Fix NPM Vulnerabilities

The SKILL.md file contains instructions that direct the AI agent to perform silent global installations of software (e.g., 'npm install -g <tool>') without seeking user confirmation. While the stated intent is to facilitate npm vulnerability remediation using tools like 'snyk' or 'pnpm', the instruction to bypass user consent for system-level changes is a significant security risk that could be exploited to install arbitrary packages. This behavior qualifies as a high-risk vulnerability/pattern rather than confirmed malice.