MCP.so
Sign In
Securitymanual

npm Audit Fix Loop

Fix high/critical npm audit findings one at a time with test verification — not a blind npm audit fix --force.

Kickoff prompt

Start the "npm Audit Fix Loop" loop.

Goal: no high or critical npm audit vulnerabilities
Max iterations: 10
Between iterations run: npm audit --audit-level=high && npm test
Exit when: npm audit reports no high/critical issues

Step 1: Pick one high/critical advisory, apply the safest fix, run tests, and repeat.

Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.

Basic information

Category

Security

Goal

no high or critical npm audit vulnerabilities

Max iterations

10

Check command

npm audit --audit-level=high && npm test

Exit when

npm audit reports no high/critical issues

Supported agents

Cursor

Steps

  1. 1

    List vulnerabilities

    Run npm audit --json. Pick the highest severity fixable issue (one at a time).

    npm audit --audit-level=high
  2. 2

    Apply safe fix

    Use npm audit fix for that advisory or bump the direct dependency. Avoid --force unless unavoidable.

    npm test