fn is_valid_executable_path(cmd: &str) -> boolExpand description
Validate that a tool command is a safe executable path.
Commands must be:
- A relative path starting with
./tools/ - Free of shell metacharacters that could enable injection
- Free of path traversal sequences (
..)
This prevents shell injection attacks like cmd = "rm -rf / && echo hacked"
and path traversal attacks like cmd = "./tools/../../../bin/sh".