← Back to Skills Marketplace
broedkrummen

Incident Hotfix

by Broedkrummen · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
408
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install incident-hotfix
Description
Coder-focused incident response and hotfix execution for production issues. Use when you need reproducible triage, patch/rollback decisions, CI-safe hotfix b...
README (SKILL.md)

Incident Hotfix

Use this alongside broader incident-response skills when code-level action is required.

Workflow

  1. Classify severity using references/severity-matrix.md
  2. Create hotfix branch from current production tag/commit
  3. Reproduce and isolate with minimal failing test
  4. Patch with rollback plan
  5. Run focused CI checks
  6. Capture evidence bundle
  7. Merge + verify + postmortem actions

Step 1 — Create incident workspace

bash scripts/start_hotfix.sh --id INC-1234 --base main

This creates:

  • hotfix/INC-1234-\x3Cslug> branch
  • docs/incidents/INC-1234/ folder
  • starter files for timeline, rollback, and actions

Step 2 — Evidence capture

bash scripts/capture_evidence.sh --id INC-1234

Collects into docs/incidents/INC-1234/evidence/:

  • latest commits + diff summary
  • changed files list
  • local env snapshot (safe subset)
  • test output logs

Step 3 — Patch gate

Before PR/merge, ensure:

  • failing case reproduced (or clearly documented)
  • minimal patch scope
  • rollback command documented in ROLLBACK.md
  • focused tests pass + no new lint/type failures

Step 4 — Postmortem actions

Use references/action-template.md to convert findings into concrete tasks:

  • owner
  • due date
  • verification criteria

Required outputs

  • docs/incidents/\x3Cid>/TIMELINE.md
  • docs/incidents/\x3Cid>/ROLLBACK.md
  • docs/incidents/\x3Cid>/ACTIONS.md
  • docs/incidents/\x3Cid>/evidence/ bundle

Notes

  • Prefer smallest safe patch over broad refactor during incident.
  • If root cause is uncertain, ship containment first, then permanent fix.
  • Never merge hotfix without rollback path.
Usage Guidance
This skill looks like a legitimate incident-hotfix helper, but review and limit its evidence capture before use. Specific recommendations: - Inspect scripts locally before running. The capture script writes env-safe.txt including any variables starting with GITHUB_ (which can include tokens). - Run the scripts only in a trusted environment (no live secrets in process env), or modify scripts to exclude token-like variables (e.g., filter out *_TOKEN, *PASSWORD, GITHUB_TOKEN). - Do not push docs/incidents/.../evidence/ to remote without reviewing its contents; add the evidence directory to .gitignore or ensure it is stored in a secure artifact store instead of the repo. - If you accidentally capture secrets, rotate them immediately (e.g., GitHub tokens). - If you want the skill to be safer, request the author to: (1) avoid capturing GITHUB_* by default, (2) redact token-like values, and (3) document explicit data-handling and retention policies in SKILL.md. Given these issues the skill is coherent but potentially exposes secrets unless adjusted — treat as suspicious until mitigations are applied.
Capability Analysis
Type: OpenClaw Skill Name: incident-hotfix Version: 0.1.0 The skill is classified as suspicious due to shell injection vulnerabilities. Specifically, `scripts/start_hotfix.sh` uses the `--base` argument directly in `git checkout "$BASE"` without sanitization, creating a potential command injection risk if an attacker can control this input. Additionally, the `--id` argument, while sanitized for branch names, is used unsanitized in `mkdir -p "docs/incidents/${ID}/evidence"` and for creating other filenames in both `scripts/start_hotfix.sh` and `scripts/capture_evidence.sh`, which could lead to file system manipulation. There is no evidence of intentional malicious behavior like data exfiltration or persistence, and the `env` capture is appropriately filtered.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md, and scripts all align: they create a hotfix branch, seed incident docs, run lightweight git operations, and collect a focused evidence bundle. No unrelated network endpoints or unusual binaries are requested.
Instruction Scope
The SKILL.md instructs running scripts that capture a local environment snapshot and git metadata into docs/incidents/<id>/evidence/. Capturing environment variables is within triage scope, but the included script indiscriminately greps for variables with prefix GITHUB_ (and other patterns) and writes them to a file in the repository; that can store secrets (e.g., GITHUB_TOKEN, GH_* tokens) in plain text in the repo. The instructions do not warn about sanitizing or excluding secrets, or about not committing the evidence folder.
Install Mechanism
No install spec; this is instruction + small scripts only. No downloads or external installs are performed by the skill itself.
Credentials
The metadata declares no required environment variables, but scripts read the environment and capture variables matching '^(NODE_ENV|ENV|APP_ENV|CI|GITHUB_)'. That mismatch (no declared env but runtime reading of env) is a proportionality concern because it may copy sensitive variables into project files without explicit consent or declaration.
Persistence & Privilege
The skill does not request always-on presence or modify other skills. It writes files and branches inside the repository (TIMELINE.md, ROLLBACK.md, ACTIONS.md, evidence/), which is expected behavior for a hotfix workflow but requires repository write access to take effect.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install incident-hotfix
  3. After installation, invoke the skill by name or use /incident-hotfix
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release: coder-focused incident hotfix workflow with branch scaffolding, evidence capture, rollback, and corrective action templates.
Metadata
Slug incident-hotfix
Version 0.1.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Incident Hotfix?

Coder-focused incident response and hotfix execution for production issues. Use when you need reproducible triage, patch/rollback decisions, CI-safe hotfix b... It is an AI Agent Skill for Claude Code / OpenClaw, with 408 downloads so far.

How do I install Incident Hotfix?

Run "/install incident-hotfix" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Incident Hotfix free?

Yes, Incident Hotfix is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Incident Hotfix support?

Incident Hotfix is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Incident Hotfix?

It is built and maintained by Broedkrummen (@broedkrummen); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments