The first thing that comes to my mind is allowing a Meteor package to essentially declare a top-level NPM dependency, forcing the application owner to import NPM packages. That moves us closer to a full-NPM ecosystem that is less reliant on Atmosphere, which I think is a good thing as that seems to be the way things are generally moving.
This seems like a good solution – sort of a ‘required npm’ package. I think it would be neat if the meteor command can append requested npm packages to package.json, then automatically run npm install afterwards. It would tell the user what packages were installed (sort of like how meteor packages are installed now), then execute the regular meteor run command afterwards.