diff --git a/examples/other_languages.py b/examples/other_languages.py
index b91baeaf..3b8607a1 100644
--- a/examples/other_languages.py
+++ b/examples/other_languages.py
@@ -5,6 +5,8 @@
 import sys
 from subprocess import PIPE, Popen
 
+from security import safe_command
+
 from sigopt import Connection
 
 
@@ -23,7 +25,7 @@ def evaluate_metric(self, assignments):
     arguments = [
       "--{}={}".format(param_name, assignment) for param_name, assignment in assignments.to_json().iteritems()
     ]
-    process = Popen(self.command.split() + arguments, stdout=PIPE, stderr=PIPE)
+    process = safe_command.run(Popen, self.command.split() + arguments, stdout=PIPE, stderr=PIPE)
     (stdoutdata, stderrdata) = process.communicate()
     sys.stderr.write(stderrdata)
     return float(stdoutdata.strip())
diff --git a/requirements.txt b/requirements.txt
index 9a60bfe4..48c30c92 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,4 +5,5 @@ packaging>=21.3
 pypng>=0.0.20
 PyYAML>=5,<7
 requests>=2.25.0,<3.0.0
+security==1.3.1
 urllib3>=1.26.5,<2.0.0
diff --git a/sigopt/cli/utils.py b/sigopt/cli/utils.py
index 7734b24b..2f60af30 100644
--- a/sigopt/cli/utils.py
+++ b/sigopt/cli/utils.py
@@ -11,6 +11,7 @@
 import threading
 
 import click
+from security import safe_command
 
 from sigopt.factory import SigOptFactory
 from sigopt.run_context import GlobalRunContext
@@ -80,7 +81,8 @@ def run_subprocess_command(config, run_context, cmd, env=None):
   env = get_subprocess_environment(config, run_context, env)
   proc_stdout, proc_stderr = subprocess.PIPE, subprocess.PIPE
   try:
-    proc = subprocess.Popen(
+    proc = safe_command.run(
+      subprocess.Popen,
       cmd,
       env=env,
       stdout=proc_stdout,