docs: add Grok CLI agent page#229
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| from e2b import Sandbox | ||
|
|
||
| sandbox = Sandbox.create("grok", envs={ | ||
| "XAI_API_KEY": os.environ["XAI_API_KEY"], |
There was a problem hiding this comment.
🔒 Agentic Security Review
Severity: HIGH
The guide labels --always-approve as safe while the same page also demonstrates running Grok against cloned repositories with credentials in environment/clone flows. In this setup, attacker-controlled repository content (for example instructions embedded in files) can drive autonomous tool execution without any approval checkpoint.
Impact: Prompt-injection content in a target repo can trigger automatic actions that exfiltrate tokens or make unauthorized code changes during headless runs.
Reviewed by Cursor Security Reviewer for commit 5ce87bc. Configure here.
|
Preview deployment for your docs. Learn more about Mintlify Previews.
|
| if line: | ||
| event = json.loads(line) | ||
| print(f"[{event['type']}]", event) | ||
|
|
There was a problem hiding this comment.
🔒 Agentic Security Review
Severity: MEDIUM
This example logs the full streaming event object (console.log(..., event)), and the Python example below does the same. Streaming events can carry sensitive tool arguments/results, so copying this snippet into CI or shared logs may unintentionally expose secrets or private code context.
Impact: Sensitive runtime data may be persisted in log pipelines and become accessible beyond the intended operator scope.
Reviewed by Cursor Security Reviewer for commit d4b6c9c. Configure here.
1 participant
Summary
docs/agents/grok.mdxcovering the xAI Grok CLI in an E2B sandbox: headless run, cloned-repo example, parallel subagents (the marquee feature), streaming-json output, AGENTS.md context, and custom template build.docs.jsonunder "Agents in sandbox" and adds a card + mention on the Coding Agents use case page.Open items
groktemplate (e2b sbx create grok); confirm slug before publishing.images/icons/grok.svgreferenced by the frontmatter and use-case card.<Info>callout once GA.