Is your feature request related to a problem? Please describe.
Snyk reports a vulnerability in the Guava library, and also the plugin code is affected by Zip Slip vulnerability.
Describe the solution you'd like
Currently it is impossible to upgrade Guava because of a Java version lock-in. Since there's only minimal use for it in the project, it makes more sense to root it out.
Zip Slip requires a small code change.