diff --git a/packages/dd-trace/src/appsec/rasp/command_injection.js b/packages/dd-trace/src/appsec/rasp/command_injection.js
index 62546e2b6a6..4fe8312dac7 100644
--- a/packages/dd-trace/src/appsec/rasp/command_injection.js
+++ b/packages/dd-trace/src/appsec/rasp/command_injection.js
@@ -33,14 +33,13 @@ function analyzeCommandInjection ({ file, fileArgs, shell, abortController }) {
 
   const persistent = {}
   const raspRule = { type: RULE_TYPES.COMMAND_INJECTION }
-  const params = fileArgs ? [file, ...fileArgs] : file
+  const params = fileArgs ? [file, ...fileArgs] : [file]
 
   if (shell) {
     persistent[addresses.SHELL_COMMAND] = params
     raspRule.variant = 'shell'
   } else {
-    const commandParams = Array.isArray(params) ? params : [params]
-    persistent[addresses.EXEC_COMMAND] = commandParams
+    persistent[addresses.EXEC_COMMAND] = params
     raspRule.variant = 'exec'
   }