preview_finding_remediation
Preview remediation changes for a security finding. Returns a structured diff showing exactly what cleanup will occur, enabling operators to confirm before committing.
Instructions
Preview what the platform would do to remediate a finding.
Read-only. Returns a structured diff describing the changes a subsequent apply_finding_remediation call would make. Use this BEFORE apply_finding_remediation to show the operator exactly what cleanup will happen, and get explicit confirmation before committing.
The exact shape of the diff depends on the finding's kind. For kind=structural_duplicate_controls, you get back which controls would be kept, which dropped, and the union of CO mappings + framework refs that would land on the survivor.
Returns 404 if the finding doesn't exist; 422 if the finding's kind has no automatic remediation handler.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| finding_id | Yes | ID of the finding to preview remediation for. | |
| server_version | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||