diff --git a/kernel/server/serve.go b/kernel/server/serve.go
index 94897546f..81a217e23 100644
--- a/kernel/server/serve.go
+++ b/kernel/server/serve.go
@@ -318,6 +318,11 @@ func serveExport(ginServer *gin.Engine) {
 		}
 
 		fullPath := filepath.Join(exportBaseDir, decodedPath)
+		if util.IsSensitivePath(fullPath) {
+			logging.LogErrorf("refuse to export sensitive file [%s]", c.Request.URL.Path)
+			c.Status(http.StatusForbidden)
+			return
+		}
 
 		fileInfo, err := os.Stat(fullPath)
 		if os.IsNotExist(err) {
diff --git a/kernel/util/path.go b/kernel/util/path.go
index c60d1eec1..6e45255bf 100644
--- a/kernel/util/path.go
+++ b/kernel/util/path.go
@@ -391,6 +391,12 @@ func IsSensitivePath(p string) bool {
 		}
 	}
 
+	// 工作空间/conf 目录（小写比较）
+	workspaceConfPrefix := strings.ToLower(filepath.Join(WorkspaceDir, "conf"))
+	if strings.HasPrefix(pp, workspaceConfPrefix) {
+		return true
+	}
+
 	homePrefixes := []string{
 		strings.ToLower(filepath.Join(HomeDir, ".ssh")),
 		strings.ToLower(filepath.Join(HomeDir, ".config")),