At a minimum we should prevent special characters in PRs https://certitude.consulting/blog/en/invisible-backdoor/
