I should tease apart two things:
Yes, the general issue is the ability to link and run arbitrary libs at compile time. That’s the main point below, a concern we had that appears to be arising in the wild for languages that went down that path.
But, secondarily, I thought it’s also related to the narrower issue of Trusting Trust attacks because Thompson’s initial approach required a specially-crafted compiler binary that already carried the malicious code, whereas the ability to execute arbitrary libraries at compile time (esp. malicious ones that can do introspection) could give a new vector to inject Trusting Trust attacks… the compiler can be totally pristine, but comes with a launchpad to let you provide the malicious code later. No?