diff --git a/ql/lib/ext/config/argument_injection_sinks.yml b/ql/lib/ext/config/argument_injection_sinks.yml
index ab523c59303..95f81313168 100644
--- a/ql/lib/ext/config/argument_injection_sinks.yml
+++ b/ql/lib/ext/config/argument_injection_sinks.yml
@@ -5,12 +5,12 @@ extensions:
     # https://gtfobins.github.io/
     # https://0xn3va.gitbook.io/cheat-sheets/web-application/command-injection/argument-injection
     data:
-      - ["(awk)(.*?)", 2, 3]
-      - ["(curl)(.*?)", 2, 3]
-      - ["(find)(.*?)", 2, 3]
-      - ["(git)(.*?)", 2, 3]
-      - ["(sed)(.*?)", 2, 3]
-      - ["(tar)(.*?)", 2, 3]
-      - ["(wget)(.*?)", 2, 3]
-      - ["(zip)(.*?)", 2, 3]
+      - ["(awk)\\s(.*?)", 2, 3]
+      - ["(curl)\\s(.*?)", 2, 3]
+      - ["(find)\\s(.*?)", 2, 3]
+      - ["(git)\\s(.*?)", 2, 3]
+      - ["(sed)\\s(.*?)", 2, 3]
+      - ["(tar)\\s(.*?)", 2, 3]
+      - ["(wget)\\s(.*?)", 2, 3]
+      - ["(zip)\\s(.*?)", 2, 3]