Command injection

Untrusted input reaches a shell/OS command, allowing arbitrary command execution.

Prefer APIs that bypass the shell (exec without shell, library calls); strict allowlists for arguments; escape only as defense-in-depth; drop privileges

Observable signs that may indicate Command injection:

• Shell errors when user input contains separators like `&&`, `|`, `;`, or backticks.
• Unexpected files/processes created by requests containing crafted arguments.
• Behavior differences when input includes wildcard or redirection characters.