This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Shared object with versioned extension found. Likely a legitimate library, not malware without further evidence.
The package @img/sharp-libvips-linux-s390x version 1.2.3 contains a shared object file libvips-cpp.so.8.17.2. The file is an ELF executable, which is expected for a library. The extension .2 is likely a versioning component of the shared object name. While the extension mismatch and embedded executable raise concerns, they are common in shared libraries. Without further evidence of malicious behavior, the package is not classified as malware.