Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From incident-response
Conduct post-incident review and document findings, root causes, and preventive measures.
npx claudepluginhub sethdford/claude-skills --plugin security-incident-responseHow this command is triggered — by the user, by Claude, or both
Slash command
/incident-response:write-postmortem incident summary or investigation reportThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Write Postmortem Command Chain these steps: 1. Use `root-cause-analysis-security` to finalize root cause analysis 2. Use `lessons-learned` to conduct post-incident review with team 3. Identify systemic improvements and prevention strategies 4. Document findings and preventive actions with accountability and timelines Deliverables: - Post-incident review (postmortem) report with timeline - Root cause analysis with contributing factors - Lessons learned: what went well, what didn't, what to improve - Preventive action plan with owners and timelines - Metrics: MTTR, recovery time, busine...
/write-postmortemComprehensive postmortem with timeline, RCA, prevention, and action items.
/incidentManages incident response: classifies SEV1-4 severity, builds timelines with evidence, performs 5 Whys root cause analysis, generates blameless post-mortems with action items and metrics. Outputs Markdown docs and git commits.
/post-incident-reviewTransform an incident into systemic improvements across all teams.
/incident-reporterCreates detailed incident reports with root cause analysis, timelines, impact metrics, and action items for incident management.
/postmortem-summaryGenerates a structured postmortem summary for a resolved Rootly incident, including timeline, root cause analysis, impact, detection, response, related incidents, action items, and metrics.
/postmortemGenerates a blameless postmortem document for incidents, experiments, or releases, using a structured template with timeline, root cause analysis (5 Whys), impact summary, and action items.
Share bugs, ideas, or general feedback.
Chain these steps:
root-cause-analysis-security to finalize root cause analysislessons-learned to conduct post-incident review with teamDeliverables:
After completion, suggest follow-up commands: respond-to-incident, investigate-breach.