DOGE staff posted private API keys for internal use by xAI on GitHub, allowing anyone to directly access xAI's AI models

Marco Erez, a 25-year-old employee of the Department of Government Efficiency (DOGE) , an organization led by Elon Musk, has been granted access to classified databases from the Social Security Administration , the Treasury Department, the Department of Justice, and the Department of Homeland Security. It has now been revealed that Erez inadvertently released a private key that gives anyone direct access to more than 40 Large Language Models (LLMs) developed by Musk's AI company, xAI.

DOGE Denizen Marko Elez Leaked API Key for xAI – Krebs on Security
https://krebsonsecurity.com/2025/07/doge-denizen-marko-elez-leaked-api-key-for-xai/

On July 13, 2025 local time, Erez committed a code script called 'agent.py' to GitHub. This script apparently contained an API key used internally by xAI. The API key was first discovered by GitGuardian , a company that specializes in detecting and repairing leaked information in public and proprietary environments. GitGuardian provides a service that scans GitHub and other code repositories, detects leaked API keys, and automatically notifies affected users of the leaked API keys.

Philippe Catulleri, chief hacking officer at security consulting firm Seralys , pointed out that the leaked API key allows access to at least 52 types of LLMs used by xAI. One of these was an LLM called 'grok-4-0709' that was just created on July 9, 2025. 'Grok 4' was officially released on July 10, 2025.

'Grok 4' has finally arrived, and although it is advertised as the 'world's strongest AI model' with performance exceeding that of inference models such as OpenAI, it has also been confirmed that it 'takes inspiration from Elon Musk's remarks' - GIGAZINE

Brian Krebs, who runs the security blog Krebs on Security, reached out to Erez for comment about the leaked API keys but he did not respond, although the repository that contained them was deleted shortly after Catulleri notified Erez of the incident.

The API key is still available at the time of writing, which Catulleri said raises the question of how developers are handling much more sensitive government information behind closed doors.

It has been pointed out that, as a DOGE employee, Erez transmitted unencrypted personal information stored in the Treasury Department's database to an external database. Erez also resigned from DOGE after his racist posts on social media were called into question. However, he was reinstated after Vice President J.D. Vance lobbied for Erez's reemployment.

In February 2025, TechCrunch reported that Erez had been in and out of the Social Security Administration as a DOGE employee. In March 2025, Business Insider reported that Erez was a member of the DOGE contingent working at the Department of Labor. In April 2025, The New York Times reported that Erez had been deployed as a DOGE employee to the U.S. Immigration and Customs Enforcement (ICE) and the Department of Homeland Security. In addition, The Washington Post reported that Erez had been granted access to the Executive Office of Immigration Review's Courts and Appeals System (EACS) while serving as a DOGE advisor at the Department of Justice.

Erez is not the first DOGE employee to expose xAI’s internal API keys. In May 2025, it was reported that another DOGE employee had exposed xAI’s internal API keys on GitHub for two months.

'You can't trust people who can't even manage the basics of operational security to have access to classified government systems,' Catulleri said. 'A single leak may be a mistake, but when the same type of secret key is leaked multiple times, it's not just bad luck but a sign of deeper negligence and a breakdown in security culture.'