The extension uses [execa in version 1.0.0](https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/blob/340d27c5c6b36db56141fb692cea5bb872436f73/package.json#L517) for various `git` related tasks. This version has [default setting](https://github.com/sindresorhus/execa/tree/v1.0.0#preferlocal) of `true` for `preferLocal` which means that the extension will search the git binary within the local project path. Due to this we can construct a repository which will execute arbitrary commands when the extension is trying to invoke `git`. The fix would be to set `perferLocal: false` [here](https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/blob/340d27c5c6b36db56141fb692cea5bb872436f73/src/git_service.js#L16-18).