Are command arguments sanitized?

[TrevorBurnham]

If I do the following:

input = getStringFromUser();
client = require('lib/redis-client').createClient();
client.get(input);

will the person giving me the input be able to do something nasty, i.e. execute commands other than GET? It would be nice if the documentation said something definitive on this point.

[maritz]

If at all, then inside of multi/exec which is only available in forks. However i doubt even that, because redis does not accept multiple commands in one buffered request. (multi/exec are actually a bunch of requests for each part, including multi and exec)