diff --git a/sentinelops-backend/app/services/local_git_service.py b/sentinelops-backend/app/services/local_git_service.py
index 825f98b..9499ba8 100644
--- a/sentinelops-backend/app/services/local_git_service.py
+++ b/sentinelops-backend/app/services/local_git_service.py
@@ -136,7 +136,13 @@ def _validate_repo_path_for_linking(self, repo_path: str) -> str:
             return ""
         if not os.path.isdir(normalized):
             return ""
-        if not os.path.isdir(os.path.join(normalized, ".git")):
+        git_dir = os.path.realpath(os.path.join(normalized, ".git"))
+        try:
+            if os.path.commonpath([git_dir, normalized]) != normalized:
+                return ""
+        except ValueError:
+            return ""
+        if not os.path.isdir(git_dir):
             return ""
         return normalized