← Back to Skills

Incident Response

🌐Community
by bagelhole · vlatest · Repository

This skill automates incident handling by analyzing alerts, gathering data, and initiating remediation steps, streamlining response times & minimizing impact.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add incident-response npx -- -y @trustedskills/incident-response
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "incident-response": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/incident-response"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill assists in responding to security incidents. It can analyze logs and alerts, identify the scope of an incident, and suggest remediation steps based on common incident response frameworks. The agent can also help draft communications related to the incident for various stakeholders.

When to use it

  • Security Alert Triaging: Quickly assess the severity and potential impact of a newly triggered security alert.
  • Incident Containment: Generate commands or scripts to isolate affected systems and prevent further damage.
  • Post-Incident Analysis: Summarize incident details, contributing factors, and recommendations for improvement.
  • Communication Drafting: Create initial drafts of notifications to management, users, or other relevant parties.

Key capabilities

  • Log analysis
  • Alert correlation
  • Scope identification
  • Remediation suggestion
  • Draft communication generation

Example prompts

  • "Analyze these logs and tell me if there's evidence of a compromise."
  • "What steps should I take to contain a suspected ransomware attack?"
  • "Summarize the key findings from this incident timeline."
  • “Draft an email to users informing them about a recent phishing attempt.”

Tips & gotchas

The skill’s effectiveness depends on having access to relevant logs and alert data. Providing clear context, such as affected systems or user accounts, will improve its analysis and recommendations.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
bagelhole
Installs
8
Repository (canonical source) →

🌐 Community

Passed automated security scans.