The arguments to shellHelper.* functions are passed to scope->exec() as an inline JS string delimited by double quotes on dbshell.cpp:866-867 — but double quotes in the passed arguments are not escaped.
This isn't typically a problem for the existing builtin shellHelper functions (use, set, it, show, and help), because their arguments don't usually include quotes or string literals. However, it's problematic for useful mongorc hacks which take arbitrary JS as args, eg. time and underscore-grab. The effect is usually inexplicable-looking syntax errors when double quotes are used — but not when they are swapped for single quotes (or manually escaped, which looks and feels bizarre):
There is an attempt to protect against this on line 856, but it only guards cmd, ie. the first call to scope->exec() on line 859. It also completely prevents the use of shellHelpers where the first word contains a double quote, which is needlessly restrictive — all that should be necessary is to correctly handle double quotes in cmd.
Seems the better approach would be to drop line 856, and instead either (a) use backslash to escape any double quotes in cmd and code, or (b) better yet, directly inject the strings with scope->setString(), and then just reference them when calling shellHelper inside scope->exec().