fix shell injection vulnerability in subprocess call

[bkhakshoor]

What does this PR do?

Fixed the shell injection vulnerability discussed in issue #2782. See issue for more detail.
I had trouble testing this, can you help me verify this is working properly?

Fixes #2782

Before submitting

• Was this discussed/approved via a Github issue? (no need for typos and docs improvements)
• Did you read the contributor guideline, Pull Request section?
• Did you make sure your PR does only one thing, instead of bundling different changes together? Otherwise, we ask you to create a separate PR for every change.
• Did you make sure to update the documentation with your changes?
  Not a significant change
• Did you write any new necessary tests?
• Did you verify new and existing tests pass locally with your changes?
  No, I had trouble testing these changes locally and in Circle, can you help me verify?
• If you made a notable change (that affects users), did you update the CHANGELOG?
  No notable changes

PR review

Anyone in the community is free to review the PR once the tests have passed.
If we didn't discuss your PR in Github issues there's a high chance it will not be merged.

Did you have fun?

Make sure you had fun coding 🙃

[codecov]

Codecov Report

Merging #2786 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master   #2786   +/-   ##
======================================
  Coverage      91%     91%           
======================================
  Files          76      76           
  Lines        6787    6787           
======================================
  Hits         6150    6150           
  Misses        637     637           

[ananyahjha93]

@bkhakshoor no worries, I will take look to verify if the changes work. For now, they are passing all the tests