Zip slip is a special case of path injection. It occurs when an application uses the name of an archive entry to construct a file path and access this file without validating its path first.

This rule will consider all archives untrusted, assuming they have been created outside the application file system.

A user with malicious intent would inject specially crafted values, such as ``++../++``, in the archive entry name to change the initial intended path. The resulting path would resolve somewhere in the filesystem where the user should not normally have access.