安全manual
npm Audit Fix Loop
Fix high/critical npm audit findings one at a time with test verification — not a blind npm audit fix --force.
启动提示词
Start the "npm Audit Fix Loop" loop.
Goal: no high or critical npm audit vulnerabilities
Max iterations: 10
Between iterations run: npm audit --audit-level=high && npm test
Exit when: npm audit reports no high/critical issues
Step 1: Pick one high/critical advisory, apply the safest fix, run tests, and repeat.
Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.基本信息
分类
安全
目标
no high or critical npm audit vulnerabilities
最大迭代次数
10
检查命令
npm audit --audit-level=high && npm test
退出条件
npm audit reports no high/critical issues
支持的智能体
Cursor
步骤
- 1
List vulnerabilities
Run npm audit --json. Pick the highest severity fixable issue (one at a time).
npm audit --audit-level=high - 2
Apply safe fix
Use npm audit fix for that advisory or bump the direct dependency. Avoid --force unless unavoidable.
npm test