Rule Definition
ABAP command injections are possible whenever programs use external statements (or parts of statements) that are then are passed to the runtime environment without being checked. GENERATE SUBROUTINE POOL, If used wrongly, dynamic programming techniques can present a serious security risk.

Remediation
Any dynamic content that is passed to a program from the outside must be checked thoroughly or escaped before being used in dynamic statements. This can be done using the system class CL_ABAP_DYN_PRG or the predefined function escape.

Violation Code Sample

https://help.sap.com/doc/abapdocu_751_index_htm/7.51/en-us/abengeneric_prog_scrty.htm

TYPES prog TYPE TABLE OF string WITH EMPTY KEY.

DATA(text) = concat_lines_of( VALUE prog(
  ( |PROGRAM.\n\n| )
  ( |FORM do_it.\n| )
  ( |  ...\n| )
  ( |ENDFORM.| ) ) ).

CALL FUNCTION 'DEMO_INPUT_TEXT'
  CHANGING
    text_string = text
  EXCEPTIONS
    canceled    = 4.
IF sy-subrc = 4.
  LEAVE PROGRAM.
ENDIF.
SPLIT text AT |\n| INTO TABLE DATA(prog).

GENERATE SUBROUTINE POOL prog NAME DATA(pool).// Violation 
IF sy-subrc = 0.
  PERFORM do_it IN PROGRAM (pool).
ENDIF.

--------------
https://answers.sap.com/questions/1113113/generating-subroutine-pool.html


DATA : itab(200) OCCURS 0.

DATA zname(8).

APPEND 'DATA: BEGIN OF IT_INFTY OCCURS 0,' TO itab.

APPEND 'CALL FUNCTION ''UPLOAD''' TO itab.

APPEND 'EXPORTING' TO itab.

APPEND 'filename = ''C:\''' TO itab.

APPEND 'filetype = ''DAT''' TO itab.

APPEND 'TABLES' TO itab.

APPEND 'DATA_TAB = IT_INFTY.' TO itab.

GENERATE SUBROUTINE POOL itab NAME zname.

IF sy-subrc EQ 0.

WRITE:/ 'success'.

ELSE.

WRITE :/25 'Error'.

ENDIF.

https://help.sap.com/doc/abapdocu_750_index_htm/7.50/en-US/abapgenerate_subroutine_pool.htm https://help.sap.com/doc/abapdocu_751_index_htm/7.51/en-us/abengeneric_prog_scrty.htm