diff --git a/.jules/sentinel.md b/.jules/sentinel.md
new file mode 100644
index 0000000..578bab5
--- /dev/null
+++ b/.jules/sentinel.md
@@ -0,0 +1,4 @@
+## 2024-05-24 - [Command Injection via String Interpolation in Shell Wrappers]
+**Vulnerability:** Found a command injection vulnerability where a dynamic variable was interpolated into a shell wrapper command string: `shell("/usr/bin/which \(tool)")`.
+**Learning:** Using string interpolation inside shell commands (`/bin/bash -c "..."`) allows user-supplied data containing shell metacharacters (e.g., `;`, `&`, `|`) to execute arbitrary commands.
+**Prevention:** Always use direct process invocation (`Foundation.Process`) without shell wrappers, passing dynamic user input strictly as isolated elements in the `process.arguments` array.
diff --git a/Sources/Cacheout/Models/CacheCategory.swift b/Sources/Cacheout/Models/CacheCategory.swift
index 7b3d942..6fb1ddc 100644
--- a/Sources/Cacheout/Models/CacheCategory.swift
+++ b/Sources/Cacheout/Models/CacheCategory.swift
@@ -186,8 +186,22 @@ struct CacheCategory: Identifiable, Hashable {
     }
 
     private func toolExists(_ tool: String) -> Bool {
-        let result = shell("/usr/bin/which \(tool)")
-        return result != nil && !result!.isEmpty
+        let process = Process()
+        process.executableURL = URL(fileURLWithPath: "/usr/bin/which")
+        process.arguments = [tool]
+        process.standardOutput = FileHandle.nullDevice
+        process.standardError = FileHandle.nullDevice
+        process.environment = [
+            "PATH": "/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin"
+        ]
+
+        do {
+            try process.run()
+            process.waitUntilExit()
+            return process.terminationStatus == 0
+        } catch {
+            return false
+        }
     }
 
     private func runProbe(_ command: String) -> String? {