cross-env

npm package security scan — isolated V8 sandbox, zero network access