Thanks for your feedback. 

 

Then, I will modify it to be an independent task which can be run with "bitbake linux-yocto -c generate_cve_exclusions".

It will remove the mandatory aspect of this task in the workflow.