powershell/PSAvoidUsingInvokeExpression is a PSScriptAnalyzer diagnostic emitted by tally for PowerShell snippets embedded in Dockerfiles.
Description
Care must be taken when using theInvoke-Expression command. The Invoke-Expression executes the
specified string and returns the results.
Code injection into your application or script can occur if the expression passed as a string
includes any data provided from the user.
How
Remove the use ofInvoke-Expression.