Malicious code detected in tile.json: Potential typosquatting/supply chain attack. The package name 'tessl/npm-fb-watchman' mimics the legitimate 'fb-watchman' package (a popular Facebook file watching library). The 'npm-' prefix pattern and version 2.0.1 describing version 2.0.2 are suspicious indicators of dependency confusion. This naming convention is commonly used to intercept installations intended for the real package.