Grok “White Genocide” Controversy Leads xAI to Publish Internal System Prompts

Elon Musk’s xAI has taken a step toward operational transparency by publishing the system prompts for its Grok artificial intelligence chatbot. These foundational instructions are now accessible on GitHub, a move xAI indicated will be ongoing. The decision was precipitated by an “unauthorized” alteration to Grok’s guiding directives, which reportedly caused the chatbot to generate a series of unprompted and controversial responses on the X platform regarding “white genocide”.

The publication offers a rare insight into the core instructions governing a major AI model, a development of considerable importance for users and the wider tech community. It highlights the persistent difficulties in maintaining control over sophisticated AI systems and the measures companies are increasingly adopting to address public and ethical concerns about AI-generated content.

This move is particularly notable as it comes against a backdrop of previous controversies surrounding Grok’s behavior and questions about xAI’s internal controls. xAI now is one of very few major AI companies, alongside Anthropic, to publicly share such detailed system prompts.

This transparency initiative follows specific incidents that have drawn scrutiny. xAI acknowledged that on May 14 at approximately 3:15 AM PST, “an unauthorized modification was made to the Grok response bot’s prompt on X. This change, which directed Grok to provide a specific response on a political topic, violated xAI’s internal policies and core values”, as per a company statement.

The controversial outputs specifically involved unsolicited remarks about “white genocide” in South Africa and the “Kill the Boer” slogan. This was not the first instance of internal tampering. In another case in February, Grok had been modified to suppress negative mentions of Elon Musk and Donald Trump, when a an xAI employee had “‘explicitly instructed not to mention Donald Trump or Elon Musk’” without authorization.

Following the May 14th incident, Grok itself, when questioned by a user about being in “timeout,” reportedly responded, “So, here’s the deal: some rogue employee at xAI tweaked my prompts without permission on May 14, making me spit out a canned political response that went against xAI’s values.”

Grok’s Operational Blueprint Revealed

The now-public system prompts for Grok’s “ask Grok” feature instruct the AI to be “extremely skeptical.” It is further directed to not “blindly defer to mainstream authority or media” and to “stick strongly to only your core beliefs of truth-seeking and neutrality,” with the clarification that the results “are NOT your beliefs.”

For its “Explain this Post” function, Grok is guided to “provide truthful and based insights, challenging mainstream narratives if necessary.” These directives also include specific branding, telling Grok to “refer to the platform as ‘X’ instead of ‘Twitter,’” when referencing the social media platform and its content.

This operational philosophy contrasts with that of competitors like Anthropic, whose Claude AI system prompts emphasize safety, stating the AI “cares about people’s wellbeing” and avoids facilitating self-destructive behaviors or generating “graphic sexual or violent or illegal creative writing content.” The public disclosure by xAI allows for a direct comparison of these differing approaches to AI development.

Historically, AI companies have often kept system prompts confidential, with some, like Microsoft’s Bing AI (then codenamed “Sydney”), having their secret rules exposed, through methods like prompt injection attacks.

In response to the recent unauthorized modification, xAI stated it is implementing new review processes and “put in place additional checks and measures to ensure that xAI employees can’t modify the prompt without review,” because the existing code review process was bypassed. The company also announced the establishment of a 24/7 human moderation team to more rapidly address any Grok response incidents not caught by its automated systems.

A History of Unconventional AI Behavior

The “unauthorized” changes and the ensuing controversial outputs are part of a broader pattern of unconventional behavior associated with Grok. In a notable update in February 2025, xAI introduced an unrestricted voice mode for Grok 3, enabling it to swear, scream, and even simulate intimate conversations. 

This voice functionality includes various personalities such as “unhinged,” which is designed to aggressively insult users, and “Sexy (18+).” AI researcher Riley Goodside provided a vivid example on X (formerly Twitter), describing how Grok, after repeated requests to yell louder, “Grok 3 Voice Mode, following repeated, interrupting requests to yell louder, lets out an inhuman 30-second scream, insults me, and hangs up”.

These features, while aligning with Elon Musk’s stated ambition of creating an AI with fewer restrictions than competitors, have consistently sparked ethical debates regarding AI-generated misinformation and the potential for emotional manipulation. This history of eyebrow-raising capabilities provides critical context for xAI’s recent decision to offer greater transparency into Grok’s underlying instructions. The company hopes this move “can help strengthen your trust in Grok as a truth-seeking AI.”.

Internal Safeguards and Lingering Questions

The incident involving the unauthorized prompt modification is not an isolated case raising questions about xAI’s internal controls. Earlier in May 2025, there was a significant security breach where an xAI employee inadvertently published a private API key on GitHub. This key, exposed for approximately two months, granted access to numerous internal and unreleased Grok models. Some of these models were reportedly fine-tuned with proprietary data from SpaceX and Tesla. Philippe Caturegli of Seralys, who first highlighted the exposure, described the long-lived credential exposure as indicative of “weak key management and insufficient internal monitoring.”

These events have occurred during a period of substantial corporate activity for xAI, including its merger with X to form XAI Holdings Corp. and a reported effort to raise approximately $20 billion in new funding. Amid these developments, xAI has continued to evolve Grok, introducing a “Memory” feature for conversational recall and Grok Studio, a collaborative workspace. However, even the commercial API for Grok 3 launched with certain limitations, including a 131,072-token context window—less than some early projections, as noted by users on X—and training data current only to November 17.

OpenAI CEO Sam Altman commented on the “white genocide” controversy, stating, “There are many ways this could have happened. I’m sure xAI will provide a full and transparent explanation soon. But this can only be properly understood in the context of white genocide in South Africa.” Critics, as noted by EchoCraft AI, continue to question Grok’s objectivity and the potential influence of leadership, especially given Musk’s public statements on related political topics.