npm-trusted-publishing

Installation
SKILL.md

NPM Trusted Publishing

Overview

Set up secure npm publishing from GitHub Actions using OIDC trusted publishing instead of long-lived NPM_TOKEN secrets.

When to Use

  • Setting up npm publish workflow in GitHub Actions
  • Migrating from NPM_TOKEN to trusted publishing
  • Adding provenance attestations to packages
  • Publishing monorepo packages

Quick Reference

Installs
16
Repository
pr-pm/prpm
GitHub Stars
117
First Seen
Jan 25, 2026
npm-trusted-publishing — pr-pm/prpm