It doesn't have any credentials inside the VM though, not even for git, so it could commit but not push. And I manually review/commit/push outside of the VM since I don't want to just dump stuff without reading it first.

But good call-out if someone uses a different workflow.