Keep the
receipts.
npmtc is npm + pnpm with an audited registry. Every release is sealed with a tamper-proof stamp, kill-switched if it goes bad, and made safe for AI agents to read.
npm, with proof.
Same packages, same workflow — a supply chain you can actually account for.
| The usual registry | npmtc | |
|---|---|---|
| Integrity | Trust on publish | Sealed write-once stamp |
| Bad version | Unpublish / deprecate | Tombstone — installs get 410 |
| Publishing | Publish is final | Draft → release, test first |
| AI agents | Docs served raw | AGENTS.md injection-wrapped |
| Engine | One package manager | npm + pnpm, one command |
Sealed, not trusted.
A release isn't a promise — it's a receipt. npmtc stamps every version and can pull a bad one without rewriting history.
Write-once stamp
On release, the registry seals the version: name, integrity, shasum, size and a reproducible digest — immutable from there on.
Tombstone kill-switch
A malicious or corrupted release is replaced by a gravestone: installs get a hard 410, and the record stays permanent.
Draft → release
Publish lands as a mutable draft you can re-push and test via pkg@draft. Releasing seals it and moves latest.
Built for agents.
Half the installs are driven by an AI now. A package's docs are untrusted input — npmtc treats them that way.
Injection-wrapped docs
On install, npmtc wraps each AGENTS.md in a safety notice — before and after — so a doc can't quietly steer the agent reading it.
No trust by source
A trusted publisher with a hijacked chain is still a threat. The warning is unconditional, never "this one's fine."
On the disk, not the screen
The notice is written into the file itself — so it holds even when stdout is piped to /dev/null.