Around 1,500 AUR Packages Compromised with "Rootkit-Like" Malware

Thankfully I was not hit by that, it seems like as with the other supply chain attacks maybe only around 100 people were affected if I’m understanding this right (https://socket.dev/npm/package/atomic-lockfile) I don’t have NPM installed locally due to this risk but worry sometimes that other packages would pull it in somehow. Say I was one of those affected and was running opensnitch - would I see something like a popup saying npm install atomic-lockfile ?