diff --git a/ql/src/semmle/go/frameworks/Stdlib.qll b/ql/src/semmle/go/frameworks/Stdlib.qll
index 06f9a079bb6..542535873b3 100644
--- a/ql/src/semmle/go/frameworks/Stdlib.qll
+++ b/ql/src/semmle/go/frameworks/Stdlib.qll
@@ -11,6 +11,7 @@ import semmle.go.frameworks.stdlib.CompressBzip2
 import semmle.go.frameworks.stdlib.CompressFlate
 import semmle.go.frameworks.stdlib.CompressGzip
 import semmle.go.frameworks.stdlib.CompressLzw
+import semmle.go.frameworks.stdlib.CompressZlib
 
 /** A `String()` method. */
 class StringMethod extends TaintTracking::FunctionModel, Method {
diff --git a/ql/src/semmle/go/frameworks/stdlib/CompressZlib.qll b/ql/src/semmle/go/frameworks/stdlib/CompressZlib.qll
new file mode 100644
index 00000000000..acac64083e0
--- /dev/null
+++ b/ql/src/semmle/go/frameworks/stdlib/CompressZlib.qll
@@ -0,0 +1,62 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `compress/zlib` package.
+ */
+
+import go
+
+/** Provides models of commonly used functions in the `compress/zlib` package. */
+module CompressZlib {
+  private class FunctionModels extends TaintTracking::FunctionModel {
+    FunctionInput inp;
+    FunctionOutput outp;
+
+    FunctionModels() {
+      // signature: func NewReader(r io.Reader) (io.ReadCloser, error)
+      hasQualifiedName("compress/zlib", "NewReader") and
+      (inp.isParameter(0) and outp.isResult(0))
+      or
+      // signature: func NewReaderDict(r io.Reader, dict []byte) (io.ReadCloser, error)
+      hasQualifiedName("compress/zlib", "NewReaderDict") and
+      (inp.isParameter(0) and outp.isResult(0))
+      or
+      // signature: func NewWriter(w io.Writer) *Writer
+      hasQualifiedName("compress/zlib", "NewWriter") and
+      (inp.isResult() and outp.isParameter(0))
+      or
+      // signature: func NewWriterLevel(w io.Writer, level int) (*Writer, error)
+      hasQualifiedName("compress/zlib", "NewWriterLevel") and
+      (inp.isResult(0) and outp.isParameter(0))
+      or
+      // signature: func NewWriterLevelDict(w io.Writer, level int, dict []byte) (*Writer, error)
+      hasQualifiedName("compress/zlib", "NewWriterLevelDict") and
+      (inp.isResult(0) and outp.isParameter(0))
+    }
+
+    override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
+      input = inp and output = outp
+    }
+  }
+
+  private class MethodModels extends TaintTracking::FunctionModel, Method {
+    FunctionInput inp;
+    FunctionOutput outp;
+
+    MethodModels() {
+      // signature: func (*Writer).Reset(w io.Writer)
+      this.hasQualifiedName("compress/zlib", "Writer", "Reset") and
+      (inp.isReceiver() and outp.isParameter(0))
+      or
+      // signature: func (*Writer).Write(p []byte) (n int, err error)
+      this.hasQualifiedName("compress/zlib", "Writer", "Write") and
+      (inp.isParameter(0) and outp.isReceiver())
+      or
+      // signature: func (Resetter).Reset(r io.Reader, dict []byte) error
+      this.implements("compress/zlib", "Resetter", "Reset") and
+      (inp.isParameter(0) and outp.isReceiver())
+    }
+
+    override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
+      input = inp and output = outp
+    }
+  }
+}
diff --git a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressZlib.go b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressZlib.go
new file mode 100644
index 00000000000..535ef1fe01b
--- /dev/null
+++ b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressZlib.go
@@ -0,0 +1,108 @@
+// Code generated by https://github.com/gagliardetto/codebox. DO NOT EDIT.
