Don't print out shell snippets if we find anything malicious

This might be a little too much now, but since shell snippets are typically one-liners we might want to just buffer them before evaluation (this would not slow the execution too much), maybe if we find that the snippet is longer we can let it through line-by-line. We'd then evaluate the snippet and only let it through if it doesn't contain any malicious packages.