It would be useful to report uses of TarFile.extract/extractall. It's insecure to use by default without first checking all members for strange paths. (see https://docs.python.org/3.9/library/tarfile.html#tarfile.TarFile.extractall)

Unfortunately this is a method and not a function, so there are two ways forwards: either try to guess when extract/extractall calls look like they can be used with TarFile (could be very noisy with false positives), or try to do some minimal type inference (this should be easier with the symbol table caching idea). Fortunately the TarFile usage should be usually trivial / localised in one function.