Only GitHub Actions and GitLab are supported Trusted Publishers for NPM packages right now (https://docs.npmjs.com/trusted-publishers#supported-cicd-providers). With the rapidly upcoming changes to NPM (https://github.blog/changelog/2025-09-29-strengthening-npm-security-important-changes-to-authentication-and-token-management/), CircleCI should become a Trusted Publisher.