Depending on how your scripts are run and the permissions on the files involved, your config files may be part of a privilege escalation attack.

The risk really comes in where there is a difference in permissions between who can alter the config file, who can run the script, and the user the script executes as. If your script runs as setuid root, you give the system to an attacker.

In your case, the risk may be small. But it is a risk that is easily and cheaply avoided by using a library to serialize your configuration data.