diff --git a/browse/src/read-commands.ts b/browse/src/read-commands.ts
index 54877562..e9823325 100644
--- a/browse/src/read-commands.ts
+++ b/browse/src/read-commands.ts
@@ -38,7 +38,7 @@ function wrapForEvaluate(code: string): string {
 // Security: Path validation to prevent path traversal attacks
 const SAFE_DIRECTORIES = ['/tmp', process.cwd()];
 
-function validateReadPath(filePath: string): void {
+export function validateReadPath(filePath: string): void {
   if (path.isAbsolute(filePath)) {
     const resolved = path.resolve(filePath);
     const isSafe = SAFE_DIRECTORIES.some(dir => resolved === dir || resolved.startsWith(dir + '/'));
diff --git a/browse/test/path-validation.test.ts b/browse/test/path-validation.test.ts
new file mode 100644
index 00000000..ab25941e
--- /dev/null
+++ b/browse/test/path-validation.test.ts
@@ -0,0 +1,63 @@
+import { describe, it, expect } from 'bun:test';
+import { validateOutputPath } from '../src/meta-commands';
+import { validateReadPath } from '../src/read-commands';
+
+describe('validateOutputPath', () => {
+  it('allows paths within /tmp', () => {
+    expect(() => validateOutputPath('/tmp/screenshot.png')).not.toThrow();
+  });
+
+  it('allows paths in subdirectories of /tmp', () => {
+    expect(() => validateOutputPath('/tmp/browse/output.png')).not.toThrow();
+  });
+
+  it('allows paths within cwd', () => {
+    expect(() => validateOutputPath(`${process.cwd()}/output.png`)).not.toThrow();
+  });
+
+  it('blocks paths outside safe directories', () => {
+    expect(() => validateOutputPath('/etc/cron.d/backdoor.png')).toThrow(/Path must be within/);
+  });
+
+  it('blocks /tmpevil prefix collision', () => {
+    expect(() => validateOutputPath('/tmpevil/file.png')).toThrow(/Path must be within/);
+  });
+
+  it('blocks home directory paths', () => {
+    expect(() => validateOutputPath('/Users/someone/file.png')).toThrow(/Path must be within/);
+  });
+
+  it('blocks path traversal via ..', () => {
+    expect(() => validateOutputPath('/tmp/../etc/passwd')).toThrow(/Path must be within/);
+  });
+});
+
+describe('validateReadPath', () => {
+  it('allows absolute paths within /tmp', () => {
+    expect(() => validateReadPath('/tmp/script.js')).not.toThrow();
+  });
+
+  it('allows absolute paths within cwd', () => {
+    expect(() => validateReadPath(`${process.cwd()}/test.js`)).not.toThrow();
+  });
+
+  it('allows relative paths without traversal', () => {
+    expect(() => validateReadPath('src/index.js')).not.toThrow();
+  });
+
+  it('blocks absolute paths outside safe directories', () => {
+    expect(() => validateReadPath('/etc/passwd')).toThrow(/Absolute path must be within/);
+  });
+
+  it('blocks /tmpevil prefix collision', () => {
+    expect(() => validateReadPath('/tmpevil/file.js')).toThrow(/Absolute path must be within/);
+  });
+
+  it('blocks path traversal sequences', () => {
+    expect(() => validateReadPath('../../../etc/passwd')).toThrow(/Path traversal/);
+  });
+
+  it('blocks nested path traversal', () => {
+    expect(() => validateReadPath('src/../../etc/passwd')).toThrow(/Path traversal/);
+  });
+});