You can't even install the package without running arbitrary code, that's quite different from most other package managers for languages.
You can't even install the package without running arbitrary code, that's quite different from most other package managers for languages.