ClawHub

Incident Response Plan

v1.0.1

Generate a tailored incident response plan for AI agent deployments and SaaS operations. Covers detection, triage, containment, recovery, and post-mortem. Us...

0· 80·0 current·0 all-time
by@afrexai-cto
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description promise an incident response plan generator and the SKILL.md/README provide templates, severity classification, triage checklists, containment actions, communication templates, recovery/POST-mortem templates and best practices — all aligned with the stated purpose.
Instruction Scope
Runtime instructions are purely declarative templates and checklists for building an IR plan. They do not direct the agent to read local files, access environment variables, call external APIs, or transmit data to third-party endpoints beyond a single marketing calendly link; there is no scope creep or hidden collection instructions.
Install Mechanism
No install spec and no code files — this is instruction-only. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, secrets, or config paths. It does not ask for credentials or unrelated service tokens; requested inputs are high-level (service, environment, sensitivity, team size, etc.) appropriate for generating a plan.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent presence, nor does it attempt to modify other skills or system settings.
Scan Findings in Context
[no-regex-findings] expected: The static scanner found no code or suspicious patterns — expected because this is an instruction-only skill with no code files to analyze.
Assessment
This skill is a benign, self-contained template for drafting incident response plans. Before using it: 1) avoid pasting secrets, full credentials, or sensitive incident evidence into the prompt or inputs (the skill does not need them to produce a plan); 2) treat links in README/skill (e.g., calendly) as marketing and do not assume data is being sent to those endpoints by the skill itself; 3) if you intend to operationalize the generated plan, review and adapt its technical steps to your environment (e.g., kill-switch commands, credential rotation procedures) rather than copy-pasting blindly; and 4) if you plan to have an agent act on the plan, ensure that agent's runtime permissions and credential access are appropriately scoped — the skill itself does not request any credentials but executing remediation actions may require them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ahnns38sv0rn1pwzwqe776n83eeya

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments