Please don't install this package.
This package is just a "private" project to showcase how easy it is to abuse the preinstall and postinstall scripts in npm. This specific package does not send any sensitive information, but it could as well send SSH keys or any other sensitive credentials.