+
+package main
+
+import (
+	"compress/zlib"
+	"io"
+)
+
+func TaintStepTest_CompressZlibNewReader_B0I0O0(sourceCQL interface{}) interface{} {
+	fromReader656 := sourceCQL.(io.Reader)
+	intoReadCloser414, _ := zlib.NewReader(fromReader656)
+	return intoReadCloser414
+}
+
+func TaintStepTest_CompressZlibNewReaderDict_B0I0O0(sourceCQL interface{}) interface{} {
+	fromReader518 := sourceCQL.(io.Reader)
+	intoReadCloser650, _ := zlib.NewReaderDict(fromReader518, nil)
+	return intoReadCloser650
+}
+
+func TaintStepTest_CompressZlibNewWriter_B0I0O0(sourceCQL interface{}) interface{} {
+	fromWriter784 := sourceCQL.(*zlib.Writer)
+	var intoWriter957 io.Writer
+	intermediateCQL := zlib.NewWriter(intoWriter957)
+	link(fromWriter784, intermediateCQL)
+	return intoWriter957
+}
+
+func TaintStepTest_CompressZlibNewWriterLevel_B0I0O0(sourceCQL interface{}) interface{} {
+	fromWriter520 := sourceCQL.(*zlib.Writer)
+	var intoWriter443 io.Writer
+	intermediateCQL, _ := zlib.NewWriterLevel(intoWriter443, 0)
+	link(fromWriter520, intermediateCQL)
+	return intoWriter443
+}
+
+func TaintStepTest_CompressZlibNewWriterLevelDict_B0I0O0(sourceCQL interface{}) interface{} {
+	fromWriter127 := sourceCQL.(*zlib.Writer)
+	var intoWriter483 io.Writer
+	intermediateCQL, _ := zlib.NewWriterLevelDict(intoWriter483, 0, nil)
+	link(fromWriter127, intermediateCQL)
+	return intoWriter483
+}
+
+func TaintStepTest_CompressZlibWriterReset_B0I0O0(sourceCQL interface{}) interface{} {
+	fromWriter989 := sourceCQL.(zlib.Writer)
+	var intoWriter982 io.Writer
+	fromWriter989.Reset(intoWriter982)
+	return intoWriter982
+}
+
+func TaintStepTest_CompressZlibWriterWrite_B0I0O0(sourceCQL interface{}) interface{} {
+	fromByte417 := sourceCQL.([]byte)
+	var intoWriter584 zlib.Writer
+	intoWriter584.Write(fromByte417)
+	return intoWriter584
+}
+
+func TaintStepTest_CompressZlibResetterReset_B0I0O0(sourceCQL interface{}) interface{} {
+	fromReader991 := sourceCQL.(io.Reader)
+	var intoResetter881 zlib.Resetter
+	intoResetter881.Reset(fromReader991, nil)
+	return intoResetter881
+}
+
+func RunAllTaints_CompressZlib() {
+	{
+		source := newSource(0)
+		out := TaintStepTest_CompressZlibNewReader_B0I0O0(source)
+		sink(0, out)
+	}
+	{
+		source := newSource(1)
+		out := TaintStepTest_CompressZlibNewReaderDict_B0I0O0(source)
+		sink(1, out)
+	}
+	{
+		source := newSource(2)
+		out := TaintStepTest_CompressZlibNewWriter_B0I0O0(source)
+		sink(2, out)
+	}
+	{
+		source := newSource(3)
+		out := TaintStepTest_CompressZlibNewWriterLevel_B0I0O0(source)
+		sink(3, out)
+	}
+	{
+		source := newSource(4)
+		out := TaintStepTest_CompressZlibNewWriterLevelDict_B0I0O0(source)
+		sink(4, out)
+	}
+	{
+		source := newSource(5)
+		out := TaintStepTest_CompressZlibWriterReset_B0I0O0(source)
+		sink(5, out)
+	}
+	{
+		source := newSource(6)
+		out := TaintStepTest_CompressZlibWriterWrite_B0I0O0(source)
+		sink(6, out)
+	}
+	{
+		source := newSource(7)
+		out := TaintStepTest_CompressZlibResetterReset_B0I0O0(source)
+		sink(7, out)
+	}
+}