Improve the security with malicious CMD injections
Try to remove the shell=True part and make argv an array.
It will make easier to validate each args regardless of their position in the array.
More details here: https://twitter.com/bluxte/status/1355826759036502025?s=20