Untrusted Git Filter Execution

Repository-provided clean/smudge filter definitions get auto-installed during clone, so a malicious update can cause Git to execute attacker-controlled commands on the client, enabling remote code execution; similar trust gaps also block signing/verification for notes.