Marko Elez, a 25-year-old worker at Elon Musk’s Division of Authorities Effectivity (DOGE), has been granted entry to delicate databases on the U.S. Social Safety Administration, the Treasury and Justice departments, and the Division of Homeland Safety. So it ought to fill all Individuals with a deep sense of confidence to study that Mr. Elez over the weekend inadvertently revealed a personal key that allowed anybody to work together immediately with greater than 4 dozen massive language fashions (LLMs) developed by Musk’s synthetic intelligence firm xAI.
Picture: Shutterstock, @sdx15.
On July 13, Mr. Elez dedicated a code script to GitHub known as “agent.py” that included a personal software programming interface (API) key for xAI. The inclusion of the personal key was first flagged by GitGuardian, an organization that makes a speciality of detecting and remediating uncovered secrets and techniques in public and proprietary environments. GitGuardian’s methods always scan GitHub and different code repositories for uncovered API keys, and fireplace off automated alerts to affected customers.
Philippe Caturegli, “chief hacking officer” on the safety consultancy Seralys, mentioned the uncovered API key allowed entry to at the very least 52 totally different LLMs utilized by xAI. The latest LLM within the listing was known as “grok-4-0709” and was created on July 9, 2025.
Grok, the generative AI chatbot developed by xAI and built-in into Twitter/X, depends on these and different LLMs (a question to Grok earlier than publication exhibits Grok presently makes use of Grok-3, which was launched in Feburary 2025). Earlier in the present day, xAI introduced that the Division of Protection will start utilizing Grok as a part of a contract value as much as $200 million. The contract award got here lower than per week after Grok started spewing antisemitic rants and invoking Adolf Hitler.
Mr. Elez didn’t reply to a request for remark. The code repository containing the personal xAI key was eliminated shortly after Caturegli notified Elez by way of e-mail. Nevertheless, Caturegli mentioned the uncovered API key nonetheless works and has not but been revoked.
“If a developer can’t hold an API key personal, it raises questions on how they’re dealing with much more delicate authorities info behind closed doorways,” Caturegli informed KrebsOnSecurity.
Previous to becoming a member of DOGE, Marko Elez labored for a variety of Musk’s firms. His DOGE profession started on the Division of the Treasury, and a authorized battle over DOGE’s entry to Treasury databases confirmed Elez was sending unencrypted private info in violation of the company’s insurance policies.
Whereas nonetheless at Treasury, Elez resigned after The Wall Avenue Journal linked him to social media posts that advocated racism and eugenics. When Vice President J.D. Vance lobbied for Elez to be rehired, President Trump agreed and Musk reinstated him.
Since his re-hiring as a DOGE worker, Elez has been granted entry to databases at one federal company after one other. TechCrunch reported in February 2025 that he was working on the Social Safety Administration. In March, Enterprise Insider discovered Elez was a part of a DOGE detachment assigned to the Division of Labor.
Marko Elez, in a photograph from a social media profile.
In April, The New York Occasions reported that Elez held positions on the U.S. Customs and Border Safety and the Immigration and Customs Enforcement (ICE) bureaus, in addition to the Division of Homeland Safety. The Washington Publish later reported that Elez, whereas serving as a DOGE advisor on the Division of Justice, had gained entry to the Govt Workplace for Immigration Evaluation’s Courts and Appeals System (EACS).
Elez shouldn’t be the primary DOGE employee to publish inner API keys for xAI: In Might, KrebsOnSecurity detailed how one other DOGE worker leaked a personal xAI key on GitHub for 2 months, exposing LLMs that have been customized made for working with inner knowledge from Musk’s firms, together with SpaceX, Tesla and Twitter/X.
Caturegli mentioned it’s tough to belief somebody with entry to confidential authorities methods once they can’t even handle the fundamentals of operational safety.
“One leak is a mistake,” he mentioned. “However when the identical kind of delicate key will get uncovered time and again, it’s not simply unhealthy luck, it’s an indication of deeper negligence and a damaged safety tradition.”
