cx-incident-management

Use this skill when the user asks to "investigate incident", "triage this alert", "what's firing", "who got paged", "incident response", "check incident status", "SLO breaching", "error budget burned", "check service level", "SLI status", "who was notified", "check notification delivery", "verify alert routing", "MTTR", "incident severity", "error budget", "burn rate", "acknowledge incident", "resolve incident", "production incident", "what alerts are active", "incident timeline", "on-call triage", or wants to triage, manage, or respond to incidents using alerts, SLOs, and notifications.

Quality

55%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/cx-incident-management/SKILL.md

Quality

Content

72%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a well-structured incident management skill with strong actionability — every section provides executable CLI commands with practical jq filters. The progressive disclosure and organization are excellent, with clear cross-references to related skills. The main weaknesses are minor verbosity in explanatory text and the absence of validation/error-recovery steps in the triage workflow, which is important for high-stakes incident response operations.

Suggestions

Add validation checkpoints and error handling guidance to the triage workflow (e.g., 'If cx incidents acknowledge returns an error, verify the incident status is TRIGGERED before retrying').

Trim filler sentences like 'Get an overview of what's happening' and 'Review the incident timeline and related events to understand scope and progression' — the commands and section headers already convey intent.

Dimension	Reasoning	Score
Conciseness	Generally efficient with good use of tables and code blocks, but includes some unnecessary filler phrases ('Get an overview of what's happening', 'Review the incident timeline and related events to understand scope and progression') and the Key Principles section restates things Claude would naturally do. Could be tightened by ~20%.	2 / 3
Actionability	Provides fully executable, copy-paste-ready CLI commands throughout, including jq filters for structured output parsing. Every workflow step has concrete commands with real flags and options, and examples cover filtering, creating, testing, and debugging scenarios.	3 / 3
Workflow Clarity	The 6-step triage workflow is clearly sequenced and logical, and the notification debugging section has a good 3-step process. However, there are no explicit validation checkpoints or error recovery feedback loops — e.g., no guidance on what to do if an acknowledge fails, if SLO data looks stale, or if notification tests fail. For incident management (a potentially destructive/high-stakes domain), this is a gap.	2 / 3
Progressive Disclosure	Content is well-organized with clear sections (triage workflow, incident actions, SLO management, notification debugging, aggregations). References to related skills (cx-alerts, cx-telemetry-querying, cx-observability-setup) are clearly signaled and one level deep. The CLI command table at the top serves as an effective overview/index.	3 / 3
	Total	10 / 12 Passed

Description

37%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This description is essentially a long list of trigger phrases with no explanation of what the skill actually does. While the trigger term coverage is excellent and would help Claude match user requests, the complete absence of capability descriptions means Claude cannot assess whether this skill can actually fulfill the request. The description needs a clear 'what it does' section listing concrete actions.

Suggestions

Add a clear capability statement before the trigger phrases, e.g., 'Queries incident management systems to retrieve active alerts, check SLO status and error budgets, view notification delivery and on-call routing, and manage incident lifecycle (acknowledge, resolve, escalate).'

Restructure to lead with 'what it does' followed by 'Use when...' — currently the entire description is one long 'Use when' clause with no substance about capabilities.

Mention specific outputs or integrations (e.g., 'Returns incident timelines, MTTR metrics, burn rate calculations, and paging history from PagerDuty/Datadog/etc.') to help distinguish from other monitoring-related skills.

Dimension	Reasoning	Score
Specificity	The description lists no concrete actions or capabilities. It only provides trigger phrases and a vague closing clause ('triage, manage, or respond to incidents using alerts, SLOs, and notifications') but never describes what the skill actually does — no specific operations, tools, or outputs are mentioned.	1 / 3
Completeness	While the 'when' is thoroughly covered with explicit trigger phrases, the 'what does this do' is essentially missing — there is no description of the skill's capabilities, actions, or outputs. The description is entirely trigger-focused with no explanation of what the skill actually performs.	1 / 3
Trigger Term Quality	The description provides extensive coverage of natural trigger terms users would say, including 'investigate incident', 'what's firing', 'who got paged', 'SLO breaching', 'error budget burned', 'MTTR', 'on-call triage', and many more variations. These are realistic phrases a user would naturally use.	3 / 3
Distinctiveness Conflict Risk	The incident response / SLO / alerting domain is fairly specific, and the many trigger terms help narrow the niche. However, without describing concrete capabilities, it could overlap with other monitoring, alerting, or observability skills that share similar terminology.	2 / 3
	Total	7 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: coralogix/cx-cli
Commit: 34d6303

Reviewed: about 1 month ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.