Using the Pulumi Libraries as a Supply Chain Attack?

Some of our largest customers want this. It gives them a nice experience that they only have to write at once and then they can reuse it elsewhere. I just had a little bit of sort experiment before we started recording. I think have you thought about using those all sharded Pulumi libraries as a tech factor of supply chain attack? For instance, you do a pipey packet that will be injected in your back-end server. It probably will be well isolated so you will have to work hard to get yourself out of there. But if you're getting something embedded into something being reused by the infrastructure management tool, like it happened with the SolarWinds, then you have access to the