Advisories for Npm/Nhouston package

An attacker can provide input such as ../ to read files outside of the served directory.