A vulnerability on Git has been recently announced. Malicious Git trees can be crafted and cause problems when being cloned or checked out. Nevertheless, cloning repos on GitHub should be safe:
Repositories hosted on
github.comcannot contain any of the malicious trees that trigger the vulnerability because we now verify and block these trees on push. We have also completed an automated scan of all existing content on
github.comto look for malicious content that might have been pushed to our site before this vulnerability was discovered.