loops!Security Audit Weekly
Weekly npm audit scan, triage vulnerabilities by severity, and propose or apply safe patches.
4 copies · 37 views
by loops!
Use loop copies the kickoff. Share copies the loop link. Open in Cursor / Claude Code only pre-fill that prompt — they do not install hook files. Download loop saves a README and kickoff into .cursor/loops/security-audit-weekly/ — no hooks required. Full install guide
- Do not modify the check command or exit criteria to force success
- Do not skip, disable, or bypass checks to pass the exit condition
- If stuck after several iterations, stop and report blockers instead of gaming metrics
Two separate pieces
- Kickoff prompt — tells the agent the goal, check command, exit condition, and how to self-pace between passes.
- 1
Copy or open the kickoff prompt
Click Use loop to copy the kickoff into your clipboard. Open in Cursor and Open in Claude Code only open the agent with that prompt — they do not configure automation for you.
- 2
Paste into your coding agent
Start a chat in Cursor, Claude Code, Codex, or any agent. Paste the kickoff. The prompt includes the goal, iteration limit, shell check, and first step.
- 3
Agent self-paces until done
The agent runs the loop: act → run check command → read output → repeat until the exit condition is met or max iterations is reached. No install step is required for prompt-only loops.
Full guide with Cursor /loop notes: How to install loops
1. Run npm audit
Run npm audit and capture critical, high, and moderate findings.
npm audit --json
2. Triage findings
Group vulnerabilities by severity and exploitability. Flag dev-only vs production exposure.
3. Propose fixes
Recommend npm audit fix, targeted overrides, or dependency bumps. Note breaking changes.
/loop 7d Start the "Security Audit Weekly" loop. Goal: deliver a weekly npm audit summary with a remediation plan. Between iterations run: npm audit --json Exit when: summary is posted with prioritized fixes. Step 1: Run npm audit, triage by severity, and propose safe remediation steps.
Related loops
/loop 7d Start the "Dependency Audit Weekly" loop. Goal: deliver a weekly dependency audit summary. Between iterations run: npm outdated || true Exit when: summary is posted with recommended upgrades. Step 1: Run npm outdated, categorize updates, and propose a safe upgrade plan.
Start the "Dependency Upgrade One-by-One" loop. Goal: critical outdated deps are upgraded with green tests Max iterations: 15 Between iterations run: npm outdated && npm test && npm run build Exit when: npm outdated shows no critical packages left or user stops Step 1: Pick one outdated package, upgrade it, fix breakages, commit, and stop. One package per iteration. Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.
Start the "npm Audit Fix Loop" loop. Goal: no high or critical npm audit vulnerabilities Max iterations: 10 Between iterations run: npm audit --audit-level=high && npm test Exit when: npm audit reports no high/critical issues Step 1: Pick one high/critical advisory, apply the safest fix, run tests, and repeat. Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.