Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution.

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution.
```suggestion
  execSync('chmod', ['+x', scriptPath], {
    stdio: "inherit",
    cwd: process.cwd(),
  })
  execSync(scriptPath, {
    stdio: "inherit",
    cwd: process.cwd(),
  })
```  @joe10832 /.github/copilot-instructions.md
/.github/instructions/**/*.instructions.md
**/AGENTS.md
/CLAUDE.md
/GEMINI.md

_Originally posted by @copilot-pull-request-reviewer in https://github.com/MunyayLLC/https-github.com-joe10832-onchaintestkit/pull/24#discussion_r2375102741_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution. #31

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution. #31

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions