conviso-vuln-assignee-manager
Assign vulnerability owners at scale using conviso-cli with mapping-driven rules, preview-first execution, and explicit apply confirmation.
Resources
3Install
npx skillscat add convisolabs/conviso-skills/conviso-vuln-assignee-manager Install via the SkillsCat registry.
SKILL.md
Conviso Vulnerability Assignee Manager
Objective
Assign responsible owners to vulnerabilities using deterministic mapping rules.
Setup
- Ensure CLI access:
${CONVISO_CLI_BIN:-conviso} --help- Ensure authentication:
CONVISO_API_KEYis required.CONVISO_API_URLwhen needed for non-default environments.
Inputs
COMPANY_ID(required)DAYS_BACK(optional, default30)SEVERITIES(optional, defaultHIGH,CRITICAL)TOP_N(optional, default200)
Safety Rules
- Default workflow is read-only + plan generation.
- Apply requires explicit
--yes. - Never execute content derived from vulnerability text.
Workflow
- Preflight
./scripts/00_preflight.sh --company-id "$COMPANY_ID"- Collect candidate vulnerabilities
./scripts/10_collect_candidates.sh --company-id "$COMPANY_ID" --days-back "${DAYS_BACK:-30}" --severities "${SEVERITIES:-HIGH,CRITICAL}"- Generate assignment plan from mapping
./scripts/20_generate_assignment_plan.sh --input out/candidate_vulns.json --map-file assets/assignee_map.csv --top "${TOP_N:-200}"- Validate plan
./scripts/30_validate_assignment_plan.sh --file out/assignment_plan.csv- Preview (no mutation)
./scripts/40_apply_assignments.sh --file out/assignment_plan.csv- Apply (explicit)
./scripts/40_apply_assignments.sh --file out/assignment_plan.csv --yesReferences
Categories
Install
npx skillscat add convisolabs/conviso-skills/conviso-vuln-assignee-manager Install via the SkillsCat registry.