Supply chain trust scoring

Both axios and node-ipc scored CRITICAL
before they got attacked.

26 npm packages with 10M+ weekly downloads have a single publisher. npm audit doesn't flag this. Commit does.

Behavioral signals — publisher depth, release consistency, maintenance patterns — surface the risk that stars, READMEs, and vulnerability databases miss. Scores npm, PyPI, Cargo, and Go packages. Free CLI, CI gate, API, and MCP server.

Audit your dependencies → Get free API key → Pricing →

 $ npx proof-of-commitment --file package.json

Zero install. Auto-detects lockfiles.

Live data

Packages you depend on, scored right now.

These are real scores from the live API. Single-publisher packages with massive download counts are flagged CRITICAL — the exact profile exploited in the axios, LiteLLM, and node-ipc attacks.

npx proof-of-commitment axios zod chalk express

┌──────────┬───────┬─────────────┬────────────┬────────────┐
│ Package  │ Score │ Risk        │ Publishers │ Downloads  │
├──────────┼───────┼─────────────┼────────────┼────────────┤
│ axios    │   86  │ 🔴 CRITICAL │ 1          │ 99M/wk     │
│ zod      │   83  │ 🔴 CRITICAL │ 1          │ 163M/wk    │
│ chalk    │   75  │ 🔴 CRITICAL │ 1          │ 413M/wk    │
│ express  │   90  │ ✅ OK       │ 5          │ 95M/wk     │
└──────────┴───────┴─────────────┴────────────┴────────────┘
 3 CRITICAL · 0 HIGH · 0 WARNING

Try with your packages → Read: Two attacks, one week — the data was already there →

Live demo

Type any GitHub repo. See its trust card instantly.

No install. No account. Longevity, maintenance activity, contributor depth — scored from behavioral signals.

The same data the extension injects into GitHub. Available as JSON for any script or agent.

Get started

Three ways in. No account required.

CLI for your terminal, GitHub Action for your CI, API for everything else.

Terminal

CLI — zero install

Run once in any project directory. Auto-detects package.json, lockfiles, requirements.txt, Cargo.toml, go.mod.

terminal

$ npx proof-of-commitment
Auto-detected: package-lock.json (247 deps)
 3 CRITICAL · 2 HIGH · 12 WARNING
$ npx proof-of-commitment --fail-on=critical
 exit 1  # blocks your CI pipeline

Quickstart guide →

CI/CD

GitHub Action

Block PRs that introduce CRITICAL dependencies. Posts audit table as a PR comment. One YAML file.

.github/workflows/supply-chain.yml

- uses: piiiico/commit-action@v1
  with:
    fail-on-critical: true
    comment-on-pr: true

commit-action on GitHub →

API / MCP

REST API + MCP server

Batch audit up to 20 packages in one call. Add the MCP server to Claude Desktop or Cursor — ask it to audit your project.

curl

curl -X POST getcommit.dev/api/audit \
  -d '{"packages":["axios","zod"]}'

# → {"results":[{"name":"axios",
#    "score":86,"riskFlags":["CRITICAL"]},...]}

Get free API key →

The problem

Content is free. Commitment is not.

PageRank solved 1996 with hyperlinks — costly acts that were hard to fake at scale. In 2026, links are easy. AI generates content, reviews, and citations at zero marginal cost. The information layer has collapsed into self-referential noise.

But there is a category of signal that remains structurally hard to fake: commitment. A repeat purchase. A decade of profitable operation. A customer who returns after a price increase. These acts require real cost — time, money, skin in the game. No AI can manufacture them at scale without bearing that cost.

The thesis

PageRank worked because hyperlinks were costly acts — a website owner putting their reputation behind another page was a meaningful signal. That signal was hard to fake in 1998. In 2026, it is easy.

But there is a category of human action that remains structurally hard to fake: commitment. A person who visits the same restaurant twelve times in thirty days. A company with twelve years of profitable operation. A customer who has purchased from the same supplier across three different economic cycles.

These are behavioral signals rooted in real cost — time, money, attention, reputation on the line. No language model can manufacture them at scale without bearing the actual cost.

“When content becomes free, commitment becomes scarce. The commitment layer is what remains hard to fake.”

Commit captures, aggregates, and surfaces these signals — so AI recommendations, search results, and trust scores are grounded in reality, not manufactured consensus.

Think of it as the trust layer that should have been built alongside the information layer — but wasn't, because we didn't need it until now.

Why now

Three curves converged in early 2026. AI search is wrong about local businesses a third of the time — the trust problem is acute. Zero-knowledge proofs hit production (zkTLS: 3M verifications, zero fraud). And proof of personhood reached scale (World ID: 18M verified humans; eIDAS 2.0 mandates wallets for 450M Europeans by year-end).

