All kind of files can be uploaded to translate5, so the files also may contain malicious code.
Since users may download the files either as reference file, or just the "done" import package or the import archive, they receive also the so uploaded malicious file.