>_
.issue.db
/highway-workflow-engine
Dashboard
Issues
Memory
Lessons
Audit Log
New Issue
Edit Issue #701
Update issue details
Title *
Description
Location: shell_command.py:60-83. Issue: While shlex.quote() used for variables, base command passed to shell=True. Unsanitized user input in command template allows injection. Fix: Validate command templates during submission, consider disallowing shell=True.
Priority
Low
Medium
High
Critical
Status
Open
In Progress
Closed
Won't Do
Due Date (YYYY-MM-DD)
Tags (comma separated)
Related Issues (IDs)
Enter IDs of issues related to this one. They will be linked as 'related'.
Update Issue
Cancel