Hello,
My current playbook worked and I just want to know if there room for improvement.
revised playbook:
This looks like another case of using ansible as a glorified auditing and reporting tool, and shoehorning a round peg into a square hole along the way...
I would ask myself why those permission are changed and prevent that from happening in the first place. If this happens every week/day, are you going to run this playbook then every week/day to 'fix' things?
Or from cron? That sounds like fixing symptoms rather than problems.
AFAICS the high level logic is
* finding files
* reading their permissions
* changing them only if they are not what you want them (in a rescue block?)
* creating some sort of log file by (ab)using the lineinfile module
This is more or less re-implementing what ansible already does out of the box - using ansible 
I would take the opposite approach:
* Ensure those permissions are what you want them to be
* Generate a report based on the result
That's it. Should be doable with just two tasks.
I’m using the playbook to hardening the O.S, and build new image.
Block and rescue module give me the report whether that system requires change.