This is an issue partially forked from #1111 to separate the constructing the path from file name entry of an archive in #1111 from the arbitrary command execution as they are unrelated and are touching different parts of the system.
https://sonarcloud.io/project/issues?impactSeverities=BLOCKER&issueStatuses=OPEN%2CCONFIRMED&id=embabel_embabel-agent
