Show warning if using msg.sender or tx.origin in script without CLI flags being set

[devanoneth]

Component

Forge

Describe the feature you would like

Issue created after this discussion with @mds1 in the TG group: https://t.me/foundry_support/32128

If msg.sender and/or tx.origin are the defaults AND we find the CALLER or ORIGIN opcodes in the script's method being executed THEN log a warning and require the developer to confirm they want the script to run anyway.

If the sender and/or origin are not specified in the CLI but are used in the script, unintended addresses may be passed to other contracts resulting in unwanted outcomes e.g. a Uniswap output going to the wrong address.

In the warning they should instead be advised to use an address that they know e.g. the same address they are broadcasting with.

Additional context

No response

[zerosnacks]

Ran into this before myself, in favor of adding this!

[grandizzy]

@devanoneth there's a check added with #7141

foundry/crates/script/src/broadcast.rs

Lines 219 to 223 in 57bb12e

	if required_addresses.contains(&Config::DEFAULT_SENDER) {
	eyre::bail!(
	"You seem to be using Foundry's default sender. Be sure to set your own --sender."
	);
	}

Could you please check if the scenarios (tx.origin) you're using are covered? thank you!

[grandizzy]

@klkvr I think this one is already implemented, maybe missing for tx.origin, can you pls chime in? thanks!