The package contains an embedded executable, but given the reputable project and verified provenance, it's likely legitimate and not classified as malware.
No verification record available.
The package @esbuild/linux-x64 contains an embedded executable package/bin/esbuild. While this raises a flag for potential security risks, it's a valid use case for pre-compiled binaries. Given the package's association with the reputable esbuild project (39k+ stars, 1k+ forks) and verified SLSA provenance, it's likely a legitimate use of an embedded executable. Without further evidence of malicious behavior, it's not classified as malware.
