npm Audit Fix Loop
Fix high/critical npm audit findings one at a time with test verification — not a blind npm audit fix --force.
// parameters
// run_this_loop
Copy the kickoff into your agent first. The blueprint below explains how the loop evaluates progress and when it should stop.
Use loop copies the kickoff prompt. Share copies the loop link. Open in Cursor / Claude only pre-fill that prompt — they do not install hook files. Download loop saves the loop as npm-audit-fix-loop.md.
Start the "npm Audit Fix Loop" loop.
Goal: no high or critical npm audit vulnerabilities
Max iterations: 10
Between iterations run: npm audit --audit-level=high && npm test
Exit when: npm audit reports no high/critical issues
Step 1: Pick one high/critical advisory, apply the safest fix, run tests, and repeat.
Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.// blueprint
The loop contract: target outcome, execution sequence, checks, stopping condition, and safety constraints.
no high or critical npm audit vulnerabilities
// loop_sequence
Trigger
Manual start
Actions block
Feedback gate
Evaluate: npm audit --audit-level=high
Run the check, read the output, then decide whether the loop is complete.
Check failed
Repeat actions with the latest feedback.
Success
No high or critical npm audit vulnerabilities remain
// steps
- 1List vulnerabilities
Run npm audit --json. Pick the highest severity fixable issue (one at a time).
npm audit --audit-level=high - 2Apply safe fix
Use npm audit fix for that advisory or bump the direct dependency. Avoid --force unless unavoidable.
npm test