Consider the following:

    $ a='friend'
    $ b='printf "%s\n" "$a"'
    $ eval "$b"
    friend

This should be completely safe. Let's however say that `$b` is the same but `$a` is unknown. What security implications are there then to `eval "$b"` and what can I do to mitigate them?