Node-red-contrib-viseo-google-spreadsheet : scary warnings

Running

npm install node-red-contrib-viseo-google-spreadsheet

Yields a bunch of scary warnings about deprecated dependencies and security warnings. Running npm audit afterwards gives me a long list of details that are above my current knowledge level. For instance,

│ High          │ Denial-of-Service Extended Event Loop Blocking 
│ Package       │ qs 
│ Patched in    │ >= 1.x
│ Dependency of │ node-red-contrib-viseo-google-spreadsheet 
│ Path          │ node-red-contrib-viseo-google-spreadsheet >  
│               │ node-red-viseo-helper > request > qs 
│ More info     │ https://npmjs.com/advisories/28

I checked the advisory and then the repository and then ran npm install qs in the hopes that it would fix it. Restarted NR and re-ran npm audit and got the same result. Clearly there is something I should be doing but don't know how to do.

As a general question, when faced with security/deprecated warnings when installing a node, what is the process for ironing that out?

The Google spreadsheet node is installed and works well enough to tell me that I need to RTFM:

Missing VISEO Bot Maker key - Read the documentation.

Which I did and saw no mention of a Bot Maker key, nor do I see a place to enter it...

From their main repo: "VISEO Bot Maker is a framework built on top of Node-RED". I think that their nodes are designed to be used as part of a larger system.

I also note that they have a lot of open and unanswered issues.

However, whatever the case, you will need to raise an issue on GitHub asking them to update their dependencies.

More info appears to be here:

There doesn't appear to be a resolution yet however even though that was raised in April.

I actually started to raise an issue over on the VISEO repository to ask about this but I saw that there were lots of open questions so I thought I'd start here first. I'll finish my question and see what kind of response I get. I don't expect it will be quick or helpful.
Thanks!