Safely building and invoking commands in Powershell scripts
Publish date: Apr 15, 2020
If you are building a command string where part of the string comes from a potentially unsafe source, using Invoke-Expression can be unsafe. This post shows how to build commands from unsafe inputs and execute it in a safe manner.
$args = @('-switch', 'staticarg', $arg3) $args += $unsafearg4 & 'executablepath.exe' $args