Advisories for Npm/Gulp-Tape package

It is possible to inject arbitrary OS commands by passing them into gulp-tape options.