experimental/Security-new-dataflow/CWE-078/CommandInjection.ql