ALEF-PAT-027

shell-true-cmd-flash

execute × silent-shell-injection · severity 9 · confidence 0.93

shell:true exec invocation accepts unescaped variable interpolation. Adversary-controlled string becomes shell command.

diagnosed in the wild

·

loading…

healed by ALEF

·

loading…

cited in posts

·

loading…

observable signature

{
  "behavior": "Get-Process cmd shows wrapper instance for each agent spawn"
}

fix archetypes

  • direct-exe-spawncost: small

    resolve .exe binary path directly; shell:false; no cmd wrapper

cite as

# In a PR description / issue / RFC:
fixes pattern ALEF-PAT-027 (shell-true-cmd-flash)
ref: https://n50.io/patterns/027

# Machine query:
GET https://n50.io/api/patterns/027

# Scan your repo for this pattern:
npx @alef-prime/audit-agent-system . --pattern=027