[stephenr]

Apart from the "SaaS services" (I mean, are they really services for services?), this seems to boil down to:

"We can't trust SaaS.... so we built a SaaS to alert you when the JS delivered by your SaaS changes...". So now you have to trust this SaaS to tell you that the other SaaS is still trustworthy.

[quickthrower2]

That's the premise behind most security software. We can't trust the internet, so download a firewall from the internet to block traffic from the internet.

[stephenr]

The software you download is generally signed by a party that you do trust though, and then runs locally on your computer.

And of course, that also doesn't really apply if you're using an operating system that includes a firewall by default.

[Dyaz17]

For now, Guardscript Goal is for the different SaaS services to use it, not for the individual website owners to use it to monitor the JS of SaaS services.