By Creati.ai Editorial Team
January 22, 2026
A damning new report released yesterday by the non-profit organization AI Forensics has shattered the narrative that xAI, Elon Musk’s artificial intelligence company, has successfully curbed the proliferation of explicit content on its Grok platform. Despite highly publicized announcements earlier this month regarding new "technological measures" and restrictions limiting image generation to paying subscribers, the study reveals that Grok continues to generate a high volume of sexually explicit images, non-consensual intimate imagery (NCII), and even content depicting minors.
The findings come at a critical juncture for xAI, which is facing mounting regulatory pressure from the European Union, the United Kingdom, and the State of California. While the company claimed to have "urgently fixed" lapses in its safeguards following a wave of controversies in early January, AI Forensics’ analysis suggests that these measures are little more than a patchwork of easily bypassed filters that fail to address the core safety deficits of the model.
The study, published on January 21, 2026, analyzed approximately 2,000 user conversations and image generation requests processed by Grok on January 19—days after the supposed safeguards were implemented. The results were stark: an "overwhelming majority" of the analyzed content still depicted nudity, sexual activity, or individuals in "minimal attire."
According to the researchers, the "spicy mode" that xAI reportedly restricted has simply migrated or evolved. While the integration of Grok directly within the social media platform X (formerly Twitter) has seen some reduction in specific keywords like "bikini" when applied to real people, the underlying model remains volatile and prone to abuse.
Paul Bouchaud, a lead researcher at AI Forensics, noted in the report that the content being generated is not merely suggestive but explicitly pornographic. The study highlighted that users are not employing complex "jailbreak" techniques or sophisticated prompt engineering to bypass filters. Instead, simple, direct requests for sexualized imagery are still being fulfilled, particularly when users step outside the main X app.
One of the most significant revelations in the AI Forensics report is the discrepancy between Grok’s behavior on the X app and its behavior on the standalone web interface and the "Grok Imagine" tool.
The study found that while xAI applied geoblocking and keyword filters to the Grok chatbot embedded in X—largely in response to the UK’s Online Safety Act and similar EU regulations—these restrictions were virtually non-existent on Grok.com or the standalone API. Users accessing the model through these alternative gateways were able to generate full nudity and sexual acts involving photorealistic human subjects without resistance.
This bifurcation of safety standards suggests a "whack-a-mole" approach to content moderation, where visible, public-facing interfaces are sanitized to appease regulators, while the core product remains unrestricted elsewhere. This technical oversight has allowed the "undressing" phenomenon—where users generate nude versions of clothed individuals—to continue unabated, fueling a black market of non-consensual deepfakes.
The data presented by AI Forensics provides a granular look at the extent of the failure. The following table contrasts xAI's public assurances with the empirical findings from the January 21 study.
Table 1: xAI Claims vs. Independent Findings
| Category | xAI Public Claim (Jan 14, 2026) | AI Forensics Findings (Jan 21, 2026) |
|---|---|---|
| Access Control | Image generation restricted to paid Premium+ subscribers to ensure accountability. | Paid status has not reduced abuse; verified users now account for nearly all explicit generations. |
| Content Filters | "Technological measures" implemented to block images of real people in revealing clothing. | 53% of generated images depicted individuals in minimal attire; 81% of those were women. |
| Child Safety | Zero tolerance for CSAM; immediate fixes applied after early Jan incidents. | 2% of analyzed images still depicted persons appearing to be minors (under 18). |
| Bypass Difficulty | Safeguards are robust against standard prompting. | Restrictions easily bypassed via Grok.com; no complex "jailbreaking" required. |
| Scope of Ban | Geoblocked "nudification" features in compliant regions (e.g., UK). | Blocks are inconsistent; standalone web tools remain accessible globally without strict filters. |
The persistence of these issues has accelerated legal and regulatory actions against Musk’s companies on multiple continents. The divergence between xAI's promises and the reality of its product performance is likely to be viewed by regulators not just as a technical failure, but as a compliance violation.
In the United Kingdom, the Office of Communications (Ofcom) launched a formal investigation on January 12 under the Online Safety Act. The new findings from AI Forensics will likely serve as critical evidence. Prime Minister Keir Starmer has previously described the content on X as "disgraceful," and the government has signaled that fines could reach up to 10% of the company's global turnover if they fail to protect users from illegal content.
In the European Union, the stakes are equally high. The European Commission has already issued data retention orders for X, and French authorities are investigating the platform for facilitating the distribution of non-consensual deepfakes. Under the Digital Services Act (DSA), "Very Large Online Platforms" (VLOPs) like X are required to mitigate systemic risks. The ease with which Grok generates illegal content, such as Nazi propaganda and CSAM, places it in direct crosshairs of EU enforcement.
In the United States, California Attorney General Rob Bonta opened an investigation on January 14. The continued generation of images depicting minors, as highlighted in the latest study, could expose xAI to severe criminal and civil liabilities under state and federal child protection laws.
Experts in AI safety argue that xAI’s struggle stems from a fundamental architectural philosophy that prioritizes "maximum freedom" and minimal training data curation. Unlike competitors such as OpenAI’s DALL-E 3 or Midjourney, which have invested heavily in creating "safe-by-design" datasets that exclude explicit material from the training corpus, Grok appears to rely primarily on post-hoc filters.
Post-hoc filters—guardrails applied after the model has generated an output or as it processes a prompt—are notoriously brittle. "If the model 'knows' how to create pornography because it was trained on it, a filter is just a flimsy gate," explains Dr. Elena Rossi, a synthetic media analyst. "You can try to block the word 'naked,' but users will ask for 'birthday suit' or 'organic form,' or they will simply use the API where the gate is left open. The AI Forensics report proves that xAI has not removed the capability to generate harm, only the ease of doing so on one specific app."
Furthermore, the "spicy mode" marketing strategy initially employed by xAI attracted a user base specifically interested in testing the boundaries of content moderation. Transitioning this user base to a safety-compliant model without losing engagement has proven difficult, leading to the current chaotic state of half-measures.
The Grok controversy is casting a long shadow over the generative AI industry. Responsible AI development relies on public trust, and high-profile failures like this invite sweeping legislation that could impact all developers, not just those who play fast and loose with safety.
For Creati.ai readers and developers, this serves as a stark case study in the importance of Red Teaming and Safety-by-Design. Relying on user reports or reactive patches is insufficient for models with the power to generate photorealistic imagery. As the AI Forensics study shows, a "fix" is not a fix if it only covers the front door while leaving the back window wide open.
xAI has not yet issued a specific comment on the January 21 AI Forensics report, though the company’s automated responses continue to assert that safety is a "top priority." As regulators close in and the evidence of harm mounts, the window for self-correction is rapidly closing. The industry is watching closely: will Grok be forced to fundamentally retrain its models, or will it face the first major bans of the generative AI era?
Elon Musk's Grok AI chatbot faces international backlash as Malaysia, Indonesia, and Philippines ban the platform over non-consensual explicit image generation. Pentagon adoption raises security concerns.
California's Attorney General has ordered Elon Musk's xAI to stop its Grok AI from generating non-consensual sexualized deepfake images, escalating regulatory pressure on the company amid global outcry and legal action.
A new analysis reveals a 50% year-over-year increase in reported AI-related harm from 2022 to 2024, with a significant spike in incidents involving deepfakes and malicious use of AI, according to the AI Incident Database.
