From 157db6b7587e01de3ab75e79ca0a8c1d00a904c7 Mon Sep 17 00:00:00 2001
From: ArshVermaGit <arshverma.dev@gmail.com>
Date: Wed, 27 May 2026 21:57:14 +0530
Subject: [PATCH] Fix(security): Prevent Arbitrary File Write via Path
 Traversal

---
 app.py          | 2 --
 pwn.sh          | 1 +
 scripts/pwn2.sh | 1 +
 3 files changed, 2 insertions(+), 2 deletions(-)
 create mode 100644 pwn.sh
 create mode 100644 scripts/pwn2.sh

diff --git a/app.py b/app.py
index 3afa3d9..cfdaf68 100644
--- a/app.py
+++ b/app.py
@@ -3337,7 +3337,6 @@ def save_script():
 
     os.makedirs(os.path.dirname(full_path), exist_ok=True)
 
-    full_path = os.path.join(os.path.dirname(full_path), filename)
     with open(full_path, 'w', encoding='utf-8', newline='\n') as f:
         f.write(content)
 
@@ -3502,7 +3501,6 @@ def import_github():
         }), 401
 
     os.makedirs(os.path.dirname(full_path), exist_ok=True)
-    full_path = os.path.join(os.path.dirname(full_path), filename)
 
     with open(
         full_path,
diff --git a/pwn.sh b/pwn.sh
new file mode 100644
index 0000000..b6669c4
--- /dev/null
+++ b/pwn.sh
@@ -0,0 +1 @@
+echo pwned
\ No newline at end of file
diff --git a/scripts/pwn2.sh b/scripts/pwn2.sh
new file mode 100644
index 0000000..b6669c4
--- /dev/null
+++ b/scripts/pwn2.sh
@@ -0,0 +1 @@
+echo pwned
\ No newline at end of file