Relative path traversal in git MCP Server: data exfiltration using 'git_add'

Versions prior to 2026.1.14 of mcp-server-git (the reference Model Context Protocol implementation of git) are vulnerable to data exfiltration through relative path traversal. This would allow paths outside the repository to be added to the repo and exfiltrated by committing and pushing the repository.

The fix switched to using the git CLI for the add command (really unsure why it wasn't this way before?) which rejects out-of-tree paths.

Protecting from MCP git exfiltration:

1. Use MCP servers as little as possible. Whenever feasible, use direct tool calls instead of MCP abstractions.
2. Validate the actions of MCP servers before committing and pushing code. Ensure that code you're committing doesn't contain data or files you wouldn't expect.