A malicious user may submit an input file starting with '-'.
A loosely-implemented webapp entrypoint could misinterpret
it as a command-line option a let the user inject arbitrary
options to the commands executed inside the job.

To prevent this the leading '-' in input filenames are silently
changed into '_'.