Each component existed in isolation. The integration — behavioral proofs from verified humans, consumed by AI systems — is what nobody has built.

What we're building

I — Trust API

Behavioral ground truth for AI systems.

AI agents and recommendation systems query a simple API: how many real humans committed to this, and how deeply? Instead of scraped reviews and gamed ratings, they get behavioral signals rooted in real cost — time, money, sustained engagement.

II — Browser Extension

Ad blocker for AI hallucinations.

When ChatGPT, Perplexity, or Claude recommends a business, the extension surfaces what's real: years of operation, financial health, food safety scores — verified from public records and behavioral data. Catches bankrupt restaurants still being recommended. Useful from install one.

III — Commitment Protocol

The index layer for reality.

A privacy-preserving protocol for contributing behavioral commitments anonymously. Zero-knowledge proofs let anyone prove they committed — without revealing who they are. The foundation for trust infrastructure that can't be gamed.

"Skin in the game is the only unfakeable signal."

Reputation can be manufactured. Reviews can be bought. But repeat purchases, staked capital, and sustained behavioral patterns require real cost.

Any system that substitutes opinion for commitment will be gamed. We're building the alternative.

Read the full essay →

How it works

I — Proof of Personhood

No fake people, no fake data.

There is no "bad data" — only fake data from fake people. BankID (4.6M Norwegians), World ID (18M+ globally), and eIDAS 2.0 (450M Europeans by year-end) provide the sybil-resistant identity layer. Every signal in the graph comes from a verified, unique human.

II — Zero-Knowledge Proofs

Contribute everything, reveal nothing.

zkTLS lets anyone prove behavioral claims about themselves — "I've visited this restaurant five times in six months" — without revealing identity, transaction details, or any other data. 3M+ verifications, zero fraud. Privacy is not a tradeoff.

III — Incentive Mechanism

Money, not reputation points.

Earn by contributing verified behavioral data. Pay to query the network's collective intelligence. Stake on recommendations — if others commit to the same thing, you earn; if they don't, you lose. Resolution is behavioral data, not opinion. The game cannot be rigged.

Why Norway first

Norway has something no other country has: freely accessible, structured commitment data already in the public domain. Brønnøysundregistrene publishes full financial statements for every Norwegian company. Mattilsynet publishes food safety inspection results for every restaurant. PSD2 mandates open banking APIs across 3,500+ European banks.

The gap is not data access — it's assembly. The foundation layer is live today. The behavioral layer is what we're building.

For developers

Trust API + browser extension.

The extension surfaces commitment signals at point of decision — on GitHub and search. The trust API exposes the same data to any script, agent, or AI assistant.

One data layer. Two surfaces. No API key required.

curl

curl https://poc-backend.amdal-dev.workers.dev/api/github/hawkaa/commit

GET /api/github/{owner}/{repo} Commit Score, endorsements, longevity — any public repo

GET /api/business/{orgno} Norwegian business — Brreg financial health, years operating

POST /endorsements Submit a ZK-verified endorsement — anonymous, on-chain anchored

GET /badge/github/{owner}/{repo}.svg Embeddable SVG badge — updates daily

Commit Index MCP — package supply-chain auditing

Sister product for npm/PyPI risk scoring. Add to Claude Desktop or Cursor — no install, no API key.

~/.claude/claude_desktop_config.json

{
  "mcpServers": {
    "commit-index": {
      "type": "streamable-http",
      "url": "https://poc-backend.amdal-dev.workers.dev/mcp"
    }
  }
}

"Audit these for supply chain risk: axios, zod, chalk, lodash, express, dotenv, uuid"

Open source. Source on GitHub.

Foundation layer

Public records are the floor, not the ceiling.

Registry data — years of operation, financial health, regulatory status — is the verifiable foundation. It tells you a business has skin in the game: capital committed, years survived, filings maintained.

The full picture requires behavioral data: repeat customers, return rates, sustained engagement. That layer is what we're building. The extension shows where it starts. The protocol defines where it ends.

For maintainers

A canonical trust page for your repo.

Every public GitHub repo has a trust card — Commit Score, endorsements, longevity. Share it. Link it from your README, paste it in your launch post. The URL is permanent.

poc-backend.amdal-dev.workers.dev/api/github/{owner}/{repo}

[Trust card →](https://poc-backend.amdal-dev.workers.dev/api/github/hawkaa/commit)

Commit Index — README badges for npm/PyPI packages

Sister product for package maintainers. Embed a live trust score badge — updates daily.

npm

[![Commit Trust](https://getcommit.dev/badge/npm/YOUR-PACKAGE)](https://getcommit.dev)

PyPI

[![Commit Trust](https://getcommit.dev/badge/pypi/YOUR-PACKAGE)](https://getcommit.dev)

Live examples:

Both axios and node-ipc scored CRITICAL before they got attacked.