tl;dr:A npm package's manifest is published independently from its tarball. Manifests are never fully validated against the tarball's contents. The ecosystem has broadly assumed the contents of the manifest & tarball are consistant. Any tools or insights using the public registry are succeptible to exploitation/likely inaccurate. Bad actors can hide malware & scripts in direct or transitive dependencies that go undetected.