This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Embedded executable esbuild.exe found, but insufficient evidence to classify as malware. Legitimate use cases for embedded binaries exist.
The package @esbuild/win32-arm64 contains an embedded executable esbuild.exe. While this raises a flag for potential security risks, it's not sufficient to classify it as malware. There are valid use cases for embedding executables, such as pre-compiled binaries. Without further evidence of malicious behavior or intent, it's safer to assume it's a legitimate use case.