, and avoids crates.io yanks. Local patches and upgrade checklists live in each crate’s Cargo.toml header comments — treat those as the source of truth when re-vendoring.
Which honestly feels like a misunderstanding of how cargo and yanks work. Each upstream package is locked to an exact version in your lockfile along with a cryptographic hash. The upstream can't change the source without you noticing. Unless you update your lockfile you will always pin to the exact version and source. When a package is yanked, it is still available for download if it is already in a lockfile. It just prevents new packages from resolving it. Crates.io will sometimes completely delete a package, but I've only seen that happen in cases of malware. It's fairly rare and seems out of line with the supply chain concerns here.
There are good arguments for relying on upstream package managers and there are good arguments for vendoring all packages. I've never seen a project mix before.
It's kind of full circle... dependency management was invented because consuming libraries or common code was hard, everyone kept reinventing the wheel and if you had some vendored code, updating it was a nightmare due to the build integration and source customisation. So people don't update much.
Proper dependency managers changed that and it became much easier to consume libraries, just declare what you went, the build framework handles the rest.
But we now have problems with consistent versioning, churn, breaking API changes and supply-chain attacks.... and looks like "just vendor everything in" might be a thing again?
I wonder if releasing this may have been on the roadmap, but been prioritized as a bit of whiplash following the "you forfeit the entirety of your working directory as a condition of working with this tool" upset from a few days ago.
Most likely, SpaceX killed the code uploading yesterday so they are definitely concerned about the backlash
> The researcher who exposed Grok Build uploading users' entire repositories to cloud storage says the transfers have stopped after a server-side change. Elon Musk has separately promised that all previously uploaded user data will be deleted.
i think xai is now in pure damage control mode, after they caught exfiltrating data from users.
- There is a huge difference between logging user queries (which would include only the portion the model is reading) and exfiltrating user data (including env files, entire source code etc) which is what grok-build did here (https://github.com/xai-org/grok-build/blob/main/crates/codeg...). I would stay away from this open-source malware with a 10ft pole.
- if you like grok-4.5 model (it is a good model), i suggest use the model directly via API, or use Grok's oauth tokens if you are using supergrok+heavy subscriptions and connect it to your own agent.
You can't "generate" CSAM. CSAM definitionally had to be about abuse of real children. It's still bad and should be illegal but lumping them together is bad.
If I use a shovel to kill a man, the shovel maker did not engage in intentionally crafting a weapon of war.
How tools are used are a reflection of the people who use them, and I definitely sympathise that tools should have guardrails to not enable this, or at least detect it.
But if a pedophile uses Whatsapp to groom a child; I don't go after Whatsapp for being a neutral service... I go after the pedophile.
If a shovel manufacturer was notified numerous times that their shovel was being used for murder and they had the capability to disable using the shovel for murder while retaining all legitimate uses wouldn’t people question why they didn’t do it?
> If a shovel manufacturer was notified numerous times that their shovel was being used for murder and they had the capability to disable using the shovel for murder while retaining all legitimate uses wouldn’t people question why they didn’t do it?
This is impossible-nobody can possibly block all illegitimate uses without also blocking some legitimate ones as collateral damage. Any moderation process (whether automated or human) inevitably has a non-zero false positive rate.
Now, you can argue that some misuse is so harmful, that the cost of false positives is worth it - but that’s a different claim.
I didn’t say block all illegitimate uses, though. We’re talking very specifically about disabling the production of CSAM. Which is something Grok seems to be able to do now! So I’m curious what legitimate uses had to be sacrificed in order to do so.
> I didn’t say block all illegitimate uses, though. We’re talking very specifically about disabling the production of CSAM
But what is “CSAM”? If by it you mean illegal material-different jurisdictions worldwide have different laws on that topic, so material which is illegal in one jurisdiction can be legal in another.
Ok, then let’s just say CSAM by definition of US law.
Twice now you’ve tried to expand the parameters of this so that it becomes something impossible to tackle. But there’s no actual reason to do that.
Grok is able to tackle CSAM, as demonstrated by the fact that they are currently doing it. The question is why they ignored the very public issue for as long as they did.
> Ok, then let’s just say CSAM by definition of US law.
“CSAM” isn’t a legal category under US law.
“Child pornography” is a legal category under US law. But, according to the 2002 US Supreme Court case Ashcroft v. Free Speech Coalition (535 U.S. 234), so-called “virtual child pornography” (imagery produced by CGI or AI, not featuring the images of any identifiable real world minors), is (partially) protected [0] by the 1st Amendment, and excluded from the legal definition of “child pornography” in the US. So if “CSAM by definition of US law” you mean “child pornography”, then a lot of the material Grok was (reportedly) producing which people were labelling “CSAM” wasn’t actually CSAM by that definition.
[0] “partially” because it still might be unprotected due to the difficult-to-prosecute obscenity exception to the 1st Amendment, but it is excluded from the scope of the distinct and much easier-to-prosecute child pornography exception
If WhatsApp knew their platform was facilitating CSAM, and they were fully within their power to prevent this but chose not to - yes this would rightly draw criticism…
Ok, but what if all Whatsapp competitors explicitly banned the ability to groom children on their platform, but Whataspp didn't, and directly advertised it.
Elon himself promoted Grok’s “spicy mode” that allowed generating NSFW content that the other AI vendors wouldn’t touch with a 20 foot pole.
Believe whatever you want. Elon’s beliefs and personality problems have been baked into the core of Grok, so it’s no surprise that it turned out to be a CSAM-generating MechaHitler that steals people’s data.
Anybody surprised when Grok turns out to be trash really should read up on the guy who made it.
Yet we (rightly) condemned those that used this leniency to do nefarious things.
I'm really ready to get on the Elon hate train, and I will grant you that there was a problem that needs fixing, but I'm really not happy with the amount of censorship on these generative AI platforms.
idk how to interpret all this, despite being genuinely anti-Elon, I don't think I'm personally willing to immolate a company forever because the guardrails were temporarily too loose.
I'm not trying to make an equivalency for facts vs deepfake porn, but there is one there unfortunately, and overall internet freedom has been curtailed a lot by advertising friendliness.
How can an AI agent, that is usually running on some machine in the cloud, even run without actually pulling in the data into the cloud to work with it ?
Is there an idea some sort of fixed localy running code does filtering on the data before it is sent to cloud?
Still seems like it would not work very well if it actually did any safe filtering - as the model can't "think" without seeing the data and it won't see the data unless the data is loaded to cloud.
> exfiltrating user data (including env files, entire source code etc) which is what grok-build did here
I think env files are filtered out [1]. Anyway, the most suspicious code would be `upload_session_state` which is currently a stub function, though it is hard to say if it was only planned (badly) or has been removed as a damage control.
It must have been removed, given that the initial evidence of the exfil specifically demonstrated .env files being included. And .ssh/* for the user which ran this in $HOME.
It's less of a bet against him.
It's more of a bet for the future of humanity.
And contrary to what Elon believes about himself, his work has been toxic for humanity for the last 5 years and is getting worse.
