[Zikes]

With dependency resolution and node_modules folders dozens of levels deep, it's pretty difficult to verify untrusted code hasn't been injected somewhere.