npm is not for managing system software and has not been developed as such. It's a javascript package manager. apt and pacman (and probably yum but never used so can't speak about it) have active maintainers for most packages and the mirrors are well taken care of.
npm is basically a giant array that anyone can add package to.
I believe that node is installed with npm and both are installed in system directories. I think they should by default point the npm global directory to the user dir and not a system dir.
Depends on how you install them, think that's how the default install works but nvm (which I use) puts everything under user directories. Agree with your thinking though, should be changed in the default install for sure.
I'm not saying npm is a good or bad system package manager, just that running arbitrary scripts for requested packages and their dependencies is hardly unique.
It's oblivious to single out npm as a package manager that allows you to be pwned by packages in whatever repo you pull from.
It's not unique, but apt/pacman does not run arbitrary scripts. It runs what has been reviewed by others while npm packages are often not reviewed by anyone except the author, that's the difference.
npm is basically a giant array that anyone can add package to.
I'm using them both accordingly.