This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
The package triggered sus_dylib_tls_get_addr YARA rule, but lacks sufficient evidence to be classified as malware. Likely a false positive.
The package @img/sharp-linux-x64 version 0.34.4 triggered the YARA rule sus_dylib_tls_get_addr due to the presence of __tls_get_addr in the sharp-linux-x64.node file. While this indicates suspicious runtime dependency resolution, it's not sufficient evidence to classify the package as malware. The sharp package is a popular image processing library, and false positives are possible. Without further evidence of malicious intent or behavior, it's safer to assume this is a legitimate use of the function within the context of image processing and dynamic linking.