managing-incidents_skill

This skill guides end-to-end incident management using SRE principles, enabling faster responses, blameless post-mortems, and effective on-call practices.
  • Python

291

GitHub Stars

2

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill ancoleman/ai-design-components --skill managing-incidents

  • outputs.yaml7.5 KB
  • SKILL.md14.1 KB

Overview

This skill guides incident response from detection through post-mortem using SRE principles, severity classification, on-call management, blameless culture, and structured communication. It provides concrete workflows, role definitions, runbook standards, and metrics to reduce MTTR and improve reliability. Use it to design or improve incident processes, escalation policies, and post-incident learning loops.

How this skill works

The skill defines a standard incident lifecycle (Detection → Triage → Declaration → Mitigation → Resolution → Post-Mortem) and maps decision points for declaring, escalating, and closing incidents. It prescribes role assignments (Incident Commander, Communications Lead, SMEs, Scribe), severity levels (SEV0–SEV3) with response expectations, runbook structure, communication cadences, and tooling recommendations. It also includes templates, scripts, and an interactive severity classifier to operationalize practices.

When to use it

  • Setting up or revising incident response processes for a team or product
  • Designing on-call rotations, escalation matrices, and handoff procedures
  • Creating or hardening runbooks and playbooks for common failure scenarios
  • Conducting blameless post-mortems and tracking corrective action items
  • Implementing incident communication protocols and status pages

Best practices

  • Declare early and often — coordination beats delayed certainty
  • Mitigate customer impact first (rollback/disable/failover), root cause later
  • Enforce a clear IC who coordinates but does not do hands-on debugging
  • Keep post-mortems blameless, timeboxed, and follow up action items in sprints
  • Design actionable alerts, audit them regularly, and limit night pages

Example use cases

  • Create a SEV classification and escalation policy for a new service
  • Build five runbooks (DB failover, cache issues, DDOS mitigation, deploy rollback, auth outages)
  • Run a tabletop drill and refine communication cadence and handoff checklist
  • Integrate PagerDuty/Opsgenie with Slack and automate status page updates
  • Run post-mortems within 48 hours and convert findings into tracked sprint tasks

FAQ

When in doubt: declare. You can always downgrade severity once facts are clearer; early declaration enables coordination and faster mitigation.

What cadence should status updates follow?

SEV0: every 15 minutes; SEV1: every 30 minutes; SEV2: every 1–2 hours or on milestones. External updates should use status pages and customer emails for SEV0/SEV1.

How do we keep post-mortems blameless and effective?

Focus on systems and decision-making context, schedule reviews within 48 hours, reconstruct timelines, run 5 Whys, assign measurable action items with owners and due dates.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
managing-incidents skill by ancoleman/ai-design-components | VeilStrat