A walk through what Kratex does at each step of a real npm supply-chain compromise: gating lifecycle scripts at install, intercepting calls at runtime, and attributing every operation to the package that made it.