This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
DLLs found, but likely related to image processing. Not enough evidence to classify as malware.
The package @img/sharp-win32-ia32 version 0.34.4 contains DLL files (libvips-42.dll and libvips-cpp-8.17.2.dll). While the presence of embedded executables raises security concerns, it's common for packages, especially those dealing with image processing or native code, to include pre-compiled binaries. Without further evidence of malicious behavior, the presence of these DLLs alone is insufficient to classify the package as malware. The package name suggests it's related to sharp, a popular image processing library, which would legitimately require native binaries.