Low popularity and OpenSSF score are not enough to classify the package as malware. No strong evidence of malicious intent found.
No verification record available.
The package's source project has low popularity and a low OpenSSF score, but this alone is insufficient to classify it as malware. There is no strong evidence to suggest malicious intent.
