CtrlK
BlogDocsLog inGet started
Tessl Logo

incident-response

Manage active production incidents through detection, triage, mitigation, communication, and resolution with structured roles and decision-making. Use this skill whenever the user has an active incident, a production issue, a service outage, a security incident, or needs to plan incident response procedures. Triggers on incident response, production incident, outage, service down, site down, P0, P1, severity, downtime, on-call, incident commander, status page, postmortem prep. Also triggers when something is actively broken in production and the user is figuring out what to do.

72

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A well-structured, actionable incident-response skill with a clear phased workflow and explicit verification checkpoints. Its main weakness is duplication between the body and the bundled reference, which hurts both conciseness and the cleanliness of progressive disclosure.

Suggestions

Defer the full severity table, role details, status-page templates, and mitigation-pattern detail to references/incident-playbook.md, keeping the body to a compact overview that points to the reference for each.

Collapse the inline 'Status page communication patterns' templates into a short principle plus a pointer to the reference's templates to avoid restating near-identical wording in two places.

Cross-link each phase to the corresponding reference section (e.g., severity rubric, decision rubrics) so the overview clearly delegates rather than re-implements the detail.

DimensionReasoningScore

Conciseness

The body is dense operational content Claude does not inherently know (SLAs, cadences, severity table, mitigation patterns) with little padding of basic concepts, but it substantially duplicates severity definitions, roles, status-page templates, and mitigation patterns that also appear in the reference file, so it could be tightened by deferring that detail.

2 / 3

Actionability

Provides concrete executable guidance: a severity table with definitions and responses, named mitigation patterns (rollback, feature flag off, failover, scale up, throttle, graceful degradation), exact communication cadences, and copy-paste-ready status-page templates with bracketed fill-ins.

3 / 3

Workflow Clarity

A clear 10-step Workflow plus a 5-phase framework, with explicit validation checkpoints ('Verify mitigation. Don't trust dashboards alone; test the user flow'), a resolution-criteria checklist, and explicit resolution confirmation — feedback loops are present for a process with destructive/batch-like risk.

3 / 3

Progressive Disclosure

The body signals a single one-level-deep reference that exists (references/incident-playbook.md) with a clear one-line description, but content that belongs in that reference (severity table, roles, status-page templates, mitigation patterns) is largely inlined in the body, so the split is not as clean as it could be.

2 / 3

Total

10

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong description: concrete multi-action capabilities, a comprehensive set of natural trigger terms, explicit what-and-when guidance, and a clearly bounded niche. It uses third-person voice throughout with no over-claims or filler.

DimensionReasoningScore

Specificity

Names the domain plus five concrete actions ('detection, triage, mitigation, communication, and resolution') alongside 'structured roles and decision-making' — multiple specific concrete actions rather than vague language.

3 / 3

Completeness

Explicitly answers what ('Manage active production incidents through...five phases') and when ('Use this skill whenever...', 'Triggers on...', 'Also triggers when...'), with explicit trigger guidance.

3 / 3

Trigger Term Quality

Covers natural terms users would say ('outage', 'service down', 'site down', 'P0', 'P1', 'on-call', 'incident commander', 'status page') plus a plain-language fallback ('something is actively broken in production').

3 / 3

Distinctiveness Conflict Risk

Clear niche of active production incident response with incident-specific triggers; the body further distinguishes it from after-action and launch skills, so it is unlikely to fire for the wrong skill.

3 / 3

Total

12

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
rampstackco/claude-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.