Security Ideas

Never do much with user input unless it's carefully parsed and you have thought through it
Use full paths to binaries, perhaps setting them in variables at top of script
If not, at least overwrite PATH with known safe values
Always use full path for input and output files, or chdir to working area before starting
Safe temporary files! (see previous example)
Lots of error detection code; check exit status of commands frequently and respond appropriately
What else?

Never do much with user input unless it's carefully parsed and you have thought through it