There are no security issues related with using xp_CmdShell if your system has the proper security of no one (no login or user or group) having direct access to it and have no privs higher than DBO except for DBAs. Even turning it off won't help if any login, user or group has SA privs. Even if you delete the related dll, a hacker getting in as SA can still use a trick with OPENROWSET to get to the command line. If your system isn't properly locked down, you might as well turn on xp_CmdShell because that's what a hacker is going to do for you anyway.

xp_CmdShell is not a security problem. Having bad security is a security problem. 😉

That, notwithstanding, I do agree that, in this particular case, the filenames should come from MSDB but not for the reason most people would think. You cannot rely on the dates embedded in the filenames especially if you have Point-in-Time log backups running. Instead, you must align the LSN's with the most recent full backup in order to select the correct log files to restore.