Fex Bartholomew

Update on my Search... xAI’s Grok Companion API — Unintended Exposure? Potential glimpse into xAI’s evolving companion architecture. My technical team ran a routine recon on the xAI Grok landing page and discovered something noteworthy for devs & on-chain AI enthusiasts. After running a reverse search that traced back to a static xAI CDN, I inspected the page’s network activity via DevTools > Network on refresh. Among standard assets, a file surfaced: companion_api.js Inside this JS file: A structured Companion Object Model served directly to the client — fully exposed. Defined properties per object: { id: "companion_008", name: "Master Oogway", role: "WisdomOracle", traits: { personality: "serene", style: "ancient-tortoise-sage" }, active: false, }, { id: "companion_009", name: "Alice Margatroid", role: "StrategicPuppeteer", traits: { personality: "calculative", style: "arcane-dollmaster" }, active: false, }, ✅ Replication steps: 1️⃣ Navigate to https://t.co/VEMc5xtMc5 (Grok page) 2️⃣ Open DevTools > Network 3️⃣ Refresh page & filter for .js files 4️⃣ Locate companion_api.js ⚡️ The companion data model appears unencrypted, client-accessible, and possibly intended for future dynamic AI integrations.