← 返回 Skills 市场
1kalin

Incident Response Playbook

作者 1kalin · GitHub ↗ · v1.0.0
cross-platform ✓ 安全检测通过
795
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install afrexai-incident-response
功能描述
Guides business and IT teams through incident detection, severity classification, containment, resolution, communication, and post-mortem with automated time...
使用说明 (SKILL.md)

Incident Response Playbook

Structured incident response for business and IT teams. Guides you through detection, triage, containment, resolution, and post-mortem — with auto-generated timelines and action items.

What It Does

When triggered with an incident description, this skill:

  1. Classifies severity (P1-P4) based on impact and urgency
  2. Generates a response checklist tailored to incident type (outage, data breach, security event, service degradation, vendor failure)
  3. Builds a communication plan — who to notify, when, what channels
  4. Creates a real-time timeline as you log updates
  5. Produces a post-mortem template with root cause analysis and prevention steps

Usage

Tell your agent about an incident:

"Production API is returning 500 errors for 20% of requests. Started 10 minutes ago."

Or trigger proactively:

"Create an incident response plan for a potential data breach scenario"

Incident Types Covered

  • Service outages — full or partial downtime
  • Security incidents — breaches, unauthorized access, phishing
  • Data incidents — corruption, loss, privacy violations
  • Vendor failures — third-party SLA breaches
  • Performance degradation — latency spikes, capacity issues

Severity Matrix

Level Impact Response Time Escalation
P1 - Critical Business stopped Immediate Executive + all hands
P2 - High Major feature down \x3C 30 min Engineering lead + PM
P3 - Medium Degraded experience \x3C 2 hours On-call team
P4 - Low Minor issue Next business day Ticket queue

Response Framework

1. Detection & Triage (First 5 minutes)

  • Confirm the incident is real (not a false alarm)
  • Classify severity using the matrix above
  • Assign incident commander
  • Open a dedicated communication channel

2. Containment (First 30 minutes)

  • Identify blast radius — what's affected?
  • Apply immediate mitigation (rollback, feature flag, scaling)
  • Communicate status to stakeholders

3. Resolution

  • Root cause investigation
  • Implement fix with verification
  • Monitor for recurrence
  • Update all stakeholders

4. Post-Mortem (Within 48 hours)

  • Timeline of events
  • Root cause analysis (5 Whys)
  • What went well / what didn't
  • Action items with owners and deadlines
  • Process improvements

Integration

Works with any monitoring stack. Feed alerts from PagerDuty, Datadog, Grafana, or manual reports.

Pro Tip

Pair this with a full AI Operations Context Pack for your industry. Pre-built incident taxonomies, compliance-aware escalation paths, and automated stakeholder templates.

Browse packs: https://afrexai-cto.github.io/context-packs/

Free tools:

安全使用建议
This skill is an instruction-only incident response playbook and appears internally consistent. Before installing or using it, avoid pasting sensitive PII or credentials into prompts, verify any recommended actions against your organization's runbooks and change control policies, and be cautious if you later connect the agent to real monitoring/notification systems (PagerDuty, Datadog, etc.) — those integrations will require separate credentials and should be granted using least privilege. If you want higher assurance, review the external links (afrexai-cto.github.io) and confirm the publisher's trustworthiness.
功能分析
Type: OpenClaw Skill Name: afrexai-incident-response Version: 1.0.0 The skill bundle is designed to guide an AI agent through incident response, generating plans and templates. The `SKILL.md` and `README.md` files contain descriptive instructions for the agent's reasoning process and informational links to external resources (e.g., `afrexai-cto.github.io`). There is no evidence of prompt injection attempts, malicious execution commands, data exfiltration, persistence mechanisms, or obfuscation. The external links are presented as resources for the user, not as instructions for the agent to interact with in a harmful way.
能力评估
Purpose & Capability
The skill's name and the SKILL.md content align: it describes classification, checklists, communication plans, timelines, and post-mortems. No unrelated credentials, binaries, or installs are required.
Instruction Scope
Runtime instructions are limited to generating playbooks, timelines, and communication plans based on user-provided incident descriptions. The SKILL.md does not tell the agent to read system files, access environment variables, or contact hidden endpoints.
Install Mechanism
There is no install spec and no code files—this is instruction-only, so nothing is written to disk or downloaded during install.
Credentials
The skill requires no environment variables, credentials, or config paths. Suggested integrations (PagerDuty, Datadog, Grafana) are referenced generically and are not required by the skill itself.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It uses the platform's normal autonomous-invocation model by default.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install afrexai-incident-response
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /afrexai-incident-response 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Launches a comprehensive, structured playbook for business and IT incident response. - Automatic severity classification and tailored response checklists for common incident types - Step-by-step guidance for detection, triage, containment, resolution, and post-mortem - Auto-generates communication plans, real-time incident timelines, and post-mortem templates - Compatible with standard monitoring tools (e.g., PagerDuty, Datadog, Grafana) and manual alerts - Supports incidents like outages, security breaches, data loss, vendor failures, and performance issues
元数据
Slug afrexai-incident-response
版本 1.0.0
许可证
累计安装 3
当前安装数 3
历史版本数 1
常见问题

Incident Response Playbook 是什么?

Guides business and IT teams through incident detection, severity classification, containment, resolution, communication, and post-mortem with automated time... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 795 次。

如何安装 Incident Response Playbook?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install afrexai-incident-response」即可一键安装,无需额外配置。

Incident Response Playbook 是免费的吗?

是的,Incident Response Playbook 完全免费(开源免费),可自由下载、安装和使用。

Incident Response Playbook 支持哪些平台?

Incident Response Playbook 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Incident Response Playbook?

由 1kalin(@1kalin)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论