From 4cf4086746b706bec56f189f3d844e4cae6a853d Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Wed, 20 May 2026 02:34:30 +0000
Subject: [PATCH] fix: V-008 security vulnerability

Automated security fix generated by OrbisAI Security
---
 selftest/run.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/selftest/run.py b/selftest/run.py
index 933272f..9be1f6a 100755
--- a/selftest/run.py
+++ b/selftest/run.py
@@ -27,6 +27,7 @@ def log(status, msg):
 def run(cmd, **kwargs):
     kwargs.setdefault("capture_output", True)
     kwargs.setdefault("timeout", 300)
+    kwargs["shell"] = False  # Explicitly prevent shell injection
     return subprocess.run(cmd, **kwargs)