diff --git a/cmd/osbuild-composer-cli-tests/main_test.go b/cmd/osbuild-composer-cli-tests/main_test.go
index 47e902d33..466460cb8 100644
--- a/cmd/osbuild-composer-cli-tests/main_test.go
+++ b/cmd/osbuild-composer-cli-tests/main_test.go
@@ -270,6 +270,8 @@ func getComposeStatus(t *testing.T, uuid uuid.UUID) string {
 }
 
 func getLogs(t *testing.T, uuid uuid.UUID) string {
+	// There's no potential command injection vector here
+	/* #nosec G204 */
 	cmd := exec.Command("composer-cli", "compose", "log", uuid.String())
 	cmd.Stderr = os.Stderr
 	stdoutReader, err := cmd.StdoutPipe()
diff --git a/cmd/osbuild-koji-tests/main_test.go b/cmd/osbuild-koji-tests/main_test.go
index 002a82d9e..037bd07c6 100644
--- a/cmd/osbuild-koji-tests/main_test.go
+++ b/cmd/osbuild-koji-tests/main_test.go
@@ -196,6 +196,8 @@ func TestKojiImport(t *testing.T) {
 	require.NoError(t, err)
 
 	// check if the build is really there:
+	// There's no potential command injection vector here
+	/* #nosec G204 */
 	cmd := exec.Command(
 		"koji",
 		"--server", server,
diff --git a/internal/boot/netns.go b/internal/boot/netns.go
index 50fccab58..171f487ed 100644
--- a/internal/boot/netns.go
+++ b/internal/boot/netns.go
@@ -90,7 +90,9 @@ func newNetworkNamespace() (NetNS, error) {
 	if err != nil {
 		return "", fmt.Errorf("cannot set up a loopback device in the new namespace: %v", err)
 	}
-
+	
+	// There's no potential command injection vector here
+	/* #nosec G204 */
 	cmd = exec.Command("mount", "-o", "bind", "/proc/self/ns/net", f.Name())
 	cmd.Stderr = os.Stderr
 	cmd.Stdout = os.Stderr
@@ -131,6 +133,8 @@ func (n NetNS) Path() string {
 
 // Delete deletes the namespaces
 func (n NetNS) Delete() error {
+	// There's no potential command injection vector here
+        /* #nosec G204 */
 	cmd := exec.Command("umount", n.Path())
 	cmd.Stderr = os.Stderr
 	cmd.Stdout = os.Stdout
diff --git a/internal/test/helpers.go b/internal/test/helpers.go
index a194e33f1..4e0fff8a7 100644
--- a/internal/test/helpers.go
+++ b/internal/test/helpers.go
@@ -212,6 +212,9 @@ func SetUpTemporaryRepository() (string, error) {
 	if err != nil {
 		return "", err
 	}
+
+	// There's no potential command injection vector here
+	/* #nosec G204 */
 	cmd := exec.Command("createrepo_c", path.Join(dir))
 	err = cmd.Start()
 	if err != nil {