Git Deployer

The skill provides a functional git deployment script but contains vulnerabilities due to a lack of input sanitization. Specifically, in `scripts/deploy.sh`, the `REMOTE_URL` and `SITE_PATH` variables are passed directly to `git` and `rsync` commands without validation, which could allow for argument injection (e.g., passing strings starting with dashes to execute arbitrary git configurations). Additionally, the script uses a predictable and potentially shared directory in `/tmp` based on the repository's basename, which could lead to data leakage or collisions in multi-user environments.