SafeDep
Install GitHub App
SafeDep
Install GitHub App

Summary

Low-confidence evidence of file extension mismatch is insufficient to label the package as malware. Further investigation needed.

Verification Record

No verification record available.

Details

The evidence presented is insufficient to classify tar-stream version 2.2.0 as malware. Evidence 0, a file extension mismatch (headers.js having tar content), is a low-confidence finding from a File Meta Analyzer. This alone is not conclusive. Extension mismatches can occur due to various reasons, including developer errors or unintentional data corruption. There's no indication of malicious code execution, network communication, data exfiltration, or other typical malware behaviors. The project on GitHub has a reasonable number of stars and forks, suggesting some level of community scrutiny. The absence of additional evidence (e.g., positive YARA matches, LLM analysis flagging malicious content, suspicious code patterns) prevents a definitive malware classification. Further investigation is required, including a thorough code review of headers.js and other package components, before a conclusive determination can be made.

tar-stream@2.2.0Clean
Unverified
Analysed at: 3/7/25, 3:37 PM
Source: https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz
SHA256: 3a8f83dfd74e9b401ba679e18d7917830c04deed3e2346e9fbca17fab4a1395b
Confidence: Medium