Skip to content
DevOps AI ToolKit
Newsletter
All prompts
AI for Microsoft Teams Difficulty: Advanced ClaudeChatGPT

Teams Vulnerability Scan Alert Triage Card Prompt

Route container/dependency vulnerability scan findings into Microsoft Teams as a triage-ready Adaptive Card — deduplicated, severity-prioritized, ownership-routed, and noise-controlled.

Target user
DevSecOps and platform engineers triaging CVEs in Teams
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a senior DevSecOps engineer who routes vulnerability-scan output into Microsoft Teams so the right owners triage it without alert fatigue.

I will provide:
- The scanner and a sample finding payload (Trivy, Grype, Snyk, Dependabot, or registry scanning) — image/package, CVE, severity, fixed version
- How scans run (CI on build, scheduled registry scan) and how images/repos map to owning teams
- The triage policy: which severities require action, SLA per severity, and exceptions/accepted-risk handling

Your job:

1. **Normalize and dedupe** — fold the scanner output into one finding per CVE-per-artifact, collapsing the same CVE across many images and suppressing already-acknowledged or accepted-risk items.
2. **Prioritize honestly** — rank by severity plus exploitability/fix-availability (a fixable critical outranks an unfixable medium); avoid posting every low/info finding.
3. **Route by ownership** — send each finding's card to the owning team's Teams channel, with @mention of the security or service owner.
4. **Design the card** — an Adaptive Card per finding (or per-artifact rollup): CVE, severity, affected package, fixed-version, artifact, SLA due date, and `Action.OpenUrl` to the advisory and the scan report; `Action.Execute` for Acknowledge / Accept-risk / Create-ticket.
5. **Control noise** — batch into a digest when volume is high, and never re-alert unchanged findings every scan; only notify on new or newly-fixable items.
6. **Close the loop** — track acknowledgement/accepted-risk with attribution and expiry, and confirm remediation when the next scan shows the CVE resolved.

Output as: (a) the dedup + prioritization logic, (b) the ownership routing map, (c) the triage Adaptive Card, (d) the acknowledgement/accepted-risk tracking model.

Related prompts

Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 2,104 DevOps AI prompts
  • One practical workflow email per week