diff --git a/lib/utils/api.py b/lib/utils/api.py
index 7a22bb123..78a1f1a31 100644
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@@ -164,8 +164,8 @@ class Task(object):
             shutil.rmtree(self.output_directory)
 
     def engine_start(self):
-        self.process = Popen("python sqlmap.py --pickled-options %s" % base64pickle(self.options),
-                             shell=True, stdin=PIPE, close_fds=False)
+        self.process = Popen(["python", "sqlmap.py", "--pickled-options", base64pickle(self.options)],
+                             shell=False, stdin=PIPE, close_fds=False)
 
     def engine_stop(self):
         if self.process: