diff --git a/docs/reqstream/sarifmark/utilities/utilities.yaml b/docs/reqstream/sarifmark/utilities/utilities.yaml
index 339bca8..1d48089 100644
--- a/docs/reqstream/sarifmark/utilities/utilities.yaml
+++ b/docs/reqstream/sarifmark/utilities/utilities.yaml
@@ -17,3 +17,6 @@ sections:
               - SarifMark-PathHelpers-PostCombineCheck
             tests:
               - Utilities_SafePathHandling_ValidPaths_CombinesSuccessfully
+              - Utilities_SafePathHandling_PathTraversal_ThrowsException
+              - Utilities_SafePathHandling_AbsolutePath_ThrowsException
+              - Utilities_SafePathHandling_NullInput_ThrowsException
diff --git a/test/DemaConsulting.SarifMark.Tests/Utilities/UtilitiesTests.cs b/test/DemaConsulting.SarifMark.Tests/Utilities/UtilitiesTests.cs
index 2ae2ad7..38b2a7d 100644
--- a/test/DemaConsulting.SarifMark.Tests/Utilities/UtilitiesTests.cs
+++ b/test/DemaConsulting.SarifMark.Tests/Utilities/UtilitiesTests.cs
@@ -42,4 +42,48 @@ public void Utilities_SafePathHandling_ValidPaths_CombinesSuccessfully()
         // Assert
         Assert.AreEqual(Path.Combine(basePath, relativePath), result);
     }
+
+    /// <summary>
+    ///     Test that the Utilities subsystem rejects path-traversal attacks.
+    /// </summary>
+    [TestMethod]
+    public void Utilities_SafePathHandling_PathTraversal_ThrowsException()
+    {
+        // Arrange
+        var basePath = Path.GetTempPath();
+        var maliciousPath = "../../../etc/passwd";
+
+        // Act & Assert
+        Assert.Throws<ArgumentException>(() =>
+            PathHelpers.SafePathCombine(basePath, maliciousPath));
+    }
+
+    /// <summary>
+    ///     Test that the Utilities subsystem rejects absolute paths.
+    /// </summary>
+    [TestMethod]
+    public void Utilities_SafePathHandling_AbsolutePath_ThrowsException()
+    {
+        // Arrange
+        var basePath = Path.GetTempPath();
+        var absolutePath = "/etc/passwd";
+
+        // Act & Assert
+        Assert.Throws<ArgumentException>(() =>
+            PathHelpers.SafePathCombine(basePath, absolutePath));
+    }
+
+    /// <summary>
+    ///     Test that the Utilities subsystem rejects null inputs.
+    /// </summary>
+    [TestMethod]
+    public void Utilities_SafePathHandling_NullInput_ThrowsException()
+    {
+        // Arrange
+        var basePath = Path.GetTempPath();
+
+        // Act & Assert
+        Assert.Throws<ArgumentNullException>(() =>
+            PathHelpers.SafePathCombine(basePath, null!));
+    }
 }