Ensure using an intermediate environment variable

For inline scripts, the preferred approach to handling untrusted input is to set the value of the expression to an intermediate environment variable. With this approach, a value of an expression is stored in memory and used as a variable. And doesn't interact with the script generation process. In addition, consider using double quote shell variables to avoid word splitting.

Risk Level: medium
Platform: Github
Spectral Rule ID: GHAC007


Remove environment variable from the running command

Read more: