TIL about Socket Firewall: https://socket.dev/blog/introducing-socket-firewall It's a free tool that blocks malicious packages at install time. It's still advisable to use isolated dev environments (dev containers or vms), but Socket Firewall provides unobtrusive defense in depth.