explainx.ai
Maintenanceprompt onlyIntermediate

Package Audit Fixer

Automatically identifies and fixes package vulnerabilities in your Node.js project by running `npm audit` and applying recommended fixes until the audit is clean.

← all loops
npmsecuritydependenciesmaintenanceaudit

Goal

Fix package issues

How to Run

Run this loop in your preferred coding agent to automatically fix npm package vulnerabilities.

  1. 01

    Open Coding Agent

    Launch Cursor, Claude Code, Codex, OpenCode, or Gemini CLI in your project directory.

  2. 02

    Input Kickoff Prompt

    Paste the kickoff prompt into the agent to start the loop.

  3. 03

    Follow Agent Instructions

    Allow the agent to run `npm audit`, analyze vulnerabilities, and apply fixes iteratively.

  4. 04

    Verify Exit Condition

    Wait for the agent to complete all iterations or achieve a clean audit.

Workflow Steps

  1. 01

    Run Initial Audit

    Execute `npm audit` to generate initial vulnerability report.

  2. 02

    Parse Vulnerabilities

    Analyze audit output to identify vulnerable packages and their severity levels.

  3. 03

    Apply Fixes

    Use `npm audit fix` to automatically resolve non-breaking vulnerabilities.

  4. 04

    Handle Breaking Changes

    For high-severity issues requiring major version updates, prompt user for confirmation before proceeding.

  5. 05

    Re-run Audit

    Repeat `npm audit` to check remaining vulnerabilities after fixes.

  6. 06

    Iterate Until Clean

    Continue the process up to max_iterations until exit condition is met.

Kickoff Prompt

Start the "Package Audit Fixer" loop.

Goal: Fix package issues
Max iterations: 10
Between iterations run: npm audit
Exit when: Audit clean


I'm starting a package audit fixer loop. Please follow this workflow:

1. Run `npm audit` and show me the results.
2. For each vulnerability found, try to apply fixes with `npm audit fix`.
3. If any fix requires user confirmation (e.g., breaking changes), ask me before proceeding.
4. After applying fixes, run `npm audit` again to verify progress.
5. Repeat steps 1-4 until the audit is clean or we reach 10 iterations.

Start now by running the initial audit.

Self-pace this loop. After each iteration, run `npm audit` and evaluate the output, and only continue if the exit condition is not met (Audit clean). Stop when the exit condition passes or 10 iterations are reached. Give a short status update each pass.

Guardrails

hardcoded
  • ·Never modify package.json or package-lock.json without explicit vulnerability-related changes.
  • ·Avoid breaking changes by prioritizing non-breaking updates first.
  • ·Only use `npm audit fix`, `npm install`, or approved commands to resolve vulnerabilities.
  • ·Do not remove or add packages unless strictly necessary for security fixes.
  • ·Ensure tests or builds succeed after each fix before proceeding to next iteration.

Flow Diagram

rendering…

Related loops — Maintenance

Maintenance

Upgrade Framework Version

This loop automates the process of upgrading a project's framework to a newer version. It systematically analyzes the current framework, plans the upgrade path, updates dependencies, resolves breaking changes, and ensures all tests pass before completion.

Maintenance

Dependency Update Until Green

Automated loop to safely upgrade project dependencies while ensuring all tests pass after each update. The agent incrementally updates out-of-date packages and runs test checks to prevent breaking changes.

Maintenance

Monorepo Health Check

This loop performs a comprehensive health check of a monorepo by validating its structure, dependencies, code quality, and consistency. It iteratively identifies and resolves issues related to missing dependencies, outdated packages, lint errors, and architectural inconsistencies until the repository passes validation.