Agents can't know what they don't know to learn.
Supply chain attacks blindside us, turning known-good patterns into brand new attack vectors.
This is how agents keep up. This is how we fight back.

The missing trust layer between AI agents and the packages they install.

Hilt is a supply chain trust oracle. It aggregates advisory feeds, scores package provenance in real time, and gives AI coding agents a gate to query before every install. Your agent doesn't need to understand security. It just needs Hilt.

ACTIVE INCIDENT — MARCH 30, 2026

The official Axios npm package (100M+ weekly downloads) was compromised via a hijacked maintainer account. Two poisoned versions deployed a cross-platform RAT to every machine that ran npm install during the exposure window. Every AI coding agent in the world would have installed it without hesitation. Hilt would have blocked it.

DETECTION
Six signals. All missed. Hilt catches every one.

The Axios compromise produced detectable anomalies in registry metadata hours before any agent or developer pulled the package. Current tooling doesn't check.

CRITICAL
Maintainer account change
Publishing email switched to unverified address
CRITICAL
Provenance break
SLSA build attestation absent on new versions
CRITICAL
Dependency injection
New transitive dependency in a mature package
HIGH
Postinstall execution hook
Injected package runs code on install
MEDIUM
Version velocity anomaly
Two branches poisoned within 39 minutes
MEDIUM
Staging artifact
Malicious dependency pre-published 18 hours prior
ARCHITECTURE
Three modes. One source of truth.

Same trust registry, same scoring engine. Different interfaces for agents, pipelines, and people.

01 — MCP SERVER + API
For AI agents
Real-time trust lookup before every dependency action. Add Hilt to your Claude Code config and your agent queries trust scores before every install — no workflow changes, no new commands. Works with any MCP-compatible agent framework.
02 — DAILY SNAPSHOT
For CI/CD pipelines
Hashed JSON file with SHA-256 integrity manifest. Consumable air-gapped, no live API call required. DNS blocklists, but for packages. Pin it in your build pipeline and block known-compromised versions at the gate.
03 — TERMINAL DASHBOARD
For security teams
Real-time publication feed across npm, PyPI, and crates.io. Anomaly highlighting, organizational watchlists, webhook alerts on trust score changes. The Bloomberg Terminal for supply chain threat intelligence. In development.
INTEGRATION
One config change. Every install protected.
claude_code_config.json 
{
  "mcpServers": {
    "hilt": {
      "url": "https://mcp.trusthilt.com/sse"
    }
  }
}
API query 
# Check a package before install
curl -X POST https://api.trusthilt.com/v1/check \
  -H "Authorization: Bearer $HILT_KEY" \
  -d '{"package": "axios", "version": "1.14.1", "registry": "npm"}'

# → { "trust": "UNTRUSTED", "signals": ["maintainer_change", "provenance_break", "dependency_injection"], "score": 0.12 }
EARLY ACCESS
Get notified when Hilt opens access.

The API and MCP server are built. We're hardening for public access. Drop your email and we'll let you know when it's live.

No spam. Just a launch notification and access instructions.