diff --git a/.npmrc b/.npmrc
new file mode 100644
index 0000000..e650836
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,5 @@
+# Disable lifecycle scripts to mitigate supply chain attacks.
+ignore-scripts = true
+
+# Disable git repositories as package sources to mitigate supply chain attacks.
+allow-git = root
\ No newline at end of file
diff --git a/.yarnrc.yml b/.yarnrc.yml
new file mode 100644
index 0000000..7371556
--- /dev/null
+++ b/.yarnrc.yml
@@ -0,0 +1,8 @@
+# Legacy node_modules behavior.
+nodeLinker: node-modules
+
+# Disable lifecycle scripts to mitigate supply chain attacks.
+enableScripts: false
+
+# Disable git repositories as package sources to mitigate supply chain attacks.
+approvedGitRepositories: [ ]