Elon Musk’s xAI exposed hundreds of thousands of Grok conversations to Google search

Published conversations include transcripts containing instructions for making fentanyl, explosives and malware

Elon Musk’s AI startup, xAI, has published hundreds of thousands of conversations between its Grok chatbot and users, making them publicly searchable on Google without warning.

The exposure stems from Grok’s “share” function. When users click the button to share a conversation, the chatbot generates a unique URL intended to allow distribution via email, text or other means.

But those URLs are also made available to search engines like Google, Bing and DuckDuckGo – effectively publishing the conversations to the web without clear disclosure to users.

A Forbes investigation found that Google has indexed more than 370,000 such conversations.

The shared pages include exchanges ranging from everyday tasks – like drafting tweets to requests for help with illegal activity.

Some transcripts reviewed by Forbes showed Grok providing detailed guides on how to manufacture methamphetamine and fentanyl, construct bombs, write malware and even plot an assassination attempt against Musk himself.

Other exposed chats revealed deeply personal material. Some users asked the AI for medical or psychological advice, shared names, personal details and even passwords. Documents uploaded through the system, including spreadsheets and images, were also publicly accessible via Grok’s shared pages.

Among the published conversations were those initiated by British journalist Andrew Clifford, who used Grok to summarise newspaper front pages and generate posts for his outlet Sentinel Current.

Clifford told Forbes he was unaware his chats would be discoverable through Google. Clifford has since switched to Google’s Gemini AI.

However not all users were so lucky. Some were misled into sharing sensitive content without realising it would be indexed.

Nathan Lambert, a computational scientist at the Allen Institute for AI, discovered that his own Grok-generated summaries of blog posts, meant for private team use, were accessible on Google.

“I was surprised that Grok chats shared with my team were getting automatically indexed on Google, despite no warnings of it, especially after the recent flare-up with ChatGPT,” Lambert said.

A similar incident was reported earlier this month involving OpenAI’s ChatGPT, where conversations marked as “discoverable” by users began appearing in Google searches.

Following criticism, OpenAI scrapped the feature. Chief information security officer Dane Stuckey called it a “short-lived experiment” that created too much risk of accidental oversharing.

At the time, Musk publicly celebrated OpenAI’s retreat. Grok’s official X account claimed it had no such sharing feature, to which Musk replied, “Grok ftw.” It is unclear when Grok added the share button.

According to Forbes, some of the illicit prompts may have originated from security researchers, red teamers or Trust & Safety professionals testing Grok’s boundaries. Still, the widespread indexing has raised alarms among professionals and ordinary users alike.

xAI has not yet issued a public statement on the matter.