Incident Response Incident Response

What it does

This skill assists in IT incident response tasks and workflows by providing guidance, best practices, and checklists. It focuses on minimizing downtime and accelerating recovery efforts through a structured approach that can involve multiple AI agents collaborating. The skill emphasizes rapid resolution while maintaining accuracy and incorporating blameless postmortems for continuous improvement.

When to use it

• When working on incident response tasks or workflows.
• When needing guidance, best practices, or checklists related to incident response.
• During multi-agent incident response orchestrated with modern Site Reliability Engineering (SRE) principles.

Key capabilities

• Incident detection and classification based on alerts from systems like PagerDuty/Opsgenie/monitoring tools.
• Observability analysis using distributed tracing, metrics correlation, log aggregation, APM data, and Real User Monitoring.
• Initial mitigation suggestions for identified issues.
• Severity level configuration (P0-P3) based on impact.
• Support for various incident types including performance degradation, service outages, security incidents, and infrastructure failures.

Example prompts

• "URGENT: Detect and classify incident: [Incident details]. Analyze alerts from PagerDuty/Opsgenie/monitoring."
• "Perform rapid observability sweep for incident: [Incident details]."
• "Implement initial mitigation steps for the following issue: [Issue description]."

Tips & gotchas

• Clearly define goals, constraints, and required inputs when using this skill.
• Validate outcomes against best practices to ensure accuracy.
• For detailed implementation guidance, refer to the resources/implementation-playbook.md file.