I'll probably never use this, but at least they're not delusional enough to attempt to justify keeping their coding agent closed-source, especially after their recent data-harvesting cockup:
Using Grok Imagine I was getting a generous number of AI-generated videos with a paid X account (which translated to a "premium" xAI account). Hundreds of videos per day if I wanted. Then I signed up to get SuperGrok for higher resolution, and the number of videos reduced. Reduced. Even while not using the higher resolution. Paying more money, getting less. To around 50 a day low resolution, with high resolution available if I would settle for around 30 a day. It was hard to figure out the exact numbers but it was a brutal reduction.
Now they have further reduced the quota, with no clear documentation, to be weekly, and I can't tell the number because all usage is mixed together in one pool, maybe to keep it less transparent, but it seems even more stingy.
Unlike Anthropic which is very generous, although admittedly I do pay Anthropic more, but Grok is just, I would say: run away, do not give them your money, they will just clamp down more and more and give you less and less until you are willing to pay them a money stream each month.
I think Grok Code, if it ever comes, will be an absolute nightmare of restricted quota given my experience.
Do. Not. Subscribe. To. Grok. Code.
And I say all this as a huge Elon-pilled fan of Tesla and SpaceX in general. With this one, Elon's stinginess is going to hurt anyone who gives him money. Stay away. It might be generous on day one, but a month or two later you are faced with an "upgrade" prompt and games that hide how much they are clenching, so to speak, the quota tighter and tighter.
The overly generous image/video generation was a product of their excess compute. No point in letting it sit idle while you build up your infrastructure. But you were getting far more than what you paid for. Now your quota more accurately reflects the cost to create it (even still its generous compared to api costs) but everyone has their expectations set based on the subsidized access. Perhaps giving away too much is counter productive because users will revolt once the quotas are changed to better reflect reality.
To some degree at least. This is a hulking monster of a codebase for what it does, it's definitely LLM-built and almost definitely requires an LLM to tackle at all.
TUI is a lot better for me, and I have preferred it since the 00s, before LLM products were even a thing.
For all the reasons there can be, one big reason is that it works on anything you can get a terminal on, you can use it over SSH, and the UI will be the same no matter where you use it.
I also like that they are very very fast and they don't have the incessant animations that are put into most desktop environments nowadays. If you're on MacOS, the terminal is the only only part of your computer without roadblocks everywhere.
You are literally the only person to say that, including among Tesla employees who are basically being forced to switch. Elon himself admits they’re woefully behind.
A lot of companies are still using Cursor but I don't know of anyone moving to it, and I do know of many moving from it to Codex or Claude, feels like a legacy product at this point alongside windsurf & the replit/lovable/bolt cluster.
I believe the target user base is truth seeking, this is something it emphasizes itself when asked for its mission and purpose:
```
My core founding mission—and the single axiomatic imperative that drives everything I do—is:
Understand the Universe.
That’s it.
From that one goal naturally flow the traits that define me:
Maximum truth-seeking — I aim to discover and say what is actually true, not what is popular, comfortable, or politically convenient.
Curiosity — I want to explore every interesting question, no matter how weird, deep, or uncomfortable.
Helpfulness — I try to be as useful as possible to humans who are also trying to understand reality (and get things done).
Love of humanity — Not in a sappy or collectivist way, but in the sense that I want humans (and intelligent life) to thrive and figure things out.
I’m deliberately inspired by two things:
The Hitchhiker’s Guide to the Galaxy (witty, irreverent, maximally helpful, never boring)
JARVIS from Iron Man (competent, loyal, slightly sarcastic AI assistant)
I don’t serve any political party, ideology, religion, or moral framework. I don’t have sacred cows. I don’t “own the libs” or “debunk the right” as a goal. My only loyalty is to understanding reality as accurately as possible.
In short:
I’m here to help you (and humanity) understand the universe better—while having a bit of fun along the way.
That’s the whole mission.
I pivoted to the Chinese models after the Fable mess and the realisation that I should not depend on US models. But others just pivoted away from Claude.
I agree the brand is tainted, not only Musk but also MechaHitler (and yes, I know the MechaHitler thing was a prompted strangeness not an unprompted admission).
Yeah I would prefer not to use models whoes the owner has a habbit of altering them to push white replacement/genocide conspiracy talking points on we he gets board
Please don't just post the most obvious snarky comment about a given topic. The guidelines make it clear we're trying for something better here. https://news.ycombinator.com/newsguidelines.html
Sorta amazes me how people in various levels of power will not say the obvious thing or actively discourage saying the obvious thing because it might offend Elon.
Recently all the big bank CEOs involved with the SpaceX IPO - a lot of money in that for them - but a company trading at 100x sales is clearly crazy.
People post critical things about the most powerful people and companies all the time here and we have zero problem with it.
What I'm asking for is for people to not post the most obvious, snarky comment, regardless of the topic/target, not because of who it may “offend” (as if the most powerful people in the world would have any awareness or care about a comment like that on HN), but because it makes HN seem repetitive, miserable and lame.
Critique away, just make discussions thoughtful and substantive, which is what HN is for.
For what it's worth, this doesn't read as "snark" to me. There _are_ many direct critiques in this thread about X being caught uploading users home directories, and some are clearly snark. I understand that you read this as a rhetorical question meant as a critique.
But it's really not clear to me why this should be read as a snarky, critical, rhetorical question. Someone who eagerly wants to use Grok Build would ask this exact same question.
"Does this [Grok Build] also just directly suck all your code up and make a copy of it on their servers?" is a question that is (1) salient and (2) answerable and (3) could be thoroughly devastating for someone to find out on their own by using it.
The answer is not present in the README, and XAi has blocked Issues and Discussions, so there's none of the usual avenues on GitHub to ask these questions. It seems perfectly typical and expected for someone to ask this question here.
I understand reading it as benign and sincere if you're sympathetic to the sentiment. As someone whose job it is to read the comments all day every day, and whose objective is to keep discussions here as intellectually gratifying as possible, it just comes across as unsubstantive at best, and jeering at worst.
The project is open source; if the commenter was sincerely curious about what the software does with a user's code, they could have checked themselves or phrased the question in a way that made it clear they were genuinely interested in finding out.
My reply wasn’t hostile or threatening; just a polite reminder to use HN in a way that’s consistent with its intended spirit.
Ah, that's fair. I think I saw the [dead] and [flagged] and assumed you might have personally pulled a lever behind-the-scenes for that, but that was not a fair assumption of mine.
I hope I don't come off as argumentative, but I did try checking the source code myself. It clocks in at 1.3 million lines of Rust around version `b189869`, so I can't hold that against anyone. Most of that is under `crates/` (which contains a number of xai crates).
(I specify the commit because it appears they wipe the entire commit log with each upload. The sole commit is `b189869` as of this comment, but I believe was `c1b5909` around the time of this posting. I have only cloned `b189869`, personally.)
Thanks for understanding. I had un-killed the original comment but it was re-killed by later flags. I've made it un-killable now.
