[Security] subprocess invocation uses shell=True

[tejasae-afk]

File: cli.py (line 2978)

shell=True makes command construction bugs much easier to exploit.

[teknium1]

Audited both shell=True usages. Both are intentional and safe:

1. cli.py:3638 — User-configured quick commands from config.yaml. These are the user's own commands that may need shell features (pipes, redirects). The command string comes from the user's own config, not from model output or untrusted input.

2. transcription_tools.py:354 — Local STT command template. All interpolated arguments use shlex.quote() for injection protection. The template itself comes from user config.

In both cases, the trust boundary is the user's own config file — same trust level as the user running arbitrary commands in their own terminal. shell=True is the correct choice here because the commands may legitimately need shell features.