auto_remediate
Automatically close compliance gaps in a compliance framework by mapping controls, excluding non-applicable requirements, and suggesting new assets or attackers to fill remaining gaps.
Instructions
Automatically close compliance gaps for a framework. Requires PRO tier.
Three-phase loop: (1) auto-map existing controls to unmapped requirements, (2) exclude requirements for non-applicable taxonomy primitives, (3) suggest and apply new assets/attackers for remaining gaps.
Phase (3) routes every proposal whose name matches a soft-deleted
asset/attacker through the same restore-candidate LLM gate
add_asset uses, so reanimating a previously removed entity
reinstates its stable ID and every CO tombstone + control tied to
it (rather than spawning a duplicate fresh ID). The response
distinguishes assets_added / attackers_added (genuinely new)
from assets_restored / attackers_restored (revived soft-
deletes) and lists restored_asset_ids / restored_attacker_ids.
Proposals the gate classified as similar (or that fail-closed
on an unavailable / malformed gate response) appear under
skipped with a per-entry reason — the operator decides whether
to restore manually or rephrase.
Converges automatically: stops when fully covered or when no further progress can be made.
This runs automatically when a framework is selected, but can be re-triggered manually if the model changes.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| model_id | Yes | ID of the threat model. | |
| framework_id | Yes | ID of the compliance framework. | |
| server_version | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||