Do not use or install this package. It will send the contents of process.env to a remote server to demonstrate the leaking of secrets using lifecycle events.
jorijn/pre-post-token-vulnerability
This package is intended to demonstrate the leaking of secrets using pre- and post-event data.
JavaScript