I don't disagree that there are degrees of harm and differences in the ease of detecting such harm. But what's the significance of the distinction? Whether it's found out immediately or found out months later, the remedy for the community will likely be the same if the damage is widespread enough... Flag the version as bad in npm, break the connection between npm and the GitHub repo if the damage was purposeful, and the community picks up the package and starts maintaining a non-malicious version.