This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
The package is malicious due to HTML injection in index.js redirecting to adult/malicious sites and a YARA match on a suspicious URL.
The package is a malware because the index.js file injects HTML into the document body that contains links to adult content websites and potentially malicious sites. The injected HTML redirects users to external sites without their explicit consent. The YARA rule exotic_tld also matched a suspicious URL in the index.js file.