The convenience of not having to type your git credentials multiple times is traded with a higher exposure to running git commands you wouldn't have consented to if you were woke coding (vs. vibe coding).

Is this a known vulnerability, and how do we guard against it?