diff --git a/src/lib/index.ts b/src/lib/index.ts
index 4141315..f5f5087 100644
--- a/src/lib/index.ts
+++ b/src/lib/index.ts
@@ -7,9 +7,9 @@ function safePath(basePath: string, name: string): boolean {
 	return (
 		!!relative &&
 		// does move out of `basePath`
-		!relative.startsWith('..') &&
+		!relative.startsWith(`..${path.sep}`) &&
 		// exactly one layer deep, e.g. no `./uplodas/foo/bar`
-		!relative.includes('/') &&
+		!relative.includes(path.sep) &&
 		// result is not an absolute path
 		!path.isAbsolute(relative)
 	);