> Then don't run commands in PS1 that blindly execute arbitrary code in that directory.

That's like telling people "be secure". Nobody expected that git commands would do that, and also they shouldn't do that.

Not that I think this is a good fix...