This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Package contains a .dylib file, a dynamic library for macOS. No strong evidence to classify as malware. Requires further investigation.
The package contains a .dylib file, which is a dynamic library for macOS. The file package/lib/libvips-cpp.8.17.2.dylib is identified as an embedded executable and has an extension mismatch (dylib vs macho). While the presence of an embedded executable warrants caution, it's common for legitimate packages to include pre-compiled binaries, especially in libraries like sharp-libvips. The extension mismatch is low confidence and could be due to the file analyzer. Without further evidence of malicious behavior, it's not possible to classify this package as malware.