🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
πŸ¦€ ClawHub

Incident Response Playbook

by @1kalin

Guides business and IT teams through incident detection, severity classification, containment, resolution, communication, and post-mortem with automated time...

Versionv1.0.0
Downloads1,017
Installs3
TERMINAL
clawhub install afrexai-incident-response

πŸ“– About This Skill

Incident Response Playbook

Structured incident response for business and IT teams. Guides you through detection, triage, containment, resolution, and post-mortem β€” with auto-generated timelines and action items.

What It Does

When triggered with an incident description, this skill:

1. Classifies severity (P1-P4) based on impact and urgency 2. Generates a response checklist tailored to incident type (outage, data breach, security event, service degradation, vendor failure) 3. Builds a communication plan β€” who to notify, when, what channels 4. Creates a real-time timeline as you log updates 5. Produces a post-mortem template with root cause analysis and prevention steps

Usage

Tell your agent about an incident:

> "Production API is returning 500 errors for 20% of requests. Started 10 minutes ago."

Or trigger proactively:

> "Create an incident response plan for a potential data breach scenario"

Incident Types Covered

  • Service outages β€” full or partial downtime
  • Security incidents β€” breaches, unauthorized access, phishing
  • Data incidents β€” corruption, loss, privacy violations
  • Vendor failures β€” third-party SLA breaches
  • Performance degradation β€” latency spikes, capacity issues
  • Severity Matrix

    | Level | Impact | Response Time | Escalation | |-------|--------|---------------|------------| | P1 - Critical | Business stopped | Immediate | Executive + all hands | | P2 - High | Major feature down | < 30 min | Engineering lead + PM | | P3 - Medium | Degraded experience | < 2 hours | On-call team | | P4 - Low | Minor issue | Next business day | Ticket queue |

    Response Framework

    1. Detection & Triage (First 5 minutes)

  • Confirm the incident is real (not a false alarm)
  • Classify severity using the matrix above
  • Assign incident commander
  • Open a dedicated communication channel
  • 2. Containment (First 30 minutes)

  • Identify blast radius β€” what's affected?
  • Apply immediate mitigation (rollback, feature flag, scaling)
  • Communicate status to stakeholders
  • 3. Resolution

  • Root cause investigation
  • Implement fix with verification
  • Monitor for recurrence
  • Update all stakeholders
  • 4. Post-Mortem (Within 48 hours)

  • Timeline of events
  • Root cause analysis (5 Whys)
  • What went well / what didn't
  • Action items with owners and deadlines
  • Process improvements
  • Integration

    Works with any monitoring stack. Feed alerts from PagerDuty, Datadog, Grafana, or manual reports.

    Pro Tip

    Pair this with a full AI Operations Context Pack for your industry. Pre-built incident taxonomies, compliance-aware escalation paths, and automated stakeholder templates.

    Browse packs: https://afrexai-cto.github.io/context-packs/

    Free tools:

  • AI Revenue Calculator: https://afrexai-cto.github.io/ai-revenue-calculator/
  • Agent Setup Wizard: https://afrexai-cto.github.io/agent-setup/
  • πŸ’‘ Examples

    Tell your agent about an incident:

    > "Production API is returning 500 errors for 20% of requests. Started 10 minutes ago."

    Or trigger proactively:

    > "Create an incident response plan for a potential data breach scenario"