1. Security Flaw: Shell Injection Vulnerability in PytestRunner & CoverageAuditor Subprocess Calls
A critical shell injection vulnerability has been identified in two core components of the codebase, exposing systems to potential arbitrary command execution. The flaw resides in the use of `asyncio.create_subprocess_shell()` with unsafe string interpolation, allowing user-controlled input to be interpreted as shell c...