AUTOMATED SCRIPT GENERATOR

DETAILED ACTION This action is in response to an amendment to application 18/479655, filed on 12/19/2025. Claims 1-20 are pending. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-7, 10-17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over USPGPUB 2005/0138557, hereinafter “Bolder,” and USPGPUB 2024/0303177, hereinafter “Kurian.” Regarding claim 1, Bolder discloses “A computer-implemented method performed by an automated script generator in communication with a user, (see, e.g., Bolder, para. 10; “a script management system is provided. A script repository retrievably stores a plurality of parameterized command script templates. At least one command specification constituent of a command script template specifies a user parameter identifier. A managed entity configuration management module populates parameterized command script templates in deriving corresponding command scripts therefrom.”) the method comprising: receiving, in the automated script generator, a request for a script from the user, the request indicating a scripting language type and including input data and information related to the script; (see, e.g., Bolder, fig. 1 & associated text; para. 38, “An analyst is provided with an interface, such as but not limited to, a Graphical User Interface (GUI) 110 which enables the analyst to create 112, save 114, retrieve 116, modify, delete, etc. specific discrete parameterized CLI command script templates 122, as well to define script execution dependencies 118, and perhaps to define execution authorization contexts.”; para. 42, 47-48, 59-60) analyzing the information related to the script to determine one or more attributes related to the script; (see, e.g., Bolder, fig. 1 & associated text; para. 40-41, 43; “each script template 122 is written to perform a single discrete managed entity configuration task”) identifying a standardized script template for the requested script, the standardized script template being stored in a database in connection with the automated script generator and having the requested scripting language type and attributes that match the determined attributes of the script; (see, e.g., Bolder, fig. 1 & associated text; para. 50-51; “Having selected at least one script template 122 for inclusion in an apply list, network management personnel is presented with the opportunity to specify values for user parameters of user parameters sets 128 corresponding to the script template 122. Network management personnel therefore prepares a list of actual CLI commands for execution on a target managed entity 230 without requiring extensive knowledge of the CLI commands.”) configuring the standardized script template with the input data included in the request; generating a script based on the configuration of the standardized script template; (see, e.g., Bolder, fig. 1 & associated text; para. 50-52; “the script templates 122 in an apply list are populated with valid parameters, the apply list prior to actual transmission for execution 232 on the target managed entity 230 includes an ordered (sequenced) list of actual CLI commands.”). Bolder does not appear to disclose the further limitations: executing the generated script via an audit function in a test environment to determine a performance outcome; and validating the generated script based on the performance outcome.” Bolder does disclose executing an audit function on a generated script (see, e.g., Bolder, fig. 1 & associated text; para. 55-59; “validating”) but does not disclose executing the script to validate its performance. However, Kurian discloses (at figs. 4-5 & associated text) auditing individual performance characteristics for an executed script. Bolder and Kurian are directed toward scripting and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the script generation of Bolder with the script performance validation of Kurian, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to optimize generated script performance. Accordingly, the instant claim is unpatentable over Bolder and Kurian. Regarding claim 2, the combination of Bolder and Kurian renders obvious “The method of claim 1, further comprising: in response to a determination that the script passes the audit, outputting the script; and providing access to the script to the user.” (see, e.g., Bolder, fig. 1 & associated text; para. 55-59). Regarding claim 3, the combination of Bolder and Kurian renders obvious “The method of claim 1,” but does not appear to disclose the limitations “further comprising: prior to receiving the request for the script, receiving a request for access to the automated script generator sent from the user, the request for access including a user ID and user credential of the user; and in response to the request for access, authenticating the user based on the user ID and user credential.” Stated more simply, the combination of Bolder and Kurian does not disclose user IDs and credentialed access based on user IDs and user credentials. On or before the effective filing date of the instant application, user IDs and credentialed access based on user IDs and user credentials were well known in the art at the time of the invention. Official Notice is hereby invoked to that effect. Also on or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the noticed user IDs and credentialed access based on user IDs and user credentials with the script generation of the combination of Bolder and Kurian, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to enhance network security by providing script access only to authorized personnel. Accordingly, the instant claim is unpatentable over Bolder and Kurian. NB: Applicant did not object to the foregoing Official Notice after its first use. Accordingly, Applicant has acquiesced to its use. MPEP 2144.03(C). Regarding claim 4, the combination of Bolder and Kurian renders obvious “The method of claim 1, further comprising: identifying one or more standardized module templates stored in the database, the standardized module template having the requested scripting language type and attributes that match the attributes of the script;” (see, e.g., Bolder, fig. 1 & associated text; para. 50-51; “Having selected at least one script template . . .”) but does not appear to disclose the further limitations comprising “generating a standardized script template by merging the identified one or more standardized module templates; and storing the standardized script template in the database.” Bolder does disclose (at para. 53) “In accordance with information held in the dependency tables 126 corresponding to all script templates 122 in a particular apply list, an script sequencer 150 correctly orders (sequences) the resulting CLI command scripts to be executed on target managed entities requesting, retrieving, and inserting 152 any additional prerequisite script templates 122 not initially selected by the network management personnel.” The combining of numerous scripts into a single execution list is analogous, but not identical, to merging multiple script templates into a single script template. On or before the effective filing date of the instant application, merging multiple script templates into a single script template was known in the art. Official Notice is hereby invoked to that effect. Also on or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the noticed script template merging with the script generation of the combination of Bolder and Kurian, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to enhance efficiency and reduce complexity. Accordingly, the instant claim is unpatentable over Bolder and Kurian. NB: Applicant did not object to the foregoing Official Notice after its first use. Accordingly, Applicant has acquiesced to its use. MPEP 2144.03(C). Regarding claim 5, the combination of Bolder and Kurian renders obvious “The method of claim 1, wherein configuring the standardized script template with the input data further comprises: identifying one or more placeholders that require configuration within the identified standardized script template; mapping the input data included in the request to the one or more placeholders; and populating the one or more placeholders with the input data.” (see, e.g., Bolder, fig. 1 & associated text; para. 58-59). Regarding claim 6, the combination of Bolder and Kurian renders obvious “The method of claim 1, further comprising: storing the generated script in a repository before executing an audit function on the script.” (see, e.g., Bolder, fig. 1 & associated text; para. 52-54). Regarding claim 7, the combination of Bolder and Kurian renders obvious “The method of claim 1,” but does not appear to disclose the limitations “wherein executing the audit function further comprises: validating the script against a predetermined validation rule to determine a level of adherence of the script to the validation rule; obtaining a validation score based on the level of adherence; and in response to a determination that the validation score exceeds a predetermined threshold, determining that the script is validated.” In other words, while Bolder does disclose script validation (see, e.g., para. 55), the combination of Bolder and Kurian does not disclose obtaining a validation score and adjudicating validity based on said validation score. However, on or before the effective filing date of the instant application, using validation scores to determine script validity was known in the art. Official Notice is hereby invoked to that effect. Also on or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the noticed validation scores with the script generation of the combination of Bolder and Kurian, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to avoid malfunction. Accordingly, the instant claim is unpatentable over Bolder and Kurian. NB: Applicant did not object to the foregoing Official Notice after its first use. Accordingly, Applicant has acquiesced to its use. MPEP 2144.03(C). Regarding claim 10, the combination of Bolder and Kurian renders obvious “The method of claim 1,” but does not appear to disclose the limitations “further comprising: in response to a determination that the script fails the audit, automatically initiating a modification cycle, the modification cycle comprising: generating a modified script; and executing an additional audit function on the modified script; and in response to a determination that the modified script fails the audit, initiating an additional modification cycle until a total number of the modification cycles reaches a predetermined number.” In other words, while Bolder does disclose script validation (see, e.g., para. 55), the combination of Bolder and Kurian does not disclose modifying an invalid script and then validating the modified script, repeatedly. However, on or before the effective filing date of the instant application, repeatedly modifying an invalid script and then