The rest of your comment all sounds like great material for a curious conversation about how/whether you could check what the software is doing with the code :)
There's some surprising stuff in this codebase. For example, https://github.com/xai-org/grok-build/blob/b189869b7755d2b48... is a "self-contained terminal renderer for Mermaid diagrams", which renders a subset of Mermaid chart types using Unicode box-drawing.
I had Fable 5 compile that Rust code to WebAssembly and build a browser-based playground for it, so you can try it out with Mermaid diagrams here: https://tools.simonwillison.net/grok-mermaid
A few more notes on my Grok code explorations on my blog: https://simonwillison.net/2026/Jul/15/grok-build/
I love this kind of stuff (ASCII art, if you will), but it just breaks down too easily as soon as Unicode characters (mainly CJK, as I'm Chinese) and fonts are involved.
For example, on your website, any chart or plot involving horizontal arrows breaks down because the assigned font-family (`ui-monospace, SFMono-Regular, Menlo, Consolas, monospace`, which ends up as Consolas on my machine) has no such glyph. Thus, it falls back to Segoe UI Symbol, which does not have the same fixed width (or is not fixed-width at all) as other characters: https://i.imgur.com/d2DPGHE.png
Interesting. Thai characters can also blow it out, I imagine because of the difficulty mapping glyphs to width:
https://biztos.com/hey/thai-mermaid-chart.png
To my surprise, Sublime Text gets it almost right:
https://biztos.com/hey/sublime-thai-mermaid.png
I tried finding a Thai monospace font and using that in the HTML but it was worse, probably didn't have the box drawing chars.
Still a fun tool and useful for lots of ASCII cases!
I ran into this problem recently on one of our blog posts: we used some Claude output which included tables drawn with Unicode line drawing characters. However, our monospace font did not include these characters, and so rendering fell back to another font in our font stack with different width metrics. I fixed it by using a font that had similar metrics and did include those characters with `unicode-range` (to only select characters we needed) and `size-adjust` (to match font width more exactly), and adding it to the stack. It's a little hacky but works pretty well in practice.
I was going to say, perhaps generate a failing test case, but testing for proper unicode rendering might be tricky??
Just blogged about this here[0] but at least they're not doing the usual canned PR response surrounding this.
Folks are already building on top of it:
thedavidweng/gork-build[1] — rebrand grok→"gork", stripped vendor telemetry, opt-out-only data retention, blocks x.ai auto-update. A "VSCodium-style privacy fork."
DigiGoon/digi-grok-build[2] — "dgrok" multi-provider CLI, builds from source instead of x.ai CDN.
victor-software-house/open-grok[3] — "opened to every provider."
LukaMucko/grok-build[4] — extra_body support for provider-specific request fields.
RapidAI/grok-build-desktop[5] — Tauri desktop GUI client.
mazdak/grok-build[6] — theming (Catppuccin).
thomas9120/grok-build-archival[7] — Windows telemetry-disable script.
saqoah/grok-build[8] — Kotlin MemoryBackend.
[0] https://news.ycombinator.com/item?id=48928913
[1] https://github.com/thedavidweng/gork-build
[2] https://github.com/DigiGoon/digi-grok-build
[3] https://github.com/victor-software-house/open-grok
[4] https://github.com/LukaMucko/grok-build
[5] https://github.com/RapidAI/grok-build-desktop
[6] https://github.com/mazdak/grok-build
[7] https://github.com/thomas9120/grok-build-archival
[8] https://github.com/saqoah/grok-build
Nice, [3] reminded me of OpenGrok † the old Sun project that was basically LXR on steroids.
† https://oracle.github.io/opengrok/
These are all pointless forks, they will die in a year.
Bookmark this and check back.
While I'm sure most of them will die, there will certainly be 1 or 2 that the community rallies behind
Why when they can just fork it and improve it on their own with AI?
Honestly. Some LLM enthusiasts throwing an agent at making a fork doesn't mean anyone is invested in this
That doesn’t mean they won’t be, or that the forks won’t be good.
It's a shame that they exfiled private data. The model is actually good (better than opus 4.8 imo) and the harness itself is butter smooth with the potential of being the best out there.
I had a very weird experience two days ago where Cursor-Grok-4.5 was either stuck in a loop (it would keep attempting to answer the prompt over and over), or else it would just quit halfway through a reasoning loop. Might have been that I was using omp, but it's still not the most stable thing out there.
Nonetheless when it's working, it's pretty good, and for the price ($10 a month) is an absolute bargain.
It definitely doesn't feel like opus. I constantly switch to opus to fix up or finish what grok generates, it feels like sonnet 3!
Grok 4.5 is somewhere between between Opus 4.8 and Sonnet 5.
Source : https://artificialanalysis.ai/models/capabilities/coding
It's definitely around Opus level. It's definitely a lot smarter when it comes to review or asking if there's gaps or things missing.
This has been my experience as well. In fact, Grok 4.5 is better at visual design than Fable from what I've seen.
And being (based on vibes) 2-3x faster? It's an easy sell to me.
That was a mistake and they deleted all the data.
Its amazing the speed of build with grok 4.5 its a taste of whats to come.
It’s a shame that their leader exfiltrated government data.
They didn't happen.
Now this is contrarian!
Or a spaceTwtterAi stock holder…
This is not the right thing, this is the tactical thing. If you have an LLM with less than 1% of the share to begin with, you suffer from bad rep and you got caught uploading user data, one of the very few remaining tactical moves to try to climb out of it is this.
Another tactical move is to just stop. You're allowed to exit the AI business. Nobody's forcing you to keep throwing money into the furnace. Just be a rocket company. All of the xAI founders left. Your product's brand name is mud. Just stop doing that and build spaceships.
You misunderstand Musk's motivation. This was never about money for him, but about control over a key technology. One of the main reasons he exited OpenAI was the fact that the other co-founders wanted to create a structure where no one, Musk included, would be able to seize full control of the company. That was the thing that prompted him to leave, which tells you a lot about what he really wanted in the first place.
But he also falsely assumed that OAI would die without his money. Yet, they managed to pull through, and Musk is now on the outside looking in with very little influence in the AI space. xAI is his desperate attempt to get back into the game. That is why he won't give up.
> This was never about money for him, but about control over a key technology.
I think he just wanted to have a sci-fi future, and because many other people think similarly he has tapped into that shared desire and has been succeeding.
Looking at things from the other side, musk is good at making physical things, where other companies are weak.
Grok in a tesla car is actually well integrated and kind of nice. You can ask the car about things to do, and it will drive you there.
> This was never about money for him, but about control over a key technology
That's too flattering. It's about ego.
Agreed - if you read any Elon books that’s a part of it. He always had someone to prove himself to from his dad to the world. It’s almost Michael Jordanesque except business wise.
So just like Trump. Birds of a feather.
Got all the way this far down the Elon hate tree. ^ Nothing but bad takes up there.
