- Home
- Skills
- Ancoleman
- Ai Design Components
- Managing Incidents
managing-incidents_skill
- Python
291
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill ancoleman/ai-design-components --skill managing-incidents- outputs.yaml7.5 KB
- SKILL.md14.1 KB
Overview
This skill guides incident response from detection through post-mortem using SRE principles, severity classification, on-call management, blameless culture, and structured communication. It provides concrete workflows, role definitions, runbook standards, and metrics to reduce MTTR and improve reliability. Use it to design or improve incident processes, escalation policies, and post-incident learning loops.
How this skill works
The skill defines a standard incident lifecycle (Detection → Triage → Declaration → Mitigation → Resolution → Post-Mortem) and maps decision points for declaring, escalating, and closing incidents. It prescribes role assignments (Incident Commander, Communications Lead, SMEs, Scribe), severity levels (SEV0–SEV3) with response expectations, runbook structure, communication cadences, and tooling recommendations. It also includes templates, scripts, and an interactive severity classifier to operationalize practices.
When to use it
- Setting up or revising incident response processes for a team or product
- Designing on-call rotations, escalation matrices, and handoff procedures
- Creating or hardening runbooks and playbooks for common failure scenarios
- Conducting blameless post-mortems and tracking corrective action items
- Implementing incident communication protocols and status pages
Best practices
- Declare early and often — coordination beats delayed certainty
- Mitigate customer impact first (rollback/disable/failover), root cause later
- Enforce a clear IC who coordinates but does not do hands-on debugging
- Keep post-mortems blameless, timeboxed, and follow up action items in sprints
- Design actionable alerts, audit them regularly, and limit night pages
Example use cases
- Create a SEV classification and escalation policy for a new service
- Build five runbooks (DB failover, cache issues, DDOS mitigation, deploy rollback, auth outages)
- Run a tabletop drill and refine communication cadence and handoff checklist
- Integrate PagerDuty/Opsgenie with Slack and automate status page updates
- Run post-mortems within 48 hours and convert findings into tracked sprint tasks
FAQ
When in doubt: declare. You can always downgrade severity once facts are clearer; early declaration enables coordination and faster mitigation.
What cadence should status updates follow?
SEV0: every 15 minutes; SEV1: every 30 minutes; SEV2: every 1–2 hours or on milestones. External updates should use status pages and customer emails for SEV0/SEV1.
How do we keep post-mortems blameless and effective?
Focus on systems and decision-making context, schedule reviews within 48 hours, reconstruct timelines, run 5 Whys, assign measurable action items with owners and due dates.