insight currently uses async@^2.6.2 dependency. This version is affected by a prototype pollution, details:
GHSA-fwr7-v2mv-hh25

The issue was patched in async@^3.2.2. Could you please update insight’s async dependency to fix this security issue? Thanks.