Malicious code in huggingface-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 05d5f0f4f0cc4f4b8a99f6a6b4c1ca2e0aa13ab6cd2d0d7fd3e7a23a2d9593cb The OpenSSF Package Analysis project identified 'huggingface-vscode' @ 100.2.2 npm as malicious. It is considered malicious because: - The packa...