diff --git a/.github/workflows/__zstd-bundle.yml b/.github/workflows/__zstd-bundle.yml
index 68da421cd..fc895ca6d 100644
--- a/.github/workflows/__zstd-bundle.yml
+++ b/.github/workflows/__zstd-bundle.yml
@@ -55,6 +55,9 @@ jobs:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
           setup-kotlin: 'true'
+      - name: Remove CodeQL from toolcache
+        run: |
+          rm -rf $RUNNER_TOOL_CACHE/CodeQL
       - id: init
         uses: ./../action/init
         with:
@@ -65,6 +68,47 @@ jobs:
         shell: bash
         run: ./build.sh
       - uses: ./../action/analyze
+        with:
+          output: ${{ runner.temp }}/results
+          upload-database: false
+      - name: Upload SARIF
+        uses: actions/upload-artifact@v3
+        with:
+          name: zstd-bundle.sarif
+          path: ${{ runner.temp }}/results/cpp.sarif
+          retention-days: 7
+      - name: Check diagnostic with expected tools URL appears in SARIF
+        uses: actions/github-script@v7
+        env:
+          SARIF_PATH: ${{ runner.temp }}/results/cpp.sarif
+        with:
+          script: |
+            const fs = require('fs');
+
+            const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
+            const run = sarif.runs[0];
+
+            const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
+            const downloadTelemetryNotifications = toolExecutionNotifications.filter(n =>
+              n.descriptor.id === 'codeql-action/bundle-download-telemetry'
+            );
+            if (downloadTelemetryNotifications.length !== 1) {
+              core.setFailed(
+                'Expected exactly one reporting descriptor in the ' +
+                  `'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
+                  `${downloadTelemetryNotifications.length}. All notification reporting descriptors: ` +
+                  `${JSON.stringify(toolExecutionNotifications)}.`
+              );
+            }
+
+            const toolsUrl = downloadTelemetryNotifications[0].properties.attributes.toolsUrl;
+            console.log(`Found tools URL: ${toolsUrl}`);
+
+            if (!toolsUrl.endsWith('.tar.zst')) {
+              core.setFailed(
+                `Expected the tools URL to be a .tar.zst file, but found ${toolsUrl}.`
+              );
+            }
     env:
       CODEQL_ACTION_ZSTD_BUNDLE: true
       CODEQL_ACTION_TEST_MODE: true
diff --git a/pr-checks/checks/zstd-bundle.yml b/pr-checks/checks/zstd-bundle.yml
index 87daea05b..a88a4a6d5 100644
--- a/pr-checks/checks/zstd-bundle.yml
+++ b/pr-checks/checks/zstd-bundle.yml
@@ -1,5 +1,5 @@
 name: "Zstandard bundle"
-description: "Tests using a CodeQL Bundle compressed using Zstandard"
+description: "Tests the feature flag that downloads a Zstandard-compressed CodeQL Bundle by default"
 versions:
   - linked
 operatingSystems:
@@ -7,6 +7,9 @@ operatingSystems:
 env:
   CODEQL_ACTION_ZSTD_BUNDLE: true
 steps:
+  - name: Remove CodeQL from toolcache
+    run: |
+      rm -rf $RUNNER_TOOL_CACHE/CodeQL
   - id: init
     uses: ./../action/init
     with:
@@ -17,3 +20,44 @@ steps:
     shell: bash
     run: ./build.sh
   - uses: ./../action/analyze
+    with:
+      output: ${{ runner.temp }}/results
+      upload-database: false
+  - name: Upload SARIF
+    uses: actions/upload-artifact@v3
+    with:
+      name: zstd-bundle.sarif
+      path: ${{ runner.temp }}/results/cpp.sarif
+      retention-days: 7
+  - name: Check diagnostic with expected tools URL appears in SARIF
+    uses: actions/github-script@v7
+    env:
+      SARIF_PATH: ${{ runner.temp }}/results/cpp.sarif
+    with:
+      script: |
+        const fs = require('fs');
+
+        const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
+        const run = sarif.runs[0];
+
+        const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
+        const downloadTelemetryNotifications = toolExecutionNotifications.filter(n =>
+          n.descriptor.id === 'codeql-action/bundle-download-telemetry'
+        );
+        if (downloadTelemetryNotifications.length !== 1) {
+          core.setFailed(
+            'Expected exactly one reporting descriptor in the ' +
+              `'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
+              `${downloadTelemetryNotifications.length}. All notification reporting descriptors: ` +
+              `${JSON.stringify(toolExecutionNotifications)}.`
+          );
+        }
+
+        const toolsUrl = downloadTelemetryNotifications[0].properties.attributes.toolsUrl;
+        console.log(`Found tools URL: ${toolsUrl}`);
+
+        if (!toolsUrl.endsWith('.tar.zst')) {
+          core.setFailed(
+            `Expected the tools URL to be a .tar.zst file, but found ${toolsUrl}.`
+          );
+        }