yaml is a freaking security disaster waiting to happen, how many more times do we need to see a command injection vuln due to some lazy dev copy/pasting a yaml file off the internet