diff --git a/public/index.php b/public/index.php
index 05f354e..13220e8 100644
--- a/public/index.php
+++ b/public/index.php
@@ -2823,7 +2823,18 @@ switch ($action) {
             exit;
         }
 
-        // 1. git pull
+        // 1. git pull — vérifier que origin pointe vers le dépôt folio configuré
+        $_folioRepo = rtrim(folioRepoUrl(), '/');
+        exec('git -C ' . escapeshellarg(BASE_PATH) . ' remote get-url origin 2>&1', $_originOut, $_originCode);
+        $_originUrl = rtrim(trim(implode('', $_originOut)), '/');
+        // Normaliser : supprimer les credentials éventuels de l'URL (token@host → host)
+        $_originNorm = preg_replace('#https?://[^@]+@#', 'https://', $_originUrl);
+        $_repoNorm   = preg_replace('#https?://[^@]+@#', 'https://', $_folioRepo);
+        if ($_originCode !== 0 || $_originNorm !== $_repoNorm) {
+            $_SESSION['_update_log'] = "Le remote git 'origin' (" . $_originUrl . ") ne correspond pas à FOLIO_REPO_URL (" . $_folioRepo . "). git pull annulé.";
+            header('Location: /admin?tab=dashboard&notice=update_git_error');
+            exit;
+        }
         exec('cd ' . escapeshellarg(BASE_PATH) . ' && git pull origin main 2>&1', $_gitOut, $_gitCode);
         if ($_gitCode !== 0) {
             $_SESSION['_update_log'] = implode("\n", $_gitOut);