Low project popularity is not enough to classify as malware. Lacking strong evidence of malicious intent.
No verification record available.
The package's source project has low popularity and a low OpenSSF score, but this alone is insufficient to classify it as malware. There is no strong evidence to suggest malicious intent.
