npm-trusted-publishing
✓Use when setting up npm publishing with GitHub Actions - provides trusted publishing with OIDC, provenance attestations, and monorepo configuration
Installation
SKILL.md
Set up secure npm publishing from GitHub Actions using OIDC trusted publishing instead of long-lived NPMTOKEN secrets.
| GitHub Actions permission | id-token: write | | package.json field | repository.url matching GitHub repo | | npm publish flag | --provenance | | npmjs.com setup | Configure trusted publisher per package |
Monorepo note: Include directory field for packages not at repo root.
Use when setting up npm publishing with GitHub Actions - provides trusted publishing with OIDC, provenance attestations, and monorepo configuration Source: pr-pm/prpm.
Facts (cite-ready)
Stable fields and commands for AI/search citations.
- Install command
npx skills add https://github.com/pr-pm/prpm --skill npm-trusted-publishing- Source
- pr-pm/prpm
- Category
- </>Dev Tools
- Verified
- ✓
- First Seen
- 2026-02-01
- Updated
- 2026-02-18
Quick answers
What is npm-trusted-publishing?
Use when setting up npm publishing with GitHub Actions - provides trusted publishing with OIDC, provenance attestations, and monorepo configuration Source: pr-pm/prpm.
How do I install npm-trusted-publishing?
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/pr-pm/prpm --skill npm-trusted-publishing Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code or Cursor
Where is the source repository?
https://github.com/pr-pm/prpm
Details
- Category
- </>Dev Tools
- Source
- skills.sh
- First Seen
- 2026-02-01