The aim of that tool is to find a possible domain takeover via a map file.
The map file allows getting all the dependencies used by the application, after that it could be possible to get the list of all the maintainers of these packages. Once all emails were retrieved, it could be possible to check if the domain name use is still used or if it could be bought ... and perform a domain takeover of the NPM account.
That tool is the application of what is explained on that blog post.
It was just created and used as a PoC for a customer project. The takeover and the exploitation were not done as it was out of scope. Therefore, it could be possible that some bug of issues are present on that script and the corresponding methodology.
Do not use the result of that script for illegal purpose.