Pattern: Use of eval
Issue: -
Never pass untrusted or user controlled input to eval.
Unless you are implementing a REPL like irb or pry, eval is almost certainly not what you want. Do not attempt to filter user input before passing it to eval - this approach is fraught with danger and will most likely open your application up to a serious remote code execution vulnerability.
# bad
eval(something)
binding.eval(something)