← Back to Skills Marketplace
1kalin

Incident Postmortem Framework

by 1kalin · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
490
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install afrexai-postmortem
Description
Generates structured blameless incident postmortems from raw notes, producing summaries, timelines, root cause analyses, impacts, action items, and preventio...
README (SKILL.md)

Incident Postmortem Generator

Generate blameless incident postmortems from raw notes, Slack threads, or bullet points.

What It Does

Takes messy incident details and produces a structured postmortem document following Google/Atlassian SRE best practices.

Usage

Provide incident details in any format — timeline bullets, Slack copy-paste, verbal notes — and the agent will produce:

  1. Executive Summary — What happened, impact, duration, severity
  2. Timeline — Minute-by-minute from detection to resolution
  3. Root Cause Analysis — 5 Whys format, no finger-pointing
  4. Impact Assessment — Users affected, revenue impact, SLA breach
  5. Action Items — Prioritized fixes with owners and deadlines
  6. Lessons Learned — What worked, what didn't, what was lucky
  7. Prevention Measures — Systemic changes to prevent recurrence

Instructions

When the user provides incident details:

  1. Ask clarifying questions ONLY if critical info is missing (severity, duration, or resolution are the minimum)
  2. Generate the full postmortem in markdown
  3. Flag any gaps the team should fill in before publishing
  4. Suggest 3-5 specific, actionable prevention measures ranked by effort/impact

Formatting Rules

  • Use ISO timestamps in timeline
  • Bold severity level (SEV1-SEV4)
  • Action items must have: description, owner placeholder, deadline placeholder, priority (P0-P3)
  • Keep language blameless — "the deploy process" not "Bob deployed"

Severity Guide

  • SEV1: Revenue-impacting, all users affected, >1hr
  • SEV2: Major feature down, >30% users, >30min
  • SEV3: Degraded performance, \x3C30% users
  • SEV4: Minor issue, workaround available

Example Input

prod went down at 2pm, bad deploy, rolled back at 2:45, ~500 users couldn't checkout, lost maybe $12k revenue

Example Output Structure

# Incident Postmortem: Checkout Service Outage
**Date:** 2026-02-22 | **Severity:** SEV1 | **Duration:** 45 minutes
**Author:** [Team Lead] | **Status:** Draft

## Executive Summary
...

Pro Tip

Run this after every incident, even small ones. The pattern recognition across postmortems is where the real value lives. Teams that write postmortems for SEV3+ incidents catch systemic issues 3x faster.

Need help building incident response processes from scratch? Check out the AfrexAI Context Packs — pre-built operational frameworks for SaaS, healthcare, legal, and 7 more industries. Starting at $47.

Usage Guidance
This skill appears coherent and only provides instructions for formatting incident postmortems. Before using it, avoid pasting sensitive data (secrets, full logs with tokens, or personal data) into the prompt because anything you provide will be used to generate the document. Verify severity/duration fields and any numeric estimates (revenue impact, affected users) — the model may hallucinate or round figures. Review action-item owners and deadlines before publishing, and be aware the README contains a commercial link (AfrexAI context packs) but the skill does not itself contact that site. If you need the agent to access external systems (PagerDuty, Slack, ticketing), prefer explicit integrations that require scoped credentials rather than pasting exported data into the prompt.
Capability Analysis
Type: OpenClaw Skill Name: afrexai-postmortem Version: 1.0.0 The skill bundle is benign. All files (SKILL.md, README.md, _meta.json) align with the stated purpose of generating incident postmortems. The instructions in SKILL.md for the AI agent are clear, task-specific, and do not contain any prompt injection attempts, instructions for unauthorized actions, or commands for data exfiltration or system access. The external links in both markdown files are marketing-related and do not pose a security risk.
Capability Assessment
Purpose & Capability
Name, description, and runtime instructions align: the skill transforms incident notes into structured postmortems and does not request unrelated binaries, credentials, or config paths.
Instruction Scope
SKILL.md contains only stepwise guidance for producing postmortems (ask clarifying questions, generate markdown, flag gaps, suggest prevention measures). It does not instruct reading system files, environment variables, or sending data to external endpoints beyond an informational link.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest-risk install profile (nothing is written to disk by the skill itself).
Credentials
The skill declares no required environment variables, credentials, or config paths. Nothing requested is disproportionate to creating written postmortems.
Persistence & Privilege
always is false and the skill does not request permanent presence or elevated system privileges. Autonomous invocation is allowed by default for skills on the platform, but this skill doesn't combine that with any high-risk access.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install afrexai-postmortem
  3. After installation, invoke the skill by name or use /afrexai-postmortem
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Generate structured, blameless incident postmortems from raw notes. - Accepts unstructured incident details and outputs Google/Atlassian-style postmortems in markdown. - Covers executive summary, detailed timeline, root cause (5 Whys), impact, action items, lessons learned, and prevention measures. - Automatically asks for only critical missing info (severity, duration, or resolution). - Follows strict formatting: ISO timestamps, bolded severity, actionable/assigned/priority-tagged action items. - Blameless language enforced; highlights any info gaps for the team to fill before publishing. - Ranks prevention measures by effort/impact.
Metadata
Slug afrexai-postmortem
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Incident Postmortem Framework?

Generates structured blameless incident postmortems from raw notes, producing summaries, timelines, root cause analyses, impacts, action items, and preventio... It is an AI Agent Skill for Claude Code / OpenClaw, with 490 downloads so far.

How do I install Incident Postmortem Framework?

Run "/install afrexai-postmortem" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Incident Postmortem Framework free?

Yes, Incident Postmortem Framework is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Incident Postmortem Framework support?

Incident Postmortem Framework is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Incident Postmortem Framework?

It is built and maintained by 1kalin (@1kalin); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments