The package has few versions, but this alone isn't enough to classify it as malware without more evidence.
No verification record available.
The package has only two published versions. While this could indicate a lack of maturity or maintenance, it's not strong evidence of malicious intent. Without additional evidence, it's impossible to classify this package as malware.
