docmost

This manifest entry is high-risk and likely malicious in intent: it grants an automated ability to add a git remote and push local repository contents to an external GitHub repository. If honored by tooling in CI or developer environments with available credentials, it enables immediate exfiltration of source code, history, and potentially embedded secrets. Treat as potentially malicious, block execution, remove the permission, audit environments for execution attempts, and investigate the target repository and any exposed credentials.