diff --git a/drivers/local/driver.go b/drivers/local/driver.go
index 39c571dda..f03e040c1 100644
--- a/drivers/local/driver.go
+++ b/drivers/local/driver.go
@@ -251,6 +251,10 @@ func (d *Local) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (
 }
 
 func (d *Local) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+	// Validate dirName to ensure it does not contain invalid characters
+	if filepath.Base(dirName) != dirName {
+		return fmt.Errorf("invalid directory name: %q", dirName)
+	}
 	fullPath := filepath.Join(parentDir.GetPath(), dirName)
 	err := os.MkdirAll(fullPath, os.FileMode(d.mkdirPerm))
 	if err != nil {