Loading npm security reports…
```bash $ yarn add -D eslint prettier @kirill.konshin/eslint-config-next-custom husky lint-staged ```
LPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code mutates AI-agent skill directories in the consuming project. The mutation is scoped to this package's named skill and creates symlinks to bundled documentation; no confirmed payload execution or data exfiltration exists.
Package defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkg · L10Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg · L10