You can't post like this here, so I've banned the account.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
https://github.com/eleijonmarck/do-not-compile-this-code/blo...
This is true for all third-party libraries. If you blindly download and execute code from the Internet, this is a risk you are assuming.
As I stated above, if you need more security, you can download all the dependencies and build inside an isolated container.