{"id":"command-execution-dual-governance","text":"Command execution in FTL2 is governed at two independent levels: the policy engine enforces pre-execution access control (deny rules matching module, host, environment, and parameters with first-match semantics), while the command/shell distinction controls injection exposure at runtime (command runs without shell interpretation, shell enables pipes but triggers the same policy deny as command and raw).","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"command-execution-dual-governance","truth_value":"IN","reason":"premise"}]}}