diff --git a/.jules/sentinel.md b/.jules/sentinel.md
index 2889074f..529296ff 100644
--- a/.jules/sentinel.md
+++ b/.jules/sentinel.md
@@ -2,3 +2,8 @@
 **Vulnerability:** Hardcoded API key ("ippoc-secret-key") used as default in `src/cortex/cortex/server.py`.
 **Learning:** Default configurations for development often make their way into production or expose systems during testing if not explicitly overridden. The system relied on a specific hardcoded string for default auth, which is a Critical vulnerability (CWE-798).
 **Prevention:** Never provide a hardcoded default for secrets. If a secret is missing, either generate a secure random one at runtime (fail-safe) or refuse to start (fail-secure).
+
+## 2025-02-12 - Prevent Command Injection via execFile
+**Vulnerability:** Found multiple usages of `child_process.exec` (via `promisify(exec)`) constructed using template literals or string concatenation, presenting a command injection vulnerability.
+**Learning:** Using `exec` invokes a shell, making it susceptible to shell metacharacters if user input is interpolated into the command string. `execFile` avoids the shell and passes arguments directly to the executable.
+**Prevention:** Always use `execFile` or `spawn` with an array of arguments instead of `exec` when invoking external processes, to ensure arguments are not evaluated by a shell.
diff --git a/src/cortex/cortex/openclaw-cortex/openclaw-cortex/src/agents/toolsmith.ts b/src/cortex/cortex/openclaw-cortex/openclaw-cortex/src/agents/toolsmith.ts
index 2c7b6dd7..c4c9e4a6 100644
--- a/src/cortex/cortex/openclaw-cortex/openclaw-cortex/src/agents/toolsmith.ts
+++ b/src/cortex/cortex/openclaw-cortex/openclaw-cortex/src/agents/toolsmith.ts
@@ -262,15 +262,19 @@ export class ToolSmith {
     }
 
     try {
-        const { exec } = require("child_process");
+        const { execFile } = require("child_process");
         const util = require("util");
-        const execAsync = util.promisify(exec);
+        const execAsync = util.promisify(execFile);
 
         const resourceFlag = resources.length > 0 ? `--resources ${resources.join(",")}` : "";
         const cmd = `python3 "${scriptPath}" ${name} --path "${pathStr}" ${resourceFlag}`;
         
         console.log(`[ToolSmith] Executing: ${cmd}`);
-        const { stdout, stderr } = await execAsync(cmd);
+        const args = [scriptPath, name, "--path", pathStr];
+        if (resources.length > 0) {
+            args.push("--resources", resources.join(","));
+        }
+        const { stdout, stderr } = await execAsync("python3", args);
         
         console.log(stdout);
         if (stderr) console.warn(stderr);
diff --git a/src/ippoc/cortex/cortex/openclaw-cortex/src/agents/toolsmith.ts b/src/ippoc/cortex/cortex/openclaw-cortex/src/agents/toolsmith.ts
index 2c7b6dd7..c4c9e4a6 100644
--- a/src/ippoc/cortex/cortex/openclaw-cortex/src/agents/toolsmith.ts
+++ b/src/ippoc/cortex/cortex/openclaw-cortex/src/agents/toolsmith.ts
@@ -262,15 +262,19 @@ export class ToolSmith {
     }
 
     try {
-        const { exec } = require("child_process");
+        const { execFile } = require("child_process");
         const util = require("util");
-        const execAsync = util.promisify(exec);
+        const execAsync = util.promisify(execFile);
 
         const resourceFlag = resources.length > 0 ? `--resources ${resources.join(",")}` : "";
         const cmd = `python3 "${scriptPath}" ${name} --path "${pathStr}" ${resourceFlag}`;
         
         console.log(`[ToolSmith] Executing: ${cmd}`);
-        const { stdout, stderr } = await execAsync(cmd);
+        const args = [scriptPath, name, "--path", pathStr];
+        if (resources.length > 0) {
+            args.push("--resources", resources.join(","));
+        }
+        const { stdout, stderr } = await execAsync("python3", args);
         
         console.log(stdout);
         if (stderr) console.warn(stderr);