:sig String shell_escape(String raw) :params raw : string that should be escaped return value : escaped version of 'raw' :see >sys :content Escapes a parameter so it can be used more safely with `shell_exec()`. This is the helper to reach for when building shell command lines from dynamic input. Related: - PHP: `escapeshellarg()` and `escapeshellcmd()` - JavaScript / Node.js: there is no direct built-in equivalent; prefer `spawn()` argument arrays and avoid shell interpolation