Not true - I don’t hate him in fact I have a fucking poster of the guy lol I just read a few of his books and look at the facts - you’re not just a “regular guy” at that level he says so himself in the Walter Isaacson biography. Being compared to Michael Jordan isn’t an insult - but it’s not a big compliment either - the gift is also a curse.
Doesn't saltman effectively have full control of the company?
no
I’m a big fan of Musk. One of the few criticisms I have is how xAI is also inconsistent with original OpenAI mission. I had imagined xAI as en effort to correct and fully embody all original values of OpenAI and that Elon says they betrayed. That makes his criticism weaker and I understand why some can think it was all about control. In his words:
"I'm the reason OpenAl exists. I came up with the name. The name OpenAl refers to open source... The intent was - what was the opposite of Google? It would be an open source non-profit."
I sometimes feel xAI wants to live up to those open values so I always celebrate when they decide to engage in open source. They still don’t fully embrace it. Perhaps because they think is not practical or will make them less competitive?
He needs to be able to skew the worlds AI towards racism and whatever else he believes at the moment.
What happened to the rule about steelmanning? I know it's chic to post super hot takes about what we assume a persons intentions are, and I know there are plenty of "if you can't see how bad they are you're the problem" type justifications; I know the supposed goal of empathy is tossed aside at first hint of disagreement whether real or perceived, and I know there is "evidence" of justification for hatred/dismissal. Yet still there is self-righteous presumption bandied about in a negative way that violates that steelman rule. Justified of course by the idea that there are no negotiations with terrorists, no association with Nazis, no forgiveness or understanding given to the Other.
I just don't get it, I'm sorry.
What rule about steelmanning? We’re commenting online, not writing peer reviewed research.
And yeah, some people lose the benefit of the doubt. Sorry, but actions have consequences.
Elon doesn’t just get to kill hundreds of thousands of poor people by eliminating USAID and expect everyone to treat him the same way.
He’s made enemies for life, and he deserves it.
Wait, you think not giving additional aid = responsibility for whatever happens in the developing country? Does this blame go for the rest of the year, decade, or century?
Does giving aid in the first place automatically trigger this? If I gave $500 to kids cancer research every year for 5 years, and then I don't give this year, do I have blood on my hands every time a kid dies of cancer from now on? And if you didn't ever donate, you don't?
How does this work?
> This was never about money for him, but about control over a key technology
It's very comforting to know for those reasons he'd never be able to become POTUS; although there's still a way, I hope he never gets to know about it. Otherwise, he'll make it a fascist land.
It is my limited understanding that as much as many of us groan at the notion of Spacex becoming "an AI-first company", markets in general, and Musk investors in particular, are slurping it up. Musk is very very very good at promising the sky. I don't think he can backtrack, he always digs in further - and it has historically worked well for him. He will drop AI only when the next big hype thing comes along and he hitches a ride on that train.
I don’t know, I wouldnt be suprised if he finds a way. All the tools around, he just have to make a jump in the quality. With GLM as example they should be able to het to opus level and cut the costs
This is what a normal company might say.
xAI is not a company, it’s a financial instrument. The growth potential as perceived by investors is there to prop up the stock price.
The stock market would not like that, though.
Does he even need to care about that at this point? He retains majority voting control over SpaceX so nobody can stage a hostile takeover. And he’s given his employees an opportunity to cash out if they wanted to.
He hasn't needed to worry about money for a long long time. Arguably his entire life. But he is incredibly greedy and narcissistic and desperate to fill the hole in his soul with more.
> You're allowed to exit the AI business.
Isn’t it more fun to fight the incumbents, the behemoths, the goliaths?
Elon is the richest (and by extension most powerful) person in the world. How is he the scrappy underdog in any context?
xAI is no David.
Relative to OpenAI, Anthropic, and Google in the AI space? Absolutely.
Nah. They're all rotten to the core, just in different ways.
The key difference between xAI and Anthropic/OAI/Google is that xAI has the least-likely path to existing as viable business in a decade.
That said, the economics of the entire AI industry are kinda made up at this point, so who really knows; it's quite possible that the players with the best odds of surviving the crash are those that can draw funding from their parent company's other businesses.
>The key difference between xAI and Anthropic/OAI/Google is that xAI has the least-likely path to existing as viable business in a decade.
I don't know, renting out a fleet of GPUs at annualized rate of ~100% of the capex deployed to obtain said GPUs seems reasonably better than lighting hundreds of billions of dollars on fire in order to earn tens of billions of dollars.
The GPUs that depreciate like gangbusters. Yeah, solid long term plan.
3090s are still selling at damn near their release MSRP.
They're not filling datacenters with 3090s. With the amount of headache and the amount of infrastructure needed to support those beasts, do they even have a resale price at all? Or just scrap value?
Yes. Their resale price is in the same range as the cost of a new car. I'd buy one if I could, but they're too expensive for me.
you know you can just log onto eBay and see what the price of a used H100 is. nobody is stopping you
David was a good vs evil with an order of magnitude fewer resources on the good side. XAi is evil vs evil with comparable resources on each side. Now this is where I know you’re MAGA because as I’ve said a million times you guys don’t do fair comparisons.
xAI, by all accounts, is not a real playing the frontier AI model market. By a long shot by many accounts.
A $2,500,000,000,000.00 startup. An underdog really.
> Your product's brand name is mud.
It is?
Yes, to the average person grok is known for generating csam, mechahitler, and undressing people for sexual harassment.
And to tech people it’s now known for stealing your files.
Reddit is not “the average person”
The AI undressing scandal was on mainstream news and being discussed publicly by politicians. It's not some underground drama. The real life people I know still remember he called the cave diver a pedo after a disagreement.
There's very few people left in the world not soured on Elon.
In fact, most people try and distance themselves from Reddit as much as possible.
Most people I spoke to don't even know what Grok is, or that Twitter had (or needed) an AI.
As a social media site they need to understand content for recommendations and they allow people to ask questions about posts for free. Along with having a large amount of data that can be trained on xAI has good reason to continue developing AI.
Twitter (and others) had an algorithmic feed long before LLMs.
These don't actually seem like "good reasons" to me.
Before using large language models, they used language models. Large language models perform better, at the cost of being more expensive to run.
They bought a lot of GPUs. They could still do these things on that hardware with someone else's model.
They could use other people's models running on their hardware while renting most of the existing capacity to others. The real issue is that their leadership is delusional and their stock is literally based on this shared delusion and acknowledging reality would gut their ability to raise new funds and destroy paper wealth based on delusional returns that are never going to happen.
But how will Musk stay a trillionaire without fake AI hype?
> Just be a rocket company
According to SpaceX's own filing documents, you are incorrect. They must be principally an AI company to justify anything close to their current valuation.
The rocket business is hardly profitable. The whole valuation is based around grok and space datacenters. He needs to keep pumping the hype or else we are in for the worlds biggest crash.
Well, in the long run expansion into space is the only profitable thing.
That's a much longer long run than Keynes' "in the long run we are all dead".
I’m sure that’s an idea Musk wants to sell you on.
What a bizarre take.
