==== Disable shell integration

In most cases, command execution libraries propose two ways to execute external
program: with or without shell integration.

When shell integration is allowed, an attacker with control over the command
arguments can simply execute additional external programs using system shell
features. For example, on Unix, command pipelining (`|`) or string
interpolation (`$()`, `<()`, etc.) can be used to break out of a command call.

Therefore, it is generally preferable to disable shell integration.