Execa Command Injection (VULN-01/02/03)

Description

Three CWE-78 OS command injection vulnerabilities from execa with shell:true and unsanitized input. Full cloud credential exfiltration possible.

src-20260409-9ae8df121bc8