No verification record available.

The package exhibits multiple suspicious behaviors indicating it is likely malware. The setup.js script makes a request to a suspicious URL (edrxkprbcqxvbhveoqmmpxavp9wwhkqy4.gjq.io) and exfiltrates installation information within the User-Agent header. It also unconditionally terminates the process after the request. Furthermore, the package.json file executes setup.js during the preinstall phase, allowing arbitrary code execution before installation. The combination of these factors, including the suspicious URL, data exfiltration, forced process exit, and preinstall script execution, strongly suggests malicious intent. Additionally, the project has only published a few versions, which raises further concerns.