SkillHub

afrexai-incident-response

v1.0.0

指导业务与IT团队完成事件检测、严重级别判定、遏制、解决、沟通及事后复盘,实现时间自动化追踪

Sourced from ClawHub, Authored by 1kalin

Installation

Please help me install the skill `afrexai-incident-response` from SkillHub official store. npx skills add 1kalin/afrexai-incident-response

Incident Response Playbook

Structured incident response for business and IT teams. Guides you through detection, triage, containment, resolution, and post-mortem — with auto-generated timelines and action items.

What It Does

When triggered with an incident description, this skill:

  1. Classifies severity (P1-P4) based on impact and urgency
  2. Generates a response checklist tailored to incident type (outage, data breach, security event, service degradation, vendor failure)
  3. Builds a communication plan — who to notify, when, what channels
  4. Creates a real-time timeline as you log updates
  5. Produces a post-mortem template with root cause analysis and prevention steps

Usage

Tell your agent about an incident:

"Production API is returning 500 errors for 20% of requests. Started 10 minutes ago."

Or trigger proactively:

"Create an incident response plan for a potential data breach scenario"

Incident Types Covered

  • Service outages — full or partial downtime
  • Security incidents — breaches, unauthorized access, phishing
  • Data incidents — corruption, loss, privacy violations
  • Vendor failures — third-party SLA breaches
  • Performance degradation — latency spikes, capacity issues

Severity Matrix

Level Impact Response Time Escalation
P1 - Critical Business stopped Immediate Executive + all hands
P2 - High Major feature down < 30 min Engineering lead + PM
P3 - Medium Degraded experience < 2 hours On-call team
P4 - Low Minor issue Next business day Ticket queue

Response Framework

1. Detection & Triage (First 5 minutes)

  • Confirm the incident is real (not a false alarm)
  • Classify severity using the matrix above
  • Assign incident commander
  • Open a dedicated communication channel

2. Containment (First 30 minutes)

  • Identify blast radius — what's affected?
  • Apply immediate mitigation (rollback, feature flag, scaling)
  • Communicate status to stakeholders

3. Resolution

  • Root cause investigation
  • Implement fix with verification
  • Monitor for recurrence
  • Update all stakeholders

4. Post-Mortem (Within 48 hours)

  • Timeline of events
  • Root cause analysis (5 Whys)
  • What went well / what didn't
  • Action items with owners and deadlines
  • Process improvements

Integration

Works with any monitoring stack. Feed alerts from PagerDuty, Datadog, Grafana, or manual reports.

Pro Tip

Pair this with a full AI Operations Context Pack for your industry. Pre-built incident taxonomies, compliance-aware escalation paths, and automated stakeholder templates.

Browse packs: https://afrexai-cto.github.io/context-packs/

Free tools: - AI Revenue Calculator: https://afrexai-cto.github.io/ai-revenue-calculator/ - Agent Setup Wizard: https://afrexai-cto.github.io/agent-setup/