avoiding code injection attacks
https://puppet.com/docs/bolt/latest/writing_tasks.html#secure-coding-practices-for-tasks
Writing tasks is covered by we don't currently touch on the possibility of injection-based attacks via task parameters
Nothing that I know of. This will be important for people to have in the back of their minds, but won't be critical to them delivering engagements exactly