ClawHub

Afrexai Incident Response.Skip

v1.0.0

Guides IT and business teams through incident classification, checklist creation, communication plans, timelines, and post-mortems for effective response.

0· 36·0 current·0 all-time
by@shark1973·fork of @1kalin/afrexai-incident-response (1.0.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (incident response playbook) align with the SKILL.md instructions (classification, checklists, comms, timelines, post-mortems). No unexpected credentials, binaries, or config paths are required. Note: package metadata in _meta.json differs from the registry metadata (different ownerId and slug vs registry slug 'afrexai-incident-response-skip'), which looks like a packaging/metadata inconsistency but does not change runtime behavior.
Instruction Scope
Runtime instructions are procedural guidance (triage, containment, resolution, post-mortem) and do not direct the agent to read local files, access system credentials, or transmit data to unknown endpoints. External links are only to documentation/context packs; the SKILL.md does not instruct data exfiltration.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk writes and execution of third-party code.
Credentials
The skill requires no environment variables, credentials, or config paths. There are no disproportionate secret requests.
Persistence & Privilege
always is false and the skill is user-invocable. The skill allows normal autonomous invocation (disable-model-invocation is false) which is the platform default and acceptable here; it does not request elevated or persistent system-wide privileges.
Assessment
This skill appears coherent and low-risk because it is instruction-only and requests no credentials or installs. Before installing: 1) verify the publisher/source (registry metadata differs from the _meta.json owner/slug — could be an accidental copy/paste); 2) inspect any external context packs or links before following them (they may be hosted separately or be paid); 3) when using the skill, avoid pasting sensitive credentials or large amounts