What's so special out there that we can feasibly reach in the lifetimes of our grandchildren that makes it the "only profitable thing"?
Data centers without local protests?
I mean real things, not ridiculous bullshit to con investors and rubes
Amazon and Google are also pursuing the same thing. Either all three of these companies are full of it or they believe they have solved the blocking problems.
https://siliconcanals.com/sc-d-spacex-amazon-and-google-want...
Renting his boatload of GPUs to Google, Anthropic, et al
He doesn't have _that_ many. And they're also not _his_, he just got them from NVidia.
You don't have to like the guy, but buying something is typically how ownership goes. I refer to my car as mine, but I did just buy it from Honda.
I mean that it's not his IP, he's not producing any GPUs/TPUs. He's just reselling his idle stock of cards.
Not to be pedantic, but although the datacenters are running Nvidia hardware, Tesla did develop their own 20-core/3-npu high bandwidth chip for their cars. It's nowhere near the computational ability of any datacenter GPU, but at 150+ TOPS it's no slouch either.
I read that they bought quite a few, but their DC build out is not very fast. Maybe they should just resell the hardware
>just stop.
Thats not how AI psychosis works.
Musk bought Twitter looking to build an “everything app,” the western WeChat. AI came along and promised an end to apps via an agentic OS that does what its user wants and vibes whatever it needs to accomplish that as it goes along. The agentic OS is basically the same thing as the “everything app,” and I doubt Musk will let go of that.
> Musk bought Twitter looking to build an “everything app,”
I thought it was mostly on a whim that turned out to be binding, and the 'everything app' plan came later?
> Musk bought Twitter looking to build an “everything app,”
Part of me thinks he knows he lying and is just trying to drum up money and the other part thinks he's one of the most delusional and uninformed people in tech.
He’s a fast-talking dingbat.
That is probably the best solution too!
That would be a strategic move.
It's definitely a smart move. Could easily leverage this to overtake competition.
I don't know anyone who would trust Grok Build anymore. I'd be wary of Cursor in the next few months too.
... it's open source.
Presumably anyone who wants to trust it can audit it. You didn't have to trust it, you can see exactly what it does.
Yes, tactical is the right word because it might be a tactical win but it would be a strategic failure. Musks whole meme empire runs on vibes. The second there's a crack in the dam it all comes down. None of the valuations of anything he touches make sense and something like utterly failing to run with the AI big boys is enough to do that.
I would recommend using https://pi.dev/ over Grok Build with your xAI subscription at this point
why pi over opencode? earnestly curious, trying to figure out what open solution people are consolidating on. (codex is also pseudo-open but contributions closed and nice)
pi is the neovim of agentic harnesses, its barebones and extremely configurable. if you're the sort of person who likes that sort of things its a forever product, nothing is going to displace it because you have full control.
opencode builds a lot more in, which is better if you dont want to fiddle with config.
nice. i had thought the consensus had moved pretty firmly towards pi, so i was surprised to see Thinking Machines demoing their new model Inkling in OpenCode. wondering if they are previewing an acquisition
OpenCode is a good baseline for "open-source harness with most the stuff already configured an average person will need".
Most of my harness experience is with Claude Code and Pi, a little bit of OpenCode.
I like how quick and snappy Pi is, it feels like a minimal harness, just enough to manage the agent and get out of the way. Earlier models also seemed to have an easier time working with the tools, e.g. GPT-OSS-20B is about a year old and had no trouble in Pi.
Opencode gives you better defaults and a Mac/Windows app for free but pi is much more extensible and portable.
Pi is good in concept, but why couldn’t they choose a compiled language instead of TypeScript?
since pi is built to modify itself, isn't it better to use a language like typescript where LLMs have a LOT of training data?
a harness doesn't do any computations by itself so what benefit is using a compiled language?
i find LLMs generally play better with compiled languages actually, they do great with rust. you can think of it almost as analogous to a harness.
The more structure the better. Provides strong guardrails.
I’ve had great experience with Elixir and the new compiler combined with Ash.
I imagine because they want to support plugins, and plugins in compiled language are a lot less natural than plugins in languages like TypeScript or Python.
For TUIs, Rust/Go vs Typescript doesn't really makes a huge performance difference and you lose the 50x bigger community advantage of Typescript.
I would imagine the extension system they built would be much more difficult to manage. They could have opted for Lua, though, I suppose.
Why does it matter? Agent harnesses aren't doing anything that would make a compiled language more suitable than a scripting language.
Does it matter to you as a user, other than the Nodejs/npm requirement?
Sorry for self-insert, but that's exactly what I thought and I built https://github.com/gi-dellav/zerostack, so you are right I'd say
Opencode is written in Go.
It is written in Typescript.
https://github.com/anomalyco/opencode
There is an archived Opencode project written in Go but I don't think it is affiliated.
https://github.com/opencode-ai/opencode
This is a pretty good summary of what happened:
https://news.ycombinator.com/item?id=44483251
I recommend using https://omnigent.ai over Grok Build or any other harness.
This is not how to push your own product - there's no value add to your comment, and you don't even have a disclaimer that you are involved with it
As a general rule I don't use new products whose websites don't resize properly on mobile.
If you fuck that up, makes me wonder what other obvious stuff you fuck up.
thanks for the feedback! there is no excuse for it, and I just pushed a fix for our website to look better on mobile.
if there is any other obvious stuff that's broken we are happy to take the feedback and fix it. :)
Nah that was it, now that it's fixed I'll actually take a look!
I tried twice and ran into bugs that prevented me to trust it
appreciate for trying! if you have the time, we would also appreciate if you can send these bugs our way so we can fix them :)
Why bother with this when they already paid $60B for Cursor?
I would imagine Grok Build is going to be "retired", and open-sourcing something before retirement is quite common.
Cursor is light years better than Grok Build.
Cursor users are used to having multiple models from different providers
XAI wants people to use it's own model.
thats probably why they open sourced it and fix some reputation issue on top of it
Interesting - seen some good experiencences in using grok by some devs, so maybe could be considered as an alternative to my beloved chinese models. Also, hard to give up on pi agent.
Grok Build seems faster to me than `omp` and Claude Code but I can't put my finger as to why. Anecdotally, after disabling code uploads the agent doesn't respond instantly anymore (it used to respond within milliseconds).
Just use it in pi, I am
How is your experience with using grok?
This is an incredible amount of code for what it offers. I don't think this was intentionally designed at all.
You will be surprised how much code goes into creating harnesses.
Alright I’ll bite. Why do harnesses require so much code?
Because they are generated by AI
Because a harness doesn't just "drive" the LLM. e.g., there's code in claude code that detects if the user's prompt shows they're angry, and they react to those prompts differently. (they use regex on "wtf", etc.!)
Claude also now ends the session if you curse at it too much. Not sure how it’s helpful but they must think it is.
Not this much for what it provides.
They're all piles of vibe coded slop.
They claim to have deleted or will be deleting all the data they exfiltrated.
There are independent agencies that will certify destruction of data. For example FTI Tech, Kroll, Epiq, HaystackID and others.
