diff --git a/utils/include/b_error/b_excep_utils.h b/utils/include/b_error/b_excep_utils.h
index ac01921650fd064d7b13a352fadeda3a37dd1afd..518cb9ff101b7e32afdfb7e90fcccf087b05a3e5 100644
--- a/utils/include/b_error/b_excep_utils.h
+++ b/utils/include/b_error/b_excep_utils.h
@@ -80,6 +80,13 @@ public:
      * @return std::string 返回绝对路径
      */
     static std::string Canonicalize(const std::string_view &path);
+
+    /**
+     * @brief 校验命令参数禁止命令注入
+     *
+     * @param argv 命令参数
+     */
+    static void VerifyArgv(const std::vector<std::string_view> &argv);
 };
 } // namespace OHOS::FileManagement::Backup
 #endif // OHOS_FILEMGMT_BACKUP_B_EXCEP_UTILES_H
\ No newline at end of file
diff --git a/utils/src/b_error/b_excep_utils.cpp b/utils/src/b_error/b_excep_utils.cpp
index 032f51b34e171014a63c918a4c6d139f017019b5..bd006cadf331613ac83e50db2d54c63dfda0534b 100644
--- a/utils/src/b_error/b_excep_utils.cpp
+++ b/utils/src/b_error/b_excep_utils.cpp
@@ -15,6 +15,7 @@
 
 #include "b_error/b_excep_utils.h"
 
+#include <algorithm>
 #include <string_view>
 
 #include "b_resources/b_constants.h"
@@ -24,6 +25,12 @@
 namespace OHOS::FileManagement::Backup {
 using namespace std;
 
+namespace {
+const vector<string_view> COMMAND_INJECTION = {
+    "--to-command", "--xform", "-op", "--checkpoint", "--checkpoint-action",
+};
+} // namespace
+
 void BExcepUltils::VerifyPath(const string_view &path, bool isExtension)
 {
     try {
@@ -48,4 +55,18 @@ string BExcepUltils::Canonicalize(const string_view &path)
         throw BError(BError::Codes::EXT_INVAL_ARG, "Invalid path");
     }
 }
+
+void BExcepUltils::VerifyArgv(const vector<string_view> &argv)
+{
+    for (auto &arg : argv) {
+        if (arg == nullptr) {
+            return;
+        }
+        if (std::any_of(COMMAND_INJECTION.begin(), COMMAND_INJECTION.end(),
+                        [&arg](const string_view &cmd) { return arg == cmd; })) {
+            HILOGE("Invalid argv: %{public}s", arg.data());
+            throw BError(BError::Codes::EXT_INVAL_ARG, "Invalid argv");
+        }
+    }
+}
 } // namespace OHOS::FileManagement::Backup
diff --git a/utils/src/b_tarball/b_tarball_cmdline.cpp b/utils/src/b_tarball/b_tarball_cmdline.cpp
index a5e3da653409bf4de325c6289fd2beb963e0252c..bdae2fb9564fb42a407965a6ae21bfd80a29d9e3 100644
--- a/utils/src/b_tarball/b_tarball_cmdline.cpp
+++ b/utils/src/b_tarball/b_tarball_cmdline.cpp
@@ -20,6 +20,7 @@
 #include <unistd.h>
 
 #include "b_error/b_error.h"
+#include "b_error/b_excep_utils.h"
 #include "b_filesystem/b_dir.h"
 #include "b_process/b_guard_cwd.h"
 #include "b_process/b_process.h"
@@ -69,6 +70,8 @@ void BTarballCmdline::Tar(string_view root, vector<string_view> includes, vector
         argv.push_back(exclude);
     }
 
+    BExcepUltils::VerifyArgv(argv);
+
     // 如果打包后生成了打包文件，则默认打包器打包时生成的错误可以忽略(比如打包一个不存在的文件)
     auto [bFatalError, errCode] = BProcess::ExecuteCmd(argv, IsTarFatalErrorOccur);
     if (bFatalError || (errCode && access(tarballPath_.data(), F_OK) != 0)) {