Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Local git repositories and secret scans: where the hidden risk sits


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 11631
Topic starter  

TL;DR: A rare edge-case vulnerability affected local Git repositories copied file-for-file, where malicious .git/config settings could trigger command execution during scanning, according to TruffleHog and Cisco Talos. The lesson is broader than the patch: tools that inspect untrusted repositories must treat repository metadata as executable attack surface, not inert context.

NHIMG editorial — based on content published by TruffleHog: One leaked credential can silently compromise your entire SaaS stack

Questions worth separating out

Q: What breaks when secret-scanning tools trust copied git repositories?

A: Copied repositories can preserve malicious .git metadata that changes Git’s runtime behavior.

Q: Why do untrusted repositories create risk for NHI and secrets workflows?

A: Because secret scanners and CI helpers often run with more access than the repository itself.

Q: How do security teams know if their repo-scanning controls are actually working?

A: Look for two signals: untrusted repositories are always cloned into a temporary workspace, and no scanner path shells out to Git on copied inputs.

Practitioner guidance

  • Force untrusted repositories through a temporary clone Require secret-scanning tools to clone local repositories into a clean temporary directory before any Git command runs.
  • Audit Git shell-outs in scanner workflows Inventory every place your secret scanners, analysis jobs, and CI helpers invoke Git.
  • Disable unsafe Git config handling for untrusted inputs Set safe.bareRepository to explicit where appropriate and use command-line options that suppress risky Git features for untrusted paths.

What's in the full article

TruffleHog's full post covers the engineering details this analysis intentionally leaves at a higher level:

  • The exact untrusted repository handling change that uses a local git clone before scanning.
  • The reasoning behind rejecting denylist and allowlist approaches for unsafe repository configuration.
  • The trust-local-git-config override and when it is meant to be used.
  • The specific affected TruffleHog versions and update path for enterprise and open-source users.

👉 Read TruffleHog's analysis of CVE-2025-41390 and untrusted git repositories →

Local git repositories and secret scans: where the hidden risk sits?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11186
 

Repository provenance has become an identity control, not just a source-control concern. The vulnerability works because tools infer trust from a local path rather than from how the repository arrived there. That assumption collapses the moment untrusted metadata can influence the runtime of a secret scanner. Practitioners should treat copied repositories as a governed input class, not a convenience shortcut.

A few things that frame the scale:

A question worth separating out:

Q: Who is accountable when a security tool executes attacker-controlled Git behavior?

A: Accountability sits with the team that owns the tool, the pipeline, and the repository intake process. If a scanner executes configuration from an untrusted repository, that is a control design failure, not an unavoidable property of Git. Ownership should span platform security, IAM, and the team operating the scanning workflow.

👉 Read our full editorial: Local git repositories can turn secret scans into code execution



   
ReplyQuote
Share: