Few published versions are not enough to classify the package as malware without further evidence.
No verification record available.
The package has very few versions published. While this could indicate potential issues, it is not a strong indicator of malicious activity on its own. Without additional evidence, I cannot classify this package as malware.
