# File lib/brakeman/checks/check_execute.rb, line 80 def check_open_calls tracker.find_call(:targets => [nil, :Kernel], :method => :open).each do |result| if match = dangerous_open_arg?(result[:call].first_arg) warn :result => result, :warning_type => "Command Injection", :warning_code => :command_injection, :message => msg("Possible command injection in ", msg_code("open")), :user_input => match, :confidence => :high end end end