This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Embedded executable is expected for esbuild; high GitHub stars & forks indicate a legitimate project.
The package @esbuild/win32-ia32 is not likely malware. While Evidence 0 highlights the presence of an embedded executable (esbuild.exe), this is not inherently malicious. Esbuild is a popular build tool, and embedding a pre-compiled binary for Windows (indicated by win32-ia32) is a common practice to improve performance. The project on GitHub (https://github.com/evanw/esbuild) has a significant number of stars (38711) and forks (1190), indicating a large and active community, reducing the likelihood of malicious activity. The lack of further evidence (e.g., suspicious code analysis, network activity, or YARA matches despite their limitations) further strengthens the conclusion that this is a legitimate component of the esbuild build tool. The presence of the executable alone is insufficient to label the package as malware. Further investigation would be required if other suspicious behaviors were detected.