Status: IN
FTL2's command execution model balances power with safety: `command` runs without shell interpretation (injection-safe), `shell` enables pipes and redirects (more powerful), `creates` provides idempotency for both, and the policy engine treats command/shell/raw as equivalent — denying any one blocks all three to prevent circumvention.