This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
The package is not a malware due to only one YARA rule match, which is not sufficient to classify it as malicious.
The YARA rule multiple_gcc_high matched the file rollup.linux-arm-gnueabihf.node. This rule indicates that the file was built with multiple versions of GCC. While this can be a sign of suspicious activity, it is not sufficient evidence to classify the package as malware. There is no other supporting evidence.