Elizabeth Wyss, Dominic Tassio, Lorenzo De Carli, Drew Davidson: Evaluating LLM-Based Detection of Malicious Package Updates in npm. RAID 2025: 678-692