See: https://docs.gitlab.com/ee/user/application_security/coverage_fuzzing/index.html#supported-fuzzing-engines-and-languages
Ideally, a generic approach should be taken that we can use to test all our NPM CLI apps.