BashTool input validation security hardening

[RinZ27]

The BashTool currently allows some potentially unsafe shell syntax to pass through command parsing. We need to harden the input validation to prevent command injection and ensure a safer execution environment.

Specific improvements needed:

• Validate command names against invalid characters.
• Detect and block dangerous shell syntax like pipelines and redirections during parsing.
• Ensure the execution environment is sane.

[github-actions]

This issue might be a duplicate of existing issues. Please check:

• [Security Bug] Subagent permissions not enforced - configured restrictions ignored #7474: [Security Bug] Subagent permissions not enforced - configured restrictions ignored

While #7474 addresses permission enforcement for subagents, it's related to the overall security hardening of bash/tool execution. Feel free to ignore if this doesn't address your specific case.

[RinZ27]

Thanks for the heads up. Reviewed #7474, but this issue focuses specifically on input validation and sanitization for the BashTool itself, whereas #7474 deals with permission enforcement layers. Proceeding with this as a separate task.