[Someone1234]

And UNIX allowing - in filenames is a massive security problem[0]. If you go grab a bunch of random scripts off of GitHub many of them won't correctly escape filenames, and a specially named file can alter how the script executes.

[0] http://www.net-security.org/article.php?id=2061

[lottin]

The security problem is incompetent programmers, not dashes, then.

[Someone1234]

Users and programmers. It is trivial to mistakenly execute a command on the shell which is subject to this issue.

I'd call the behaviour "dangerous by default." You need specific training to be aware of, and overcome the issue, without the training you're likely executing commands which can be taken advantage of (in particular recursive commands over files and directories you yourself don't control).