diff --git a/docker-bench-security.sh b/docker-bench-security.sh
index 14d2e31..6a0a4ba 100755
--- a/docker-bench-security.sh
+++ b/docker-bench-security.sh
@@ -88,10 +88,10 @@ beginjson "1.3.4" "$(date +%s)"
 # Load all the tests from tests/ and run them
 main () {
   # List all running containers
-  if [ -z $exclude ]; then
+  if [ -z "$exclude" ]; then
     containers=$(docker ps | sed '1d' | awk '{print $NF}')
   else
-    pattern=$(echo $exclude | sed 's/,/|/g')
+    pattern=$(echo "$exclude" | sed 's/,/|/g')
     containers=$(docker ps | sed '1d' | grep -Ev '$pattern' | awk '{print $NF}')
   fi
   # If there is a container with label docker_bench_security, memorize it:
@@ -103,10 +103,10 @@ main () {
     fi
   done
   # List all running containers except docker-bench (use names to improve readability in logs)
-  if [ -z $exclude ]; then
+  if [ -z "$exclude" ]; then
     containers=$(docker ps | sed '1d' |  awk '{print $NF}' | grep -v "$benchcont")
   else
-    pattern=$(echo $exclude | sed 's/,/|/g')
+    pattern=$(echo "$exclude" | sed 's/,/|/g')
     containers=$(docker ps | sed '1d' | grep -Ev "$pattern" | awk '{print $NF}' | grep -v "$benchcont")
   fi
 
@@ -124,7 +124,7 @@ main () {
   if [ -z "$check" ]; then
     cis
   else
-    for i in $(echo $check | sed "s/,/ /g")
+    for i in $(echo "$check" | sed "s/,/ /g")
     do
       if command -v "$i" 2>/dev/null 1>&2; then
         "$i"
diff --git a/tests/5_container_runtime.sh b/tests/5_container_runtime.sh
index 1aca0fe..1eec675 100644
--- a/tests/5_container_runtime.sh
+++ b/tests/5_container_runtime.sh
@@ -988,7 +988,8 @@ check_5_29() {
   for net in $networks; do
     if docker network inspect --format '{{ .Options }}' "$net" 2>/dev/null | grep "com.docker.network.bridge.name:docker0" >/dev/null 2>&1; then
       docker0Containers=$(docker network inspect --format='{{ range $k, $v := .Containers }} {{ $k }} {{ end }}' "$net" | \
-       sed -e 's/^ //' -e 's/  /\n/g' 2>/dev/null)
+        sed -e 's/^ //' -e 's/  /\n/g' 2>/dev/null)
+
       if [ -n "$docker0Containers" ]; then
         if [ $fail -eq 0 ]; then
           info "$check_5_29"
@@ -996,7 +997,12 @@ check_5_29() {
           fail=1
         fi
         for c in $docker0Containers; do
-	  cName=$(docker inspect --format '{{.Name}}' "$c" 2>/dev/null | sed 's/\///g')
+          if [ -z "$exclude" ]; then
+            cName=$(docker inspect --format '{{.Name}}' "$c" 2>/dev/null | sed 's/\///g')
+          else
+            pattern=$(echo "$exclude" | sed 's/,/|/g')
+            cName=$(docker inspect --format '{{.Name}}' "$c" 2>/dev/null | sed 's/\///g' | grep -Ev '$pattern' )
+          fi
           info "     * Container in docker0 network: $cName"
           logjson "5.29" "INFO: $c"
         done
@@ -1081,4 +1087,3 @@ check_5_31() {
       currentScore=$((currentScore - 1))
   fi
 }
-