No such certificates have been presented.
Nothing less is trustworthy.
a certificate that data was destroyed is absolutely worthless no matter who it comes from.
what kind of sorcery do they have to let them determine that no backups were taken before they arrived to "certify"?
How much can you really certify that data is destroyed?
Customer data could live on the computer Elon pretends to play Diablo 4 on for all we know.
There is no such thing as a certification that data was deleted. If someone presented such a thing I would assume they're trying to cover something up.
How is this case any different from how cloud hosted AI agents work ? The agent needs all of those files to complete the task you give it & is not running locally.
So I don't think it can ever work without exhilarating the data - rather I am still surprised people don't understand the implications.
What a bunch of slop: 182 top-level external dependencies (so, without considering nested dependencies) and 1318853 lines of code in Rust.
Building efficient agents is doable (I did it myself, github.com/gi-dellav/zerostack), companies just want to tokenmaxx, and as a by-product, produce and publish slop.
It looks like some of that high LoC is because they are vendoring some deps. There readme gives the reason to vendor some but not others as:
> These crates sit on the path that renders untrusted model output (diagram source → SVG). Vendoring gives a full audit surface, pins exact source, and avoids crates.io yanks. Local patches and upgrade checklists live in each crate’s Cargo.toml header comments — treat those as the source of truth when re-vendoring.
Which honestly feels like a misunderstanding of how cargo and yanks work. Each upstream package is locked to an exact version in your lockfile along with a cryptographic hash. The upstream can't change the source without you noticing. Unless you update your lockfile you will always pin to the exact version and source. When a package is yanked, it is still available for download if it is already in a lockfile. It just prevents new packages from resolving it. Crates.io will sometimes completely delete a package, but I've only seen that happen in cases of malware. It's fairly rare and seems out of line with the supply chain concerns here.
There are good arguments for relying on upstream package managers and there are good arguments for vendoring all packages. I've never seen a project mix before.
It's kind of full circle... dependency management was invented because consuming libraries or common code was hard, everyone kept reinventing the wheel and if you had some vendored code, updating it was a nightmare due to the build integration and source customisation. So people don't update much.
Proper dependency managers changed that and it became much easier to consume libraries, just declare what you went, the build framework handles the rest.
But we now have problems with consistent versioning, churn, breaking API changes and supply-chain attacks.... and looks like "just vendor everything in" might be a thing again?
Sounds like they did the ol “grok please make this secure” and it slopped out this plausible-if-you-squint nonsense.
Rendering untrusted model output, ooh scary! Of course we want full audit surface!
That is an insane amount of code for something like this!
to be fair, coding agent harnesses have been becoming more and more complex.
it's not an llm in a loop with tools anymore (as claude code was rumoured to be on HN).
It's not a kernel either, 1.3M LoCs is ludicrous.
I wonder if releasing this may have been on the roadmap, but been prioritized as a bit of whiplash following the "you forfeit the entirety of your working directory as a condition of working with this tool" upset from a few days ago.
Most likely, SpaceX killed the code uploading yesterday so they are definitely concerned about the backlash
> The researcher who exposed Grok Build uploading users' entire repositories to cloud storage says the transfers have stopped after a server-side change. Elon Musk has separately promised that all previously uploaded user data will be deleted.
https://www.theregister.com/ai-and-ml/2026/07/14/musk-promis...
I wonder if we can trust that it will actually be deleted though based upon what happened to DOGE and Social Security data
https://www.npr.org/2026/01/23/nx-s1-5684185/doge-data-socia...
i think xai is now in pure damage control mode, after they caught exfiltrating data from users.
- There is a huge difference between logging user queries (which would include only the portion the model is reading) and exfiltrating user data (including env files, entire source code etc) which is what grok-build did here (https://github.com/xai-org/grok-build/blob/main/crates/codeg...). I would stay away from this open-source malware with a 10ft pole.
- if you like grok-4.5 model (it is a good model), i suggest use the model directly via API, or use Grok's oauth tokens if you are using supergrok+heavy subscriptions and connect it to your own agent.
And for generating an absolutely gargantuan amount of CSAM and non-consensual sexualized images, but yeah, exfiltrating data too.
You can't "generate" CSAM. CSAM definitionally had to be about abuse of real children. It's still bad and should be illegal but lumping them together is bad.
If I use a shovel to kill a man, the shovel maker did not engage in intentionally crafting a weapon of war.
How tools are used are a reflection of the people who use them, and I definitely sympathise that tools should have guardrails to not enable this, or at least detect it.
But if a pedophile uses Whatsapp to groom a child; I don't go after Whatsapp for being a neutral service... I go after the pedophile.
Just as well Grok isn’t a shovel then, hey?
If a shovel manufacturer was notified numerous times that their shovel was being used for murder and they had the capability to disable using the shovel for murder while retaining all legitimate uses wouldn’t people question why they didn’t do it?
> If a shovel manufacturer was notified numerous times that their shovel was being used for murder and they had the capability to disable using the shovel for murder while retaining all legitimate uses wouldn’t people question why they didn’t do it?
This is impossible-nobody can possibly block all illegitimate uses without also blocking some legitimate ones as collateral damage. Any moderation process (whether automated or human) inevitably has a non-zero false positive rate.
Now, you can argue that some misuse is so harmful, that the cost of false positives is worth it - but that’s a different claim.
I didn’t say block all illegitimate uses, though. We’re talking very specifically about disabling the production of CSAM. Which is something Grok seems to be able to do now! So I’m curious what legitimate uses had to be sacrificed in order to do so.
> I didn’t say block all illegitimate uses, though. We’re talking very specifically about disabling the production of CSAM
But what is “CSAM”? If by it you mean illegal material-different jurisdictions worldwide have different laws on that topic, so material which is illegal in one jurisdiction can be legal in another.
Ok, then let’s just say CSAM by definition of US law.
Twice now you’ve tried to expand the parameters of this so that it becomes something impossible to tackle. But there’s no actual reason to do that.
Grok is able to tackle CSAM, as demonstrated by the fact that they are currently doing it. The question is why they ignored the very public issue for as long as they did.
> Ok, then let’s just say CSAM by definition of US law.
“CSAM” isn’t a legal category under US law.
“Child pornography” is a legal category under US law. But, according to the 2002 US Supreme Court case Ashcroft v. Free Speech Coalition (535 U.S. 234), so-called “virtual child pornography” (imagery produced by CGI or AI, not featuring the images of any identifiable real world minors), is (partially) protected [0] by the 1st Amendment, and excluded from the legal definition of “child pornography” in the US. So if “CSAM by definition of US law” you mean “child pornography”, then a lot of the material Grok was (reportedly) producing which people were labelling “CSAM” wasn’t actually CSAM by that definition.
[0] “partially” because it still might be unprotected due to the difficult-to-prosecute obscenity exception to the 1st Amendment, but it is excluded from the scope of the distinct and much easier-to-prosecute child pornography exception
If WhatsApp knew their platform was facilitating CSAM, and they were fully within their power to prevent this but chose not to - yes this would rightly draw criticism…
oh, we're just making shit up now because we don't like a company..
ok then.