validating the modified script was known in the art. Official Notice is hereby invoked to that effect. Also on or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the noticed modification and revalidation attempts with the script generation of the combination of Bolder and Kurian, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to avoid malfunction. Accordingly, the instant claim is unpatentable over Bolder and Kurian. NB: Applicant did not object to the foregoing Official Notice after its first use. Accordingly, Applicant has acquiesced to its use. MPEP 2144.03(C). Regarding claims 11-17 and 20, the instant claims are equivalents of claims 1-7 and 10, differing only by statutory class. Accordingly, the rejections of claims 1-7 apply, mutatis mutandis, to claims 11-17, and the rejections of claim 10 applies, mutatis mutandis, to claim 20. Claims 8-9 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Bolder and Kurian and Dai et al., “Automatically Detecting Risky Scripts in Infrastructure Code,” ACM, 2020, hereinafter “Dai.” Regarding claim 8, the combination of Bolder and Kurian renders obvious “The method of claim 1,” but does not appear to disclose the further limitations regarding script testing. Dai discloses “a generic analysis framework to identify risky scripts in infrastructure code.” (Dai, pg. 359, sec. 1). The combination of Bolder, Kurian, and Dai renders obvious “The method of claim 1, wherein executing the audit function further comprises: executing a testing task on the script against a predetermined testing rule, the testing rule specifying an expected performance outcome from the script; (Dai, pg. 366, sec. 4; “We implement SecureCode in Python language, using parsing functions in Ansible-lint v4.2.0, Shell script analyzer ShellCheck v0.7.0, and PowerShell script analyzer PSScriptAnalyzer v1.18.3.”; sec. 4.1; “With each new Github commit, SecureCode is invoked to check the repository code in a VM”) obtaining a tested performance outcome from the script in the testing task; comparing the tested performance outcome and the expected performance outcome; (Dai, pg. 366, sec. 4.1; “After SecureCode finishes checking, the checking status returns to the corresponding Github commit”) and in response to a determination that the tested performance outcome matches the expected performance outcome, determining that the script passes the testing.” (Dai, pg. 366, sec. 4.1; “If SecureCode identifies an issue, the commit is associated with a red cross mark (otherwise a green check mark), shown by Figure 5. The developer can click on “details” to see SecureCode’s detection reports.”). Dai, Kurian, and Bolder are directed toward configuration scripts and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the script analysis of Dai with the script generation of Bolder and Kurian, thereby obtaining the invention of the instant claim. A clear and predictable motivation to combine appears in Dai: “Risky patterns in the embedded scripts have widespread of negative impacts across the whole infrastructure, causing disastrous consequences” necessitating “an analysis framework, which can automatically extract and compose the embedded scripts from infrastructure code before detecting their risky code patterns with correlated severity levels and negative impacts.” (Dai, pg. 358, Abstract). Accordingly, the instant claim is unpatentable over the combination of Bolder, Kurian, and Dai. Regarding claim 9, the combination of Bolder, Kurian, and Dai renders obvious “The method of claim 8, wherein executing the audit function further comprises: creating a testing environment for the testing task; (Dai, pg. 366, sec. 4; “We implement SecureCode in Python language, using parsing functions in Ansible-lint v4.2.0, Shell script analyzer ShellCheck v0.7.0, and PowerShell script analyzer PSScriptAnalyzer v1.18.3.”) identifying a test environment profile in a database in connection with the automated script generator; (Dai, pg. 366, sec. 4; “For each github repository, we create a Travis job to conduct SecureCode’s checking on the automation files with the extension of .yml, .yaml, .sh, and .ps1, in the master branch.”) and configuring the testing environment with the test environment profile, wherein the testing task is executed in the test environment.” (Dai, pg. 366, sec. 4; “A Travis job is defined by the .travis.yml configuration file, which contains three steps: pre-installation, installation, and a running command to invoke SecureCode. In our experiments, all Travis jobs are running on a Ubuntu v16.04.5 VM with kernel v4.19.52, provisioned on IBM Cloud.”). Regarding claims 18-19, the instant claims are equivalents of claims 8-9, differing only by statutory class. Accordingly, the rejections of claims 8-9 apply, mutatis mutandis, to claims 18-19. Response to Arguments Applicant’s arguments in traversal of the standing claim rejections have been carefully reviewed but are rendered moot by the foregoing new grounds of rejection. Conclusion Applicant's amendment necessitated any new grounds of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to RYAN D COYER whose telephone number is (571) 270-5306. The examiner can normally be reached Monday-Friday 12pm-10pm Eastern Time. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Mui, can be reached on 571-272-3708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/ docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Ryan D. Coyer/Primary Examiner, Art Unit 2191