Mise's local credential_command executes untrusted config

Summary mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a repository can execute arbitrary shell commands when the victim runs a GitHub-related mis...