diff --git a/python/CWE-078/CommandInjectionAudit.ql b/python/CWE-078/CommandInjectionAudit.ql
index 0ab3bfd9c7..7a05fe5fb5 100644
--- a/python/CWE-078/CommandInjectionAudit.ql
+++ b/python/CWE-078/CommandInjectionAudit.ql
@@ -21,5 +21,5 @@ import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.security.dataflow.CommandInjectionCustomizations
 
 from DataFlow::Node sink
-where sink instanceof CommandInjection::Sink
+where sink instanceof CommandInjection::Sink and sink.getScope().inSource()
 select sink, "Usage of command line"
diff --git a/tests/python-tests/CWE-078/audit/CommandInjectionAudit.expected b/tests/python-tests/CWE-078/audit/CommandInjectionAudit.expected
new file mode 100644
index 0000000000..bc338fdb96
--- /dev/null
+++ b/tests/python-tests/CWE-078/audit/CommandInjectionAudit.expected
@@ -0,0 +1,3 @@
+| cmdi.py:7:17:7:17 | ControlFlowNode for i | Usage of command line |
+| cmdi.py:9:17:9:17 | ControlFlowNode for i | Usage of command line |
+| cmdi.py:11:17:11:30 | ControlFlowNode for Fstring | Usage of command line |
diff --git a/tests/python-tests/CWE-078/audit/CommandInjectionAudit.qlref b/tests/python-tests/CWE-078/audit/CommandInjectionAudit.qlref
new file mode 100644
index 0000000000..fc6942675a
--- /dev/null
+++ b/tests/python-tests/CWE-078/audit/CommandInjectionAudit.qlref
@@ -0,0 +1 @@
+CWE-078/CommandInjectionAudit.ql
\ No newline at end of file
diff --git a/tests/python-tests/CWE-078/audit/cmdi.py b/tests/python-tests/CWE-078/audit/cmdi.py
new file mode 100644
index 0000000000..ab39e56298
--- /dev/null
+++ b/tests/python-tests/CWE-078/audit/cmdi.py
@@ -0,0 +1,11 @@
+import os
+import subprocess
+
+i = input("Enter command: ")
+
+# direct input
+subprocess.call(i, shell=True)
+# direct input, no shell
+subprocess.call(i)
+# format string
+subprocess.call(f"bash -c {i}", shell=True)
diff --git a/tests/python-tests/CWE-078/audit/options b/tests/python-tests/CWE-078/audit/options
new file mode 100644
index 0000000000..efa237f03c
--- /dev/null
+++ b/tests/python-tests/CWE-078/audit/options
@@ -0,0 +1 @@
+semmle-extractor-options: --max-import-depth=0