Yes, but if Homebrew is malicious, you'd have more problems than a specially-crafted repository that exploits a git vulnerability. You are installing something that has all user access rights.