"OS Command Injection" critical alert

[jasewarner]

I'm using this package (which is great, by the way – thank you!) and I've noticed a critical alert in my repo titled "OS Command Injection":

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options.

Is there a plan in place to fix this problem in a future release?