set_mitigation_groups
Define alternative control paths for a control objective by declaratively assigning control groups with AND/OR logic, plus optional defense-in-depth. The AI-gated platform validates the structure.
Instructions
Declaratively set the mitigation group structure for a CO.
Replaces all mitigation group assignments for this CO. AI-gated: the platform evaluates whether the new structure satisfies the CO.
Mitigation groups define alternative paths to satisfy a CO:
Within a group: AND — all controls must be implemented
Across groups: OR — any complete group mitigates the CO
Defense-in-depth: tracked but not required for mitigation
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| co_id | Yes | ID of the control objective (e.g., "CO5"). | |
| groups | Yes | JSON object mapping group numbers to control ID lists. Example: '{"1": ["CTRL-01", "CTRL-02"], "2": ["CTRL-03"]}' | |
| model_id | Yes | ID of the threat model. | |
| justification | No | Why this group structure is appropriate (min 10 chars). | |
| server_version | Yes | ||
| defense_in_depth | No | Comma-separated control IDs for defense-in-depth. Example: "CTRL-04,CTRL-05" |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||