diff --git a/skills/agent-builder/scripts/init_agent.py b/skills/agent-builder/scripts/init_agent.py
index 2f401157e..66d66a689 100644
--- a/skills/agent-builder/scripts/init_agent.py
+++ b/skills/agent-builder/scripts/init_agent.py
@@ -29,6 +29,7 @@
 from anthropic import Anthropic
 from dotenv import load_dotenv
 import subprocess
+import shlex
 import os
 
 load_dotenv()
@@ -63,7 +64,7 @@ def run(prompt, history=[]):
             if b.type == "tool_use":
                 print(f"> {{b.input['command']}}")
                 try:
-                    out = subprocess.run(b.input["command"], shell=True, capture_output=True, text=True, timeout=60)
+                    out = subprocess.run(shlex.split(b.input["command"]), shell=False, capture_output=True, text=True, timeout=60)
                     output = (out.stdout + out.stderr).strip() or "(empty)"
                 except Exception as e:
                     output = f"Error: {{e}}"
@@ -89,6 +90,7 @@ def run(prompt, history=[]):
 from dotenv import load_dotenv
 from pathlib import Path
 import subprocess
+import shlex
 import os
 
 load_dotenv()
@@ -133,7 +135,7 @@ def execute(name: str, args: dict) -> str:
         if any(d in args["command"] for d in dangerous):
             return "Error: Dangerous command blocked"
         try:
-            r = subprocess.run(args["command"], shell=True, cwd=WORKDIR, capture_output=True, text=True, timeout=60)
+            r = subprocess.run(shlex.split(args["command"]), shell=False, cwd=WORKDIR, capture_output=True, text=True, timeout=60)
             return (r.stdout + r.stderr).strip()[:50000] or "(empty)"
         except subprocess.TimeoutExpired:
             return "Error: Timeout (60s)"