Every time you run npm install , you're rolling dice. A postinstall script from some dependency three layers deep gets unrestricted access to your filesystem. .env files, SSH keys, cloud credentials, your whole $HOME directory. It can read it all, and it can ship it anywhere because the network is wide open. In May 2026, a supply chain worm compromised 84 npm packages that had valid SLSA Build Level 3 provenance. Postinstall scripts siphoned CI/CD secrets, SSH keys, cloud credentials, crypto wallets. It spread quietly because everything looked legitimate. The attack got nicknamed "Shai-Hulud" after the Dune sandworm that swallows everything in its path. ringfence blocks this class of attack at the OS level. Zero config. It wraps your package manager commands in a sandbox so a compromised dependency can't see anything worth stealing. One thing to be clear about: ringfence doesn't stop you from installing malicious code. If a package is bad, it still gets installed.…