mirror of
https://gitee.com/spark-store-project/spark-store
synced 2026-06-14 02:03:51 +08:00
google-labs-jules[bot]
828ffd86e8
- Changed `shell: true` to `shell: false` in `spawn` calls within `electron/main/backend/install-manager.ts`. - Updated `AGENTS.md` documentation to reflect the security best practice. - Verified that the fix prevents command injection using a reproduction script. Co-authored-by: vmomenv <51269338+vmomenv@users.noreply.github.com>