AntiPattern
Command Injection via Strings
shell-command-injection-via-string-interpolation
Building shell command lines from unsafe, user-controlled strings breaks quoting/encoding assumptions and can redirect execution through mechanisms like execvp/sh -c or manipulated shell variables, risking arbitrary command execution and destabilizing URL parsing behavior.