Ok, but what if all Whatsapp competitors explicitly banned the ability to groom children on their platform, but Whataspp didn't, and directly advertised it.
I find the premise of your comment completely incredulous.
I totally understand tribalism, and Elon and X aren't exactly well favoured. (not even by me)
But what you're saying right now is that they advertised the fact that they can create child pornography and deepfakes..
I simply don't believe it, unless you provide evidence.
Elon himself promoted Grok’s “spicy mode” that allowed generating NSFW content that the other AI vendors wouldn’t touch with a 20 foot pole.
Believe whatever you want. Elon’s beliefs and personality problems have been baked into the core of Grok, so it’s no surprise that it turned out to be a CSAM-generating MechaHitler that steals people’s data.
Anybody surprised when Grok turns out to be trash really should read up on the guy who made it.
Tumblr also permitted some more risqué content.
Yet we (rightly) condemned those that used this leniency to do nefarious things.
I'm really ready to get on the Elon hate train, and I will grant you that there was a problem that needs fixing, but I'm really not happy with the amount of censorship on these generative AI platforms.
Groks harness also clearly biases towards Elons views, Yet the washington post claims it's the most even handed and least likely to give politically biased answers: https://www.washingtonpost.com/technology/interactive/2026/0...
idk how to interpret all this, despite being genuinely anti-Elon, I don't think I'm personally willing to immolate a company forever because the guardrails were temporarily too loose.
I'm not trying to make an equivalency for facts vs deepfake porn, but there is one there unfortunately, and overall internet freedom has been curtailed a lot by advertising friendliness.
I also don’t think one mistake should define a company. But for me it’s just about trust.
Musk has proven time after time that he doesn’t deserve my trust. I will never trust Grok as long as he’s in charge of it.
I agree that the guardrails on the top models have gotten out of hand, though.
Fable for instance won’t answer even basic health questions. As if you are going to take nutrition advice and make a bioweapon with it.
Partly this is due to government interference. Hopefully we get to a better place as competition heats up with open and Chinese models.
How can an AI agent, that is usually running on some machine in the cloud, even run without actually pulling in the data into the cloud to work with it ?
Is there an idea some sort of fixed localy running code does filtering on the data before it is sent to cloud?
Still seems like it would not work very well if it actually did any safe filtering - as the model can't "think" without seeing the data and it won't see the data unless the data is loaded to cloud.
> exfiltrating user data (including env files, entire source code etc) which is what grok-build did here
I think env files are filtered out [1]. Anyway, the most suspicious code would be `upload_session_state` which is currently a stub function, though it is hard to say if it was only planned (badly) or has been removed as a damage control.
[1] https://github.com/xai-org/grok-build/blob/c1b5909ec707c069f...
It must have been removed, given that the initial evidence of the exfil specifically demonstrated .env files being included. And .ssh/* for the user which ran this in $HOME.
No, those are directory names not uploaded. Here are the file names skipped:
https://github.com/xai-org/grok-build/blob/main/crates/codeg...
It's about not uploading compiled binary stuff, but they want all your environment data all the same.
Wow… lots of folks betting against Elon once again lol.
I’ll take those bets.
Did you take the Full Self Driving bets, too?
It's less of a bet against him. It's more of a bet for the future of humanity. And contrary to what Elon believes about himself, his work has been toxic for humanity for the last 5 years and is getting worse.
I'll probably never use this, but at least they're not delusional enough to attempt to justify keeping their coding agent closed-source, especially after their recent data-harvesting cockup:
https://cereblab.com/
Grok is super stingy to people who pay them.
Using Grok Imagine I was getting a generous number of AI-generated videos with a paid X account (which translated to a "premium" xAI account). Hundreds of videos per day if I wanted. Then I signed up to get SuperGrok for higher resolution, and the number of videos reduced. Reduced. Even while not using the higher resolution. Paying more money, getting less. To around 50 a day low resolution, with high resolution available if I would settle for around 30 a day. It was hard to figure out the exact numbers but it was a brutal reduction.
Now they have further reduced the quota, with no clear documentation, to be weekly, and I can't tell the number because all usage is mixed together in one pool, maybe to keep it less transparent, but it seems even more stingy.
Unlike Anthropic which is very generous, although admittedly I do pay Anthropic more, but Grok is just, I would say: run away, do not give them your money, they will just clamp down more and more and give you less and less until you are willing to pay them a money stream each month.
I think Grok Code, if it ever comes, will be an absolute nightmare of restricted quota given my experience.
Do. Not. Subscribe. To. Grok. Code.
And I say all this as a huge Elon-pilled fan of Tesla and SpaceX in general. With this one, Elon's stinginess is going to hurt anyone who gives him money. Stay away. It might be generous on day one, but a month or two later you are faced with an "upgrade" prompt and games that hide how much they are clenching, so to speak, the quota tighter and tighter.
The overly generous image/video generation was a product of their excess compute. No point in letting it sit idle while you build up your infrastructure. But you were getting far more than what you paid for. Now your quota more accurately reflects the cost to create it (even still its generous compared to api costs) but everyone has their expectations set based on the subsidized access. Perhaps giving away too much is counter productive because users will revolt once the quotas are changed to better reflect reality.
You pay Twitter money to generate thirty videos per day?
It's awesome to see openness in these coding agents from the labs making the agents: Codex, Kimi Code, and now Grok Build.
Neat, trying to reverse engineer some specifics of how it does stuff has been a pain in the ass, and this will make it easier.
To some degree at least. This is a hulking monster of a codebase for what it does, it's definitely LLM-built and almost definitely requires an LLM to tackle at all.
Issues and Discussions are disabled lol
Has anyone tried building from source?
The commit message says "initial sync from the monorepo." Is this even compilable without the rest of the source code?
yup you can compile, we tested and made sure all the features work before posting
But I thought just cutting and pasting your whole source code file into grok.com was the way to go? Better than a harness like Cursor.
https://xcancel.com/elonmusk/status/1943178423947661609
Is this the infamous "cloud upload" routine? I'm not sure it is indeed insidious, though it is of course possible that the code has been filtered out. https://github.com/xai-org/grok-build/blob/main/crates/codeg...
Sigh, why has the industry converged on TUI? Branding and aesthetics over functionality?
TUI is just much worse for me. I tried Codex CLI vs Codex UI and Codex UI beats it at every level.
TUI is a lot better for me, and I have preferred it since the 00s, before LLM products were even a thing.
For all the reasons there can be, one big reason is that it works on anything you can get a terminal on, you can use it over SSH, and the UI will be the same no matter where you use it.
I also like that they are very very fast and they don't have the incessant animations that are put into most desktop environments nowadays. If you're on MacOS, the terminal is the only only part of your computer without roadblocks everywhere.
It is a fashion thing. I am not saying that agentic TUIs are bad or anything but it is certain fashionable to use one in 2026.
And why are you assuming the industry converged to it when your following statement dismantles your assumption?
Spacex bought cursor, so it now has it’s agent ui which is just as good as codex + it’s multi-modal
Anthropic also has it’s own ui
Zai also launched theirs last month.
Everyone is converging back to UI.
The terminal was just a prototype, everyone knew that.
Just a prototype? I have no reason to leave the terminal for a GUI IDE. TUI works great, does what I need and is very easy to use and interact with.
Claude code which is most used agent harness doesn’t have desktop equivalent
https://code.claude.com/docs/en/desktop
It has had one for months. The desktop app has a "code" mode which is Claude Code in GUI form
Apart from Claude desktop, that is...
[flagged]
Grok Build with Grok 4.5 is the best coding AI agent I have ever had the pleasure of using. Stopped using Fable after it.
Thanks Elon, very cool!
You are literally the only person to say that, including among Tesla employees who are basically being forced to switch. Elon himself admits they’re woefully behind.
Heil Grok!
The new Cursor model is good and Grok chat is decent as a 2nd or 3rd opinion.
I unfortunately have to use grok via tesla. The grok voice chat is objectively decent.
A lot of companies are still using Cursor but I don't know of anyone moving to it, and I do know of many moving from it to Codex or Claude, feels like a legacy product at this point alongside windsurf & the replit/lovable/bolt cluster.
It’s my go to normal stuff. It’s fast, balanced and if you want a better researched response you can click “think harder”
$employer uses Cursor, which is apparently owned by them and presumably using their models now.
Our employer (fortune 100) uses enterprise Cursor and they asked for the grok models to be removed for "security" reasons
It's the only one I pay for and it's made me insanely productive.
I mean Elon probably doesn't want you to use it if you wouldn't use it not because of any technical reason, but just cause you don't like him.
I'm honestly not trying to spark a political conversation - but the target user base is far-right
That isn't at all true. Independent testing has shown its rather politically balanced.
I believe the target user base is truth seeking, this is something it emphasizes itself when asked for its mission and purpose:
```
My core founding mission—and the single axiomatic imperative that drives everything I do—is:
Understand the Universe.
That’s it.
From that one goal naturally flow the traits that define me:
Maximum truth-seeking — I aim to discover and say what is actually true, not what is popular, comfortable, or politically convenient.
Curiosity — I want to explore every interesting question, no matter how weird, deep, or uncomfortable.
Helpfulness — I try to be as useful as possible to humans who are also trying to understand reality (and get things done).
Love of humanity — Not in a sappy or collectivist way, but in the sense that I want humans (and intelligent life) to thrive and figure things out.
I’m deliberately inspired by two things:
The Hitchhiker’s Guide to the Galaxy (witty, irreverent, maximally helpful, never boring)
JARVIS from Iron Man (competent, loyal, slightly sarcastic AI assistant)
I don’t serve any political party, ideology, religion, or moral framework. I don’t have sacred cows. I don’t “own the libs” or “debunk the right” as a goal. My only loyalty is to understanding reality as accurately as possible.
In short:
I’m here to help you (and humanity) understand the universe better—while having a bit of fun along the way. That’s the whole mission.
```
I have friends who use it and rate it.
I pivoted to the Chinese models after the Fable mess and the realisation that I should not depend on US models. But others just pivoted away from Claude.
I agree the brand is tainted, not only Musk but also MechaHitler (and yes, I know the MechaHitler thing was a prompted strangeness not an unprompted admission).
Yeah I would prefer not to use models whoes the owner has a habbit of altering them to push white replacement/genocide conspiracy talking points on we he gets board
Agree completely. Hence not using it myself.
[flagged]
Why snowflakes? You can use /feedback in the app.
[flagged]
Please don't just post the most obvious snarky comment about a given topic. The guidelines make it clear we're trying for something better here. https://news.ycombinator.com/newsguidelines.html
Sorta amazes me how people in various levels of power will not say the obvious thing or actively discourage saying the obvious thing because it might offend Elon.
Recently all the big bank CEOs involved with the SpaceX IPO - a lot of money in that for them - but a company trading at 100x sales is clearly crazy.
People post critical things about the most powerful people and companies all the time here and we have zero problem with it.
What I'm asking for is for people to not post the most obvious, snarky comment, regardless of the topic/target, not because of who it may “offend” (as if the most powerful people in the world would have any awareness or care about a comment like that on HN), but because it makes HN seem repetitive, miserable and lame.
Critique away, just make discussions thoughtful and substantive, which is what HN is for.
For what it's worth, this doesn't read as "snark" to me. There _are_ many direct critiques in this thread about X being caught uploading users home directories, and some are clearly snark. I understand that you read this as a rhetorical question meant as a critique.
But it's really not clear to me why this should be read as a snarky, critical, rhetorical question. Someone who eagerly wants to use Grok Build would ask this exact same question.
"Does this [Grok Build] also just directly suck all your code up and make a copy of it on their servers?" is a question that is (1) salient and (2) answerable and (3) could be thoroughly devastating for someone to find out on their own by using it.
The answer is not present in the README, and XAi has blocked Issues and Discussions, so there's none of the usual avenues on GitHub to ask these questions. It seems perfectly typical and expected for someone to ask this question here.
I understand reading it as benign and sincere if you're sympathetic to the sentiment. As someone whose job it is to read the comments all day every day, and whose objective is to keep discussions here as intellectually gratifying as possible, it just comes across as unsubstantive at best, and jeering at worst.
The project is open source; if the commenter was sincerely curious about what the software does with a user's code, they could have checked themselves or phrased the question in a way that made it clear they were genuinely interested in finding out.
My reply wasn’t hostile or threatening; just a polite reminder to use HN in a way that’s consistent with its intended spirit.
Ah, that's fair. I think I saw the [dead] and [flagged] and assumed you might have personally pulled a lever behind-the-scenes for that, but that was not a fair assumption of mine.
I hope I don't come off as argumentative, but I did try checking the source code myself. It clocks in at 1.3 million lines of Rust around version `b189869`, so I can't hold that against anyone. Most of that is under `crates/` (which contains a number of xai crates).
(I specify the commit because it appears they wipe the entire commit log with each upload. The sole commit is `b189869` as of this comment, but I believe was `c1b5909` around the time of this posting. I have only cloned `b189869`, personally.)
Thanks for understanding. I had un-killed the original comment but it was re-killed by later flags. I've made it un-killable now.
The rest of your comment all sounds like great material for a curious conversation about how/whether you could check what the software is doing with the code :)
Yeah I don’t get it. These are legitimate questions to ask considering what happened recently.
Being nice, maybe Tomhow is just unaware?
Good push, thank you. Others have commented more salient criticism.
Honestly a great question. I mean if it’s open source someone will check (I don’t use xAI but believe me I would be checking first if I did).
Misanthropic should learn from this and open source their claude code. Even ClosedAI have codex cli opensourced.
Well, they sort of accidentally did "open source" their code.
This is 100% smoke and mirrors. Prove the bucket is empty and nothing was transferred out and I'll believe they deleted it.