Yeah, I'm familiar with PS1, but I was a bit surprised to learn that simple things that a PS1 script might do (git status, perhaps) are attack vectors. It seems that one big concern is the core.fsmonitor option (which I just learned about now). From the git-config man page:
> If set, the value of this variable is used as a command which will identify all files that may have changed since the requested date/time.
That’s where you should have been concerned. Just typing a bare return will run some arbitrary code, as you, wherever you might be in the filesystem. If all of that isn’t under your control, someone can do anything to you.
> If set, the value of this variable is used as a command which will identify all files that may have changed since the requested date/time.