Settings

Reference

Environment variables

Paths and auth

VariableDefaultDescription
GROK_HOME~/.grokHome for config, auth, sessions, skills, plugins, and logs.
XAI_API_KEYAPI key when not using browser/session login (CI and headless).

Models and updates

VariableDefaultDescription
GROK_DEFAULT_MODELcatalog / configSession default model (same idea as -m / --model).
GROK_WEB_SEARCH_MODELbuilt-inModel used by the web_search tool.
GROK_MODELS_BASE_URLCustom inference base URL; model list from {base}/models.
GROK_MODELS_LIST_URL{GROK_MODELS_BASE_URL}/modelsOverride model-list URL when it differs from the default.
GROK_XAI_API_BASE_URLhttps://api.x.ai/v1xAI API base for API-key auth.
GROK_DISABLE_AUTOUPDATERunset (updates allowed)If set, suppress auto-updater for this process (CI/containers).

Tools, sandbox, and features

VariableDefaultDescription
GROK_SANDBOXoffSandbox profile: off, workspace, read-only, strict (or a custom profile name). Same as --sandbox.
GROK_SANDBOX_AUTO_ALLOW_BASH0Auto-allow bash inside an active sandbox (1/0).
GROK_RESPECT_GITIGNOREuse config if unsetForce gitignore filtering for search/read tools (1/0); overrides [tools] respect_gitignore.
GROK_WEB_FETCH0Enable the web_fetch tool (1/0). Off by default for security.
GROK_WEB_FETCH_PROXYEgress proxy URL for web_fetch.
GROK_MEMORY0Enable cross-session memory (1/0).
GROK_SUBAGENTS0Enable subagents / the task tool (1/0).
GROK_AGENTgrok-buildBuilt-in agent name, profile, or absolute path to an agent definition.
GROK_SHOW_THINKING_BLOCKS0Show reasoning/thinking blocks in the TUI (1/0).
GROK_WRITE_FILE1Disable the write tool with 0 (read-only sessions).
GROK_TOOL_SEARCH1On-demand MCP tool discovery for large toolsets (1/0).
GROK_LSP_TOOLS0Enable the LSP code-intel tool (1/0).

MCP, logging, and proxy

VariableDefaultDescription
GROK_MCP_STARTUP_TIMEOUT_SECS30Global MCP startup handshake timeout in seconds. Per-server startup_timeout_sec still wins.
MCP_TIMEOUTsame stackClaude-compatible MCP startup timeout in milliseconds (checked before GROK_MCP_STARTUP_TIMEOUT_SECS).
GROK_LOG_FILEWrite logs to this path (useful when the TUI captures stderr).
RUST_LOGLog filter for GROK_LOG_FILE and headless stderr (for example debug).
GROK_CRASH_HANDLER0On panic, write a report under $GROK_HOME/crash/ (1/0).
HTTPS_PROXY / HTTP_PROXY / NO_PROXYsystemStandard HTTP(S) proxy variables for outbound traffic.

Cursor / Claude compatibility scanners

All default on (true / 1 or false / 0):

VariableDescription
GROK_CURSOR_SKILLS_ENABLEDScan Cursor skills directories.
GROK_CURSOR_RULES_ENABLEDScan .cursor/rules/.
GROK_CURSOR_AGENTS_ENABLEDScan Cursor agent definitions.
GROK_CURSOR_MCPS_ENABLEDScan Cursor mcp.json.
GROK_CURSOR_HOOKS_ENABLEDScan Cursor hooks.
GROK_CLAUDE_SKILLS_ENABLEDScan Claude skills.
GROK_CLAUDE_RULES_ENABLEDScan Claude rules.
GROK_CLAUDE_AGENTS_ENABLEDScan CLAUDE.md / CLAUDE.local.md.
GROK_CLAUDE_MCPS_ENABLEDScan Claude MCP config.
GROK_CLAUDE_HOOKS_ENABLEDScan Claude hooks.

TOML Values

Project .grok/config.toml only contributes [mcp_servers], [plugins], and [permission]. Other sections belong in user config (~/.grok/config.toml or $GROK_HOME/config.toml).

[models]

SettingValues / defaultDescription
defaultmodel id (for example "grok-build")Model used for new sessions.
web_searchmodel idModel used by the client web_search tool.
default_reasoning_efforteffort level if supportedDefault reasoning effort for the default model.
session_summarymodel idModel used for session summaries.
image_descriptionmodel idModel used for image description.
extra_headersmapHeaders applied to every model (per-model keys win).
temperature / top_p / max_completion_tokensnumbersGlobal sampling defaults.
max_retriesnumberGlobal inference retry default.
stream_tool_callstrue / falseGlobal tool-call streaming request shape (some BYOK endpoints need false).
allowed_modelsglob listRestrict model picker / default / -m selection.
hidden_modelsid listHide from the picker (still usable via -m).
disabled_modelsid listRemove from the catalog (wins over hidden).

[model.<id>]

Custom / BYOK models (OpenAI-compatible or Anthropic Messages). Prefer env_key over hardcoding api_key.

SettingValues / defaultDescription
modelstringModel id sent to the API.
base_urlURLProvider endpoint.
namestringLabel in the model picker.
descriptionstringOptional description.
api_keystringInline API key (prefer env_key).
env_keyenv var nameEnvironment variable holding the API key.
api_backendchat_completions | responses | messagesProtocol.
temperature / top_p / max_completion_tokensnumbersSampling.
context_windowtokensContext window size (drives auto-compact timing).
extra_headersmapPer-request headers.
supports_backend_searchtrue / falseWhether the endpoint supports Grok-hosted server-side search tools.
supports_reasoning_effort / reasoning_effortbool / effortReasoning controls when supported.
stream_tool_callstrue / falsePer-model tool-call streaming.
max_retries / inference_idle_timeout_secsnumbersReliability.

[mcp_servers.<name>]

String fields such as url, command, args, env, and headers support ${VAR} expansion. Headers may also use {{session_id}}.

stdio

SettingValues / defaultDescription
commandstringExecutable (for example npx).
argsstring arrayArguments.
envmapProcess environment.
cwdpathWorking directory for the process.

HTTP / remote

SettingValues / defaultDescription
urlURLHTTP/SSE MCP endpoint.
headersmapRequest headers.
bearer_token_env_varenv var nameInject Authorization: Bearer from an environment variable.

Common

SettingValues / defaultDescription
enabledtrueEnable or disable the server.
startup_timeout_sec30Startup handshake timeout (seconds).
tool_timeout_sec6000Default per-tool-call timeout (seconds).
tool_timeoutsmap name → secondsPer-tool timeout overrides.

[tools] and [toolset.*]

SettingSectionValues / defaultDescription
respect_gitignore[tools]true / false (default false)When true, search and read tools skip gitignored files.
file_toolset[toolset]standard (default) | hashlineFile edit tool scheme.
timeout_secs[toolset.bash]seconds (default 120)Foreground bash command timeout.
output_byte_limit[toolset.bash]bytes (default 20000)Max captured bash output.
max_timeout_secs[toolset.bash]seconds (default 36000)Cap on model-requested foreground timeouts.
auto_background_on_timeout[toolset.bash]true / false (default true)Auto-background the command on timeout.
proxy_endpoint[toolset.web_fetch]URLEgress proxy for web_fetch.
allowed_domains[toolset.web_fetch]string arrayDomain allowlist override for web_fetch.

[sandbox] (config.toml)

SettingValues / defaultDescription
profileoff (default) | workspace | read-only | strict (or custom)Filesystem sandbox profile. Custom profile names are defined in sandbox.toml.
auto_allow_bashtrue / false (default false)Skip bash permission prompts when a sandbox profile is active.

sandbox.toml custom profiles

Define custom profiles in ~/.grok/sandbox.toml (user) or .grok/sandbox.toml (project). Activate with [sandbox] profile = "…" in config.toml, --sandbox, or GROK_SANDBOX. Built-in names (off, workspace, read-only, strict, devbox) cannot be redefined as custom profiles.

TOML

[profiles.project]
extends = "workspace"
restrict_network = false
read_only = ["/data"]
read_write = ["/tmp/scratch"]
# Kernel-enforced deny (read + write/rename). Entries with *, ?, or [ are globs.
deny = ["/data/shared-secrets", "**/.env", "**/*.pem"]
SettingValues / defaultDescription
extendsworkspace (default if omitted) | devbox | read-only | strictBuilt-in profile to inherit.
restrict_networktrue / falseRestrict network access (Linux seccomp when enforced).
read_onlypath listAdditional read-only paths.
read_writepath listAdditional read-write paths.
denypath or glob listKernel-enforced deny for read and write/rename. An entry is a glob if it contains *, ?, or [ (for example **/.env, **/*.pem).

A non-empty deny list is enforced at the kernel level when the sandbox can be applied. On Linux, read-deny requires bubblewrap. For managed deployments and policy, see Enterprise Deployment.

[session] and [cli]

SettingSectionValues / defaultDescription
auto_compact_threshold_percent[session]0–100 (default 85)Auto-compact when context usage reaches this percent.
load_envrc[session]true / false (default true)Inject .envrc variables into bash.
auto_update[cli]true / false (default on when unset)Check for CLI updates on launch.
channel[cli]stable | alphaRelease channel preference.
show_tips[cli]true / falseStartup tips.

[permission]

Project-scoped and user-scoped. Evaluation order: deny > ask > allow.

SettingValuesDescription
allow / deny / askrule string arraysCompact rules, for example Bash(git *), Read(src/**), Edit(**/*.rs), MCPTool(server__*).
rulesarray of { action, tool, pattern? }Verbose form. action: allow | deny | ask. tool: any | bash | edit | read | grep | mcp | webfetch.

[features], [subagents], and [memory]

SettingSectionValues / defaultDescription
web_fetch[features]true / falseEnable the web_fetch tool.
lsp_tools[features]true / false (default off)Expose the LSP tool.
write_file[features]true / false (default on)Enable the write tool.
tool_search[features]true / false (default on)MCP tool search / discovery.
enabled[subagents]true / falseSubagent / task tool master switch.
toggle[subagents.toggle]map of subagent → boolEnable or disable individual subagent types.
models[subagents.models]map of subagent → model idPer-subagent model routing.
enabled[memory]true / false (default off)Cross-session memory master switch.

[skills], [plugins], and [compat.*]

SettingSectionValuesDescription
paths[skills] / [plugins]path listsExtra skill or plugin directories.
disabled[skills] / [plugins]name listsDiscover but do not activate.
enabled[plugins]name listsExplicitly enable plugins (project plugins may default off).
skills / rules / agents / mcps / hooks[compat.cursor] / [compat.claude]true / false (default true)Scan Cursor or Claude harness directories.

Last updated: July 1, 2026