Thank you for disclosing any potential security vulnerabilities.
To report a security issue, please use the GitHub Security Advisory "Report a Vulnerability" tab.
You may also report a vulnerability through the npm contact form by selecting "I'm reporting spam, abuse, or a security issue".