1
Compression Bombs: A PRG file may contain a small ZIP that decompresses to an extremely large amount of data, causing denial-of-service. Implementations MUST impose reasonable limits on the number of extracted files and the total uncompressed size.
2
Path Traversal: Maliciously crafted ZIP entries could have names like ../../../some_important_file. Implementations MUST NOT extract files to filesystem, instead, read them directly from the ZIP stream to memory or a controlled environment.
3
Attachment Risks: The attachments directory can contain any file type. The application processing the PRG file is responsible for handling each attachment in a secure manner (e.g., run script files in sandbox, detect malware in attachments).

1
This media type defines a format for representing complex node graphs, such as project dependency graphs.
2
The content is a ZIP-archived container that holds one `stage.msgpack` file serialized using MessagePack, and may have other file in any format. This combination provides efficient storage and fast parsing.
3
The structure of the MessagePack-serialized data within the archive MUST conform to the schema defined in [https://project-graph.top/docs/spec/prg]
4
Key considerations for implementers include:
5
- Handling of required and optional properties gracefully (e.g., ignoring unknown optional properties rather than failing).
6
- Being aware that the graph may contain cycles and must be processed accordingly to avoid infinite loops.
7
- The possibility of very large graphs, requiring streaming or chunked processing strategies.

1
Fragment identifier considerations: UUIDs separated by `;`
2
See section 6.5 in the specification