After digging more on Windows escaping, I realised some things:

• We forbid environment variable expansion by escaping %APPDATA% to ^%"APPDATA"^%
• We explicitly ask for variable expansion at runtime (running the command line with the /V:ON flag). Running a command containing !APPDATA! will be escaped and expanded (our previous rule is easily overriden)
• On platform that are not windows, we use strong escaping that prevents any variable expansion ($PATH will be escaped to '$PATH' that is not interpreted as the current PATH)

We have three possibilities:

• Keep this behavior as this.
• Prefer a consistent API and use a strong escaping strategy everywhere, but it would result in a BC break (see Can not use windows environment variables with Process #8975).
• Allow environment variable expansion and escape %APPDATA% to "%APPDATA%"

Any thoughts about this ?