content: ShellExecutor directly executes user-provided commands without sanitization
file: skill/executor/ShellExecutor.kt
code:
val fullCmd = if (args.isEmpty()) command else "$command ${args.joinToString(" ")}"
val process = ProcessBuilder("sh", "-c", fullCmd)description: This could lead to command injection vulnerabilities. Add input validation and sanitization before executing commands.
content: ShellExecutor directly executes user-provided commands without sanitization
file: skill/executor/ShellExecutor.kt
code:
description: This could lead to command injection vulnerabilities. Add input validation and sanitization before executing commands.