Fix command injection

src/shell-integration/supported-shells/windowsPowershell.js

@@ -1,9 +1,9 @@
 import {
   addLineToFile,
   doesExecutableExistOnSystem,
-  execAndGetOutput,
   removeLinesMatchingPattern,
 } from "../helpers.js";
+import { execSync } from "child_process";
 
 const shellName = "Windows PowerShell";
 const executableName = "powershell";
@@ -14,7 +14,7 @@ function isInstalled() {
 }
 
 function teardown() {
-  const startupFile = execAndGetOutput(startupFileCommand, executableName);
+  const startupFile = getStartupFile();
 
   // Removes all aliases starting with "Set-Alias npm=", "Set-Alias npx=", or "Set-Alias yarn="
   // This will remove the safe-chain aliases for npm, npx, and yarn commands.
@@ -24,7 +24,7 @@ function teardown() {
 }
 
 function setup(tools) {
-  const startupFile = execAndGetOutput(startupFileCommand, executableName);
+  const startupFile = getStartupFile();
   teardown();
 
   for (const { tool, aikidoCommand } of tools) {
@@ -37,6 +37,19 @@ function setup(tools) {
   return true;
 }
 
+function getStartupFile() {
+  try {
+    return execSync(startupFileCommand, {
+      encoding: "utf8",
+      shell: executableName,
+    }).trim();
+  } catch (error) {
+    throw new Error(
+      `Command failed: ${startupFileCommand}. Error: ${error.message}`
+    );
+  }
+}
+
 export default {
   name: shellName,
   isInstalled,