“Trusted Publishing is just an authentication method. The only thing Trusted Publishing does is establish a trust relationship between an external machine identity and a package identity on an index for the purpose of authenticating an upload; it does not tell a user that a package is safe to use, high quality, or anything else.”

Naming a login mechanism “Trusted” was a marketing decision, not a security one. It proves who uploaded the package. It says nothing about whether the package will wreck your build. People are already reading the word and assuming the thing is vetted. That gap is exactly where the next supply-chain attack lives.