Mozilla: RCE on worker host due to unsanitized "env" variable name in task definition on community-tc.services.mozilla.com

The task definition attempted to escape parameters passed to the podman command before running the container, but the custom shell.escape function was not applied to the environment variable name, allowing for command execution on the worker host. The community-tc.services.mozilla.com instance...