diff --git a/.github/workflows/coverity-ss-action.yml b/.github/workflows/coverity-ss-action.yml
index 1e633b0f..a7454beb 100644
--- a/.github/workflows/coverity-ss-action.yml
+++ b/.github/workflows/coverity-ss-action.yml
@@ -26,7 +26,7 @@ jobs:
         coverity_user: ${{ secrets.COV_USER }}
         coverity_passphrase: ${{ secrets.COVERITY_PASSPHRASE }}
         coverity_policy_view: ${{ github.event_name != 'pull_request' && 'Outstanding Issues' || '' }}
-        coverity_prComment_enabled: true
+        coverity_prComment_enabled: false
         github_token: ${{ secrets.GITHUB_TOKEN }}
         coverity_build_command: mvn -B -DskipTests package
         coverity_clean_command: mvn -B clean
diff --git a/src/main/java/CommandInjection.java b/src/main/java/CommandInjection.java
new file mode 100644
index 00000000..b0fecc22
--- /dev/null
+++ b/src/main/java/CommandInjection.java
@@ -0,0 +1,13 @@
+// https://documentation.blackduck.com/bundle/coverity-docs/page/checker-ref/checkers/NO/os_cmd_injection.html
+
+import java.io.*;
+import javax.servlet.http.HttpServletRequest;
+
+public class CommandInjection {
+    public static Process runCmd(HttpServletRequest request) throws IOException {
+        String filename = request.getParameter("filename");
+        ProcessBuilder builder = new ProcessBuilder("cat", filename);
+        Process process = builder.start();
+        return(process);
+    }
+}