diff --git a/jtd_codebuild/generators/generator.py b/jtd_codebuild/generators/generator.py
index e14d902..9150b5c 100644
--- a/jtd_codebuild/generators/generator.py
+++ b/jtd_codebuild/generators/generator.py
@@ -2,6 +2,7 @@
 import subprocess
 from typing import Dict, Any, AnyStr, List
 from ..utils import safe_mkdir
+from security import safe_command
 
 
 class JTDCodeGenerator:
@@ -66,10 +67,8 @@ def generate(
         target_language = target["language"]
         target_path = self.get_target_path(target)
         safe_mkdir(target_path)
-        process = subprocess.Popen(
-            self._codegen_command(self.schema_path, target_path, target_language),
-            shell=True,
-            stdout=subprocess.PIPE,
+        process = safe_command.run(subprocess.Popen, self._codegen_command(self.schema_path, target_path, target_language),
+            shell=False, stdout=subprocess.PIPE,
             stderr=subprocess.PIPE,
         )
         return [process]
diff --git a/jtd_codebuild/generators/typescript_generator.py b/jtd_codebuild/generators/typescript_generator.py
index 1777441..c7a68c2 100644
--- a/jtd_codebuild/generators/typescript_generator.py
+++ b/jtd_codebuild/generators/typescript_generator.py
@@ -3,6 +3,7 @@
 from typing import Dict, Any, AnyStr, List
 from ..utils import wait_for_processes
 from .generator import JTDCodeGenerator
+from security import safe_command
 
 
 class JTDCodeGeneratorTypescriptTarget(JTDCodeGenerator):
@@ -19,10 +20,8 @@ def _compile_typescript(self, tsconfig_path: str) -> subprocess.Popen:
         Args:
             tsconfig_path: The path to the tsconfig.json file.
         """
-        return subprocess.run(
-            f"tsc --project {tsconfig_path}",
-            shell=True,
-            stdout=subprocess.PIPE,
+        return safe_command.run(subprocess.run, f"tsc --project {tsconfig_path}",
+            shell=False, stdout=subprocess.PIPE,
             stderr=subprocess.PIPE,
         )
 
diff --git a/jtd_codebuild/tests/test_example_project_1.py b/jtd_codebuild/tests/test_example_project_1.py
index 02d9d83..2732f91 100644
--- a/jtd_codebuild/tests/test_example_project_1.py
+++ b/jtd_codebuild/tests/test_example_project_1.py
@@ -14,8 +14,7 @@ def test_example_project_1():
     # Run the command
     subprocess.check_call(
         "jtd-codebuild fixtures/example_project_1",
-        shell=True,
-        cwd=cwd,
+        shell=False, cwd=cwd,
     )
 
     # Check the output
diff --git a/jtd_codebuild/tests/test_example_project_2.py b/jtd_codebuild/tests/test_example_project_2.py
index 9c0762b..0d800ce 100644
--- a/jtd_codebuild/tests/test_example_project_2.py
+++ b/jtd_codebuild/tests/test_example_project_2.py
@@ -13,8 +13,7 @@ def test_example_project_2():
     # Run the command
     subprocess.check_call(
         "jtd-codebuild fixtures/example_project_2",
-        shell=True,
-        cwd=cwd,
+        shell=False, cwd=cwd,
     )
 
     # Check the output
diff --git a/jtd_codebuild/tests/test_example_project_3.py b/jtd_codebuild/tests/test_example_project_3.py
index a594b4e..a37ff96 100644
--- a/jtd_codebuild/tests/test_example_project_3.py
+++ b/jtd_codebuild/tests/test_example_project_3.py
@@ -13,8 +13,7 @@ def test_example_project_3():
     # Run the command
     subprocess.check_call(
         "jtd-codebuild fixtures/example_project_3",
-        shell=True,
-        cwd=cwd,
+        shell=False, cwd=cwd,
     )
 
     # Check the output
diff --git a/jtd_codebuild/tests/test_example_project_4.py b/jtd_codebuild/tests/test_example_project_4.py
index 7f9395e..85ad363 100644
--- a/jtd_codebuild/tests/test_example_project_4.py
+++ b/jtd_codebuild/tests/test_example_project_4.py
@@ -13,8 +13,7 @@ def test_example_project_4():
     # Run the command
     subprocess.check_call(
         "jtd-codebuild fixtures/example_project_4",
-        shell=True,
-        cwd=cwd,
+        shell=False, cwd=cwd,
     )
 
     # Check the output

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/Pixee-Bot-Python/jtd-codebuild/pull/6.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/Pixee-Bot-Python/jtd-codebuild/pull/6.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/Pixee-Bot-Python/jtd-codebuild/pull/6.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/Pixee-Bot-Python/jtd-codebuild/pull/6.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>