thisrohangupta · thisrohangupta · Feb 3, 2026 · Feb 3, 2026 · Feb 3, 2026
diff --git a/templates/zero-day-remediation/metadata.json b/templates/zero-day-remediation/metadata.json
@@ -0,0 +1,5 @@
+{
+    "name": "Zero Day Remediation",
+    "description": "Zero Day Remediation is an agent that automatically identifies and remediates critical vulnerabilities in your software supply chain by proposing fixes and creating pull requests.",
+    "version": "1.0.0"
+}
diff --git a/templates/zero-day-remediation/pipeline.yaml b/templates/zero-day-remediation/pipeline.yaml
@@ -0,0 +1,84 @@
+version: 1
+pipeline:
+  stages:
+    - name: zero_day_remediation
+      steps:
+        - name: remediate_vulnerabilities
+          run:
+            container:
+              image: harness/vulnerability-remediation-plugin:latest
+            with:
+              cve_id: <+inputs.cveId>
+              component_name: <+inputs.componentName>
+              fixed_version: <+inputs.fixedVersion>
+              current_version: <+inputs.currentVersion>
+              harness_org_id: <+inputs.harnessOrgId>
+              harness_project_id: <+inputs.harnessProjectId>
+              target_branch: <+inputs.targetBranch>
+              branch_prefix: <+inputs.branchPrefix>
+              author_name: <+inputs.authorName>
+              author_email: <+inputs.authorEmail>
+              max_repos: <+inputs.maxRepos>
+              search: <+inputs.search>
+              working_directory: /harness
+              detailed_logging: "true"
+            env:
+              ANTHROPIC_API_KEY: <+inputs.anthropicKey>
+              HARNESS_API_KEY: <+inputs.harnessKey>
+              REPO_ACCESS_TOKEN: <+inputs.repoAccessToken>
+      platform:
+        os: linux
+        arch: amd64
+  inputs:
+    anthropicKey:
+      type: secret
+      description: Anthropic API key for Claude LLM analysis
+    harnessKey:
+      type: secret
+      description: Harness PAT token for API operations
+    repoAccessToken:
+      type: secret
+      description: Git access token for repository operations
+    cveId:
+      type: string
+      description: CVE identifier to remediate (e.g., CVE-2021-44228)
+    componentName:
+      type: string
+      description: Vulnerable component name to upgrade
+    fixedVersion:
+      type: string
+      description: Target version to upgrade to
+    currentVersion:
+      type: string
+      description: Current vulnerable version
+    harnessOrgId:
+      type: string
+      required: true
+      description: Harness organization ID
+    harnessProjectId:
+      type: string
+      required: true
+      description: Harness project ID
+    targetBranch:
+      type: string
+      default: main
+      description: Target branch for pull requests
+    branchPrefix:
+      type: string
+      default: "fix/"
+      description: Prefix for fix branches
+    authorName:
+      type: string
+      default: "AI Workflow"
+      description: Git author name for commits
+    authorEmail:
+      type: string
+      default: "ai-workflow@harness.io"
+      description: Git author email for commits
+    maxRepos:
+      type: string
+      default: "0"
+      description: Maximum repositories to process (0 for unlimited)
+    search:
+      type: string
+      description: Filter repositories by name pattern
diff --git a/templates/zero-day-remediation/wiki.MD b/templates/zero-day-remediation/wiki.MD
@@ -0,0 +1,113 @@
+# Zero Day Remediation Agent
+
+## Overview
+
+The 0-Day Remediation agent automatically identifies and remediates critical vulnerabilities in your software supply chain. When a zero-day vulnerability is discovered, this agent inspects logs, test failures, and config errors, proposes concrete fixes, and automatically creates pull requests to downgrade to the safest compatible version.
+
+---
+
+## Key Benefits
+
+- **Reduce Technical Debt**
+  Automatically removes vulnerable packages and dead code, keeping your codebase clean and maintainable without manual intervention.
+
+- **Automate Cleanup PRs**
+  Generates ready-to-review pull requests with all package references removed, including code paths and related configurations.
+
+- **Safe & Validated**
+  Validates that packages are safe to remove by checking rollout states, targeting rules, and recent activity patterns.
+
+- **Full Visibility**
+  Track all cleanup actions through your pipeline with complete audit trails and approval workflows when needed.
+
+---
+
+## How It Works
+
+1. **Scan & Detect**
+   Agent scans your codebase and vulnerability databases to identify 0-day threats that affect your packages.
+
+2. **Validate Safety**
+   Verifies that detected packages are safe to remove by checking rollout percentages, targeting rules, and recent activity.
+
+3. **Generate PR**
+   Agent scans your entire codebase to find all references and creates pull requests that remove flag definitions, checks, and dead code.
+
+4. **Review & Merge**
+   Team reviews the automated PR through your standard process, with changes fully tested and validated before merging.
+
+---
+
+## Inputs
+
+| Input | Type | Required | Default | Description |
+|-------|------|----------|---------|-------------|
+| anthropicKey | secret | Yes | - | Anthropic API key for Claude LLM analysis |
+| harnessKey | secret | Yes | - | Harness PAT token for API operations |
+| repoAccessToken | secret | Yes | - | Git access token for repository operations |
+| cveId | string | No* | - | CVE identifier to remediate (e.g., CVE-2021-44228) |
+| componentName | string | No* | - | Vulnerable component name to upgrade |
+| fixedVersion | string | No | - | Target version to upgrade to |
+| currentVersion | string | No | - | Current vulnerable version |
+| harnessOrgId | string | Yes | - | Harness organization ID |
+| harnessProjectId | string | Yes | - | Harness project ID |
+| targetBranch | string | No | main | Target branch for pull requests |
+| branchPrefix | string | No | fix/ | Prefix for fix branches |
+| authorName | string | No | AI Workflow | Git author name for commits |
+| authorEmail | string | No | ai-workflow@harness.io | Git author email for commits |
+| maxRepos | string | No | 0 | Maximum repositories to process (0 for unlimited) |
+| search | string | No | - | Filter repositories by name pattern |
+
+*Either `cveId` or `componentName` is required.
+
+---
+
+## Requirements
+
+- Harness Supply Chain Security module enabled
+- Repository access with write permissions
+- Supported languages: Java, JavaScript, TypeScript, Python, Go, C#
+- Git-based version control (GitHub, GitLab, Bitbucket)
+
+---
+
+## Example Usage
+
+### CVE-Based Remediation
+
+```yaml
+- name: remediate_vulnerabilities
+  run:
+    container:
+      image: harness/vulnerability-remediation-plugin:latest
+    with:
+      cve_id: "CVE-2021-44228"
+      harness_org_id: "default"
+      harness_project_id: "my-project"
+      max_repos: "10"
+      detailed_logging: "true"
+    env:
+      ANTHROPIC_API_KEY: <+inputs.anthropicKey>
+      HARNESS_API_KEY: <+inputs.harnessKey>
+      REPO_ACCESS_TOKEN: <+inputs.repoAccessToken>
+```
+
+### Component Upgrade
+
+```yaml
+- name: remediate_vulnerabilities
+  run:
+    container:
+      image: harness/vulnerability-remediation-plugin:latest
+    with:
+      component_name: "log4j-core"
+      fixed_version: "2.17.0"
+      harness_org_id: "default"
+      harness_project_id: "my-project"
+      target_branch: "main"
+      branch_prefix: "fix/"
+    env:
+      ANTHROPIC_API_KEY: <+inputs.anthropicKey>
+      HARNESS_API_KEY: <+inputs.harnessKey>
+      REPO_ACCESS_TOKEN: <+inputs.repoAccessToken>
+```