AikidoSec/safe-chain — reverse-engineered prompt

Build me a simple installable tool called Aikido Safe Chain that protects developers when they install packages on their laptop or in CI. I want it to work automatically with the common JavaScript and Python package commands people already use, like npm, npx, yarn, pnpm, bun, pip, uv, poetry, pipx, pdm, and rush, so they do not have to change their normal workflow.

The main idea is that it should sit in front of package downloads, check packages and deep dependencies against Aikido threat intel, and stop the install if something is known malware. It should also hide or block packages that are too new by default, using a 48 hour minimum age, but let that be configurable. Make it free to use with no token setup and no build data being shared.

Please include easy install and uninstall scripts for Mac, Linux, and Windows, shell integration so the commands just work after restarting the terminal, a verify command that confirms the protection is active, a version command, and a simple test package flow to prove blocking works. Look up current docs online if you need to.