🔒 Security: Path Traversal Risk in Image Downloads

## Security Issue
Image paths not validated before saving - potential path traversal vulnerability.

## Vulnerable Code
`scraper.py:178` - `Path(output_path).parent.mkdir(parents=True, exist_ok=True)`

## Risk Level
Medium - Malicious wiki content could write files outside output directory

## Example Attack
```
{{../../etc/passwd.png}}
```
Could write to parent directories

## Solution
```python
def safe_path(base_dir: Path, filename: str) -> Path:
    # Normalize and resolve path
    full_path = (base_dir / filename).resolve()
    
    # Ensure it's within base_dir
    if not full_path.is_relative_to(base_dir):
        raise SecurityError('Path traversal attempt detected')
    
    return full_path
```

## Tasks
- [ ] Add path validation function
- [ ] Sanitize image filenames
- [ ] Add allowlist for file extensions
- [ ] Add tests for path traversal attempts
- [ ] Audit all file write operations

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🔒 Security: Path Traversal Risk in Image Downloads #23

Security Issue

Vulnerable Code

Risk Level

Example Attack

Solution

Tasks

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

🔒 Security: Path Traversal Risk in Image Downloads #23

Description

Security Issue

Vulnerable Code

Risk Level

Example Attack

Solution

Tasks

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions