fix: replace unsafe env loading with secure source method in pre-push hook

- Replace export RUN_TESTS_ON_PUSH=true with set -a; source .env.local; set +a
- Prevents shell injection from malicious environment variable values
- Eliminates risk of commands like 'RUN_TESTS_ON_PUSH=true; rm -rf /' being executed

Author: daniel-lxs

.husky/pre-push

@@ -20,7 +20,9 @@ $pnpm_cmd run check-types
 
 # Load .env.local if it exists
 if [ -f ".env.local" ]; then
-  export $(grep -v '^#' .env.local | xargs)
+  set -a
+  source .env.local
+  set +a
 fi
 
 # Run tests if RUN_TESTS_ON_PUSH is set to true