Securitymanual
npm Audit Fix Loop
Fix high/critical npm audit findings one at a time with test verification — not a blind npm audit fix --force.
Kickoff prompt
Start the "npm Audit Fix Loop" loop.
Goal: no high or critical npm audit vulnerabilities
Max iterations: 10
Between iterations run: npm audit --audit-level=high && npm test
Exit when: npm audit reports no high/critical issues
Step 1: Pick one high/critical advisory, apply the safest fix, run tests, and repeat.
Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.Basic information
Category
Security
Goal
no high or critical npm audit vulnerabilities
Max iterations
10
Check command
npm audit --audit-level=high && npm test
Exit when
npm audit reports no high/critical issues
Supported agents
Cursor
Steps
- 1
List vulnerabilities
Run npm audit --json. Pick the highest severity fixable issue (one at a time).
npm audit --audit-level=high - 2
Apply safe fix
Use npm audit fix for that advisory or bump the direct dependency. Avoid --force unless unavoidable.
npm test