Hey, I noticed you're using subprocess with shell=True inside tool execution.
If any part of that input is influenced by LLM/user input, this can lead to command injection.
Curious — how are you handling this currently?
I'm working on something specifically solving this without breaking dev workflows. Happy to share if useful.
Hey, I noticed you're using subprocess with shell=True inside tool execution.
If any part of that input is influenced by LLM/user input, this can lead to command injection.
Curious — how are you handling this currently?
I'm working on something specifically solving this without breaking dev workflows. Happy to share if useful.