SafeDep
Install GitHub App
SafeDep
Install GitHub App

Summary

No evidence suggests malicious behavior. Low stars and single version don't automatically indicate malware.

Verification Record

No verification record available.

Details

Based on the provided evidence, there is no indication that the fs-constants package (version 1.0.0) is malicious. Evidence 0 points out that the project has only one published version. While this could suggest immaturity or lack of maintenance, it's not conclusive evidence of malicious intent. The low number of stars and forks on GitHub is also not definitive proof of malicious activity; many legitimate, small projects have low community engagement. The absence of other evidence, such as positive YARA rule matches or concerning LLM analysis of the package contents, further supports the conclusion that there is no reason to suspect malicious behavior. The lack of additional evidence weighs heavily against a malware classification.

fs-constants@1.0.0Clean
Unverified
Analysed at: 3/7/25, 3:41 PM
Source: https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz
SHA256: e7936d7e1b24475bd59312c4005f30d42539627dfc1c4f5dfe2326d7b7c7c5fa
Confidence: Medium