diff --git a/spec/util_spec.lua b/spec/util_spec.lua
index 90780cfb..099ddd6f 100644
--- a/spec/util_spec.lua
+++ b/spec/util_spec.lua
@@ -8,6 +8,18 @@ local util = require "pallene.util"
 
 describe("Pallene utils", function()
 
+    it("can quote special shell chars", function()
+        assert.equals([[' ']], util.shell_quote([[ ]]))
+        assert.equals([['$']], util.shell_quote([[$]]))
+        assert.equals([['"']], util.shell_quote([["]]))
+        assert.equals([['a'\''b']], util.shell_quote([[a'b]]))
+    end)
+
+    it("does not quote clean shell chars", function()
+        assert.equals("foo/bar.txt", util.shell_quote("foo/bar.txt"))
+        assert.equals("100", util.shell_quote("100"))
+    end)
+
     it("returns error when a file doesn't exist", function()
         local filename = "does_not_exist.pln"
         local ok, err = util.get_file_contents(filename)
diff --git a/src/pallene/util.lua b/src/pallene/util.lua
index 2f2a556a..85a76029 100644
--- a/src/pallene/util.lua
+++ b/src/pallene/util.lua
@@ -77,8 +77,13 @@ function util.set_file_contents(file_name, contents)
 end
 
 -- Quotes a command-line argument according to POSIX shell syntax.
+-- Uses a whitelist of safe chars to avoid quoting too much
 function util.shell_quote(str)
-    return "'" .. string.gsub(str, "'", "'\\''") .. "'"
+    if string.match(str, "^[%w./_-]+$") then
+        return str
+    else
+        return "'" .. string.gsub(str, "'", "'\\''") .. "'"
+    end
 end
 
 function util.execute(cmd)