Installing modules from npm is dangerous enough. Nice for education or playing around, unsuitable for a serious developers' workstation.
Related: http://incolumitas.com/2016/06/08/typosquatting-package-mana...