diff --git a/internal/room/tools/executor.go b/internal/room/tools/executor.go
index ab974e8..7a30b48 100644
--- a/internal/room/tools/executor.go
+++ b/internal/room/tools/executor.go
@@ -74,7 +74,14 @@ func (e *Executor) glob(args string) (string, error) {
 
 	var result []string
 	for _, f := range files {
-		rel, _ := filepath.Rel(e.workspaceDir, f)
+		abs, err := filepath.Abs(f)
+		if err != nil {
+			continue
+		}
+		if !strings.HasPrefix(abs, e.workspaceDir) {
+			continue
+		}
+		rel, _ := filepath.Rel(e.workspaceDir, abs)
 		result = append(result, rel)
 	}
 
@@ -96,9 +103,13 @@ func (e *Executor) grep(args string) (string, error) {
 		return "", err
 	}
 
+	var err error
 	searchDir := e.workspaceDir
 	if a.Path != "" {
-		searchDir = filepath.Join(e.workspaceDir, a.Path)
+		searchDir, err = e.safePath(a.Path)
+		if err != nil {
+			return "", err
+		}
 	}
 
 	re, err := regexp.Compile(a.Pattern)
@@ -308,9 +319,18 @@ func (e *Executor) gitDiff(args string) (string, error) {
 		return "", err
 	}
 
-	var cmd *exec.Cmd
+	filename := ""
 	if a.Filename != "" {
-		cmd = exec.Command("git", "diff", a.Filename)
+		fpath, err := e.safePath(a.Filename)
+		if err != nil {
+			return "", err
+		}
+		filename, _ = filepath.Rel(e.workspaceDir, fpath)
+	}
+
+	var cmd *exec.Cmd
+	if filename != "" {
+		cmd = exec.Command("git", "diff", filename)
 	} else {
 		cmd = exec.Command("git", "diff")
 	}