Powered by SafeDepPowered by SafeDepEmbedded executable and extension mismatch found. Legitimate use cases exist for embedded binaries. Insufficient evidence for malware.
No verification record available.
The package @img/sharp-libvips-linuxmusl-arm64 version 1.2.4 contains an embedded executable package/lib/libvips-cpp.so.8.17.3 and an extension mismatch. While the embedded executable raises a medium confidence security risk, it can be a valid use case such as pre-compiled binaries. The file extension mismatch is low confidence. Without further evidence, I cannot classify this package as malware.