This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Embedded executable found. Insufficient evidence to classify as malware. Legitimate use cases exist for pre-compiled binaries.
The package @esbuild/freebsd-arm64 contains an embedded executable package/bin/esbuild. While this raises a flag, it's not sufficient to classify the package as malware without further evidence. Embedded executables can be legitimate, especially in packages that provide pre-compiled binaries. Without additional suspicious indicators, it's safer to assume it's a valid use case.