Improve the security with malicious CMD injections

Try to remove the shell=True part and make argv an array.

It will make easier to validate each args regardless of their position in the array.