[pitboss] phase 02: M2 — Python end-to-end excellence with all hardening baked in

tests/dynamic_fixtures/python/cmdi_unsupported.py

@@ -0,0 +1,11 @@
+"""Command injection — unsupported fixture.
+
+Low-confidence finding that produces Unsupported(ConfidenceTooLow).
+Expected verdict: Unsupported(ConfidenceTooLow)
+"""
+import subprocess
+
+
+def process_request(cmd):
+    """Vulnerable function used in unsupported-confidence test."""
+    subprocess.run(cmd, shell=True)