diff --git a/bot/config.py b/bot/config.py
index 5a1046d..57cbfa9 100644
--- a/bot/config.py
+++ b/bot/config.py
@@ -14,6 +14,10 @@ def get_config_file() -> str:
     env: str | None = environ.get('KEMOVERSE_ENV')
     if not env:
         raise ConfigError('Error: KEMOVERSE_ENV is unset')
+    
+    # Validate environment name contains only alphanumeric, dash, and underscore
+    if not re.match(r'^[a-zA-Z0-9_-]+$', env):
+        raise ValueError(f'KEMOVERSE_ENV "{env}" contains invalid characters. Only alphanumeric, dash (-), and underscore (_) are allowed.')
 
     config_path: str = f'config_{env}.ini'