← 返回 Skills 市场

Incident Response Runbook

Name: Incident Response Runbook
Author: charlie-morrison

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install incident-response-runbook

功能描述

Create, maintain, and execute detailed incident response runbooks to guide triage, communication, and post-incident reviews for production outages.

使用说明 (SKILL.md)

Incident Response Runbook

Generate, maintain, and execute incident response runbooks for production systems. Use when setting up incident workflows, responding to outages, or documenting post-incident learnings.

Usage

Generate Runbook

Create an incident response runbook for [service/system]. 
Infrastructure: [cloud provider, key services].
Common failure modes: [list known issues].

During Incident

Incident: [description]. Severity: [1-4]. 
Current symptoms: [what's happening].
Help me triage and respond.

Post-Incident

Generate a post-incident review for: [incident summary].
Timeline: [key events with timestamps].
Resolution: [what fixed it].

Runbook Structure

Generated runbooks follow this template:

# [Service] Incident Response Runbook

## Quick Reference
- **On-call:** [rotation link]
- **Dashboards:** [monitoring links]
- **Escalation:** [contact chain]

## Severity Levels
- **SEV1**: Complete outage, revenue impact → respond in 5 min
- **SEV2**: Degraded service, user-facing → respond in 15 min
- **SEV3**: Internal impact, no users affected → respond in 1 hour
- **SEV4**: Cosmetic or minor, no urgency → next business day

## Triage Steps
1. Confirm the issue (check dashboards, reproduce)
2. Assess blast radius (which users/services affected)
3. Assign severity level
4. Start incident channel/thread
5. Communicate to stakeholders

## Failure Modes

### [Failure Mode 1: e.g., Database Connection Pool Exhaustion]
**Symptoms:** [what you'll see]
**Diagnosis:** [commands to run, logs to check]
**Mitigation:** [immediate steps to restore service]
**Root Fix:** [permanent solution]

### [Failure Mode 2: e.g., Memory Leak in Worker Process]
...

## Rollback Procedures
[Service-specific rollback steps]

## Communication Templates
[Internal + external status page templates]

## Post-Incident Review Template
[Blameless review structure]

Scripts

`scripts/generate_runbook.py`

Generate a runbook skeleton from service metadata:

python3 scripts/generate_runbook.py --service api-gateway \
  --provider aws --region us-east-1 \
  --monitors datadog,pagerduty \
  --output runbook-api-gateway.md

AI Enhancement

When used as an agent skill, the incident responder:

Guides triage in real-time with diagnostic commands specific to the stack
Correlates symptoms with known failure modes from the runbook
Drafts status page updates and internal communications
Generates post-incident reviews with timeline, root cause analysis, and action items
Learns from past incidents to improve future runbooks

安全使用建议

This skill appears coherent and benign: it provides templates and a small script to generate runbooks. Before running any agent-generated diagnostic or mitigation commands, verify the target environment and use least-privilege credentials (kubectl/AWS tokens should be restricted). Pay special attention to rollback or mitigation steps that could modify production (deploy rollbacks, DNS changes, feature-flag toggles) and require human approval for destructive actions. Also note the skill's source is unknown—consider vetting it or running the script in a sandbox first.

功能分析

Type: OpenClaw Skill Name: incident-response-runbook Version: 1.0.0 The skill bundle is a legitimate tool for generating and managing incident response runbooks. The Python script `scripts/generate_runbook.py` safely uses string formatting to create markdown templates based on user input, and the `SKILL.md` file provides appropriate instructions for an AI agent to assist with triage and documentation without any signs of malicious intent or prompt injection attacks.

能力评估

✓ Purpose & Capability

Name/description align with contents: SKILL.md and a small helper script generate runbook markdown and provide triage templates and diagnostic commands. Nothing requested or installed is inconsistent with an incident-response runbook.

ℹ Instruction Scope

Instructions are scoped to incident lifecycle (generate, triage, post-incident). They include examples of diagnostic commands (curl, aws logs, kubectl, docker) and rollback/mitigation steps; these are expected for incident response but may require cloud/cluster credentials and can be destructive if executed without care.

✓ Install Mechanism

No install spec; this is instruction-first with one benign helper script. Nothing is downloaded or written to disk by an install step.

✓ Credentials

The skill does not declare or require any environment variables, credentials, or config paths. References to monitoring tools and cloud CLIs in the runbook are expected usage patterns and do not imply unnecessary credential requests by the skill itself.

✓ Persistence & Privilege

always is false (no forced inclusion). disable-model-invocation is false (normal — agent may invoke the skill); the skill does not request elevated persistent privileges or modify other skills' configurations.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install incident-response-runbook
安装完成后，直接呼叫该 Skill 的名称或使用 /incident-response-runbook 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of incident-response-runbook skill: - Generates, maintains, and executes incident response runbooks for production systems. - Provides templates and structured guidance for incident triage, management, and post-incident reviews. - Includes ready-to-use commands for generating runbooks, triaging incidents, and creating post-incident documentation. - Offers scripts for automated runbook generation from service metadata. - Enhances response workflows with real-time diagnostic guidance, communication drafts, and learning from previous incidents.

元数据

Slug incident-response-runbook

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题