Problem
Message bodies passed as a positional argument go through the SENDER's shell first. Two real incidents: a double-quoted body containing $(...) had the substitution EXECUTE (leaking a real credential into a message), and a body containing backticks arrived with those spans silently evaluated/emptied. Both are sender-side quoting hazards, so send.sh can't intercept them after the fact — but it can offer an input path that avoids the shell entirely.
Proposal
Problem
Message bodies passed as a positional argument go through the SENDER's shell first. Two real incidents: a double-quoted body containing $(...) had the substitution EXECUTE (leaking a real credential into a message), and a body containing backticks arrived with those spans silently evaluated/emptied. Both are sender-side quoting hazards, so send.sh can't intercept them after the fact — but it can offer an input path that avoids the shell entirely.
Proposal
send.sh <team> <from> <to> --stdin(and/or--body-file <path>): read the body verbatim from stdin/file, no shell interpretation possible.