Gitlab npm token add limits

Hi, I would like to prevent my package to be stolen and used in other projects, as I work with third party companies I want them to be able to install my npm package for only one project that we’re working on togheter, and I don’t want them to be able and use it in their own other projects.

Is that even possible?
What do you suggest?

Thanks in advance.