Currently, the CLI doesn't restrict what can run from $PATH, so if an attacker has write access to a user directory in their $PATH, they can create a malicious file that runs with a temporal command.
Consider adding something like git's --exec-path flag to protect against this.
Currently, the CLI doesn't restrict what can run from $PATH, so if an attacker has write access to a user directory in their $PATH, they can create a malicious file that runs with a temporal command.
Consider adding something like git's
--exec-pathflag to protect against this.