{"id":"command-execution-security-model","text":"FTL2's command execution model balances power with safety: `command` runs without shell interpretation (injection-safe), `shell` enables pipes and redirects (more powerful), `creates` provides idempotency for both, and the policy engine treats command/shell/raw as equivalent — denying any one blocks all three to prevent circumvention.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"command-execution-security-model","truth_value":"IN","reason":"premise"}]}}