{"skill":{"slug":"bookforge-security-incident-recovery","displayName":"Security Incident Recovery","summary":"Use when you need to recover from a security incident, build an incident recovery plan, execute post-breach remediation, rotate credentials after a breach, s...","tags":{"bookforge":"1.0.0","credential-rotation":"1.0.0","incident-recovery":"1.0.0","latest":"1.0.0","post-incident":"1.0.0","postmortem":"1.0.0","security":"1.0.0"},"stats":{"comments":0,"downloads":133,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1775788113296,"updatedAt":1775789508425},"latestVersion":{"version":"1.0.0","createdAt":1775788113296,"changelog":"Initial release of the security-incident-recovery skill.\n\n- Provides a structured 4-phase process for post-incident recovery after security breaches.\n- Guides teams through appointing a Remediation Lead, scoping blast radius, building a recovery checklist, and executing remediation actions (including credential rotation and system rebuilds).\n- Includes an attacker response decision framework and four critical adversarial-thinking questions.\n- Offers technical debt tracking for rapid fixes and a comprehensive postmortem process.\n- Incorporates scenario-based guidance from opportunistic cloud compromise to advanced persistent threat (APT) attacks.\n- Requires active use of the `security-incident-command` skill (IC/OL must be already staffed).","license":"MIT-0"},"metadata":null,"owner":{"handle":"quochungto","userId":"s176b6gfk8djgcz320d83ta4e184bx1v","displayName":"Hung Quoc To","image":"https://avatars.githubusercontent.com/u/88069966?v=4"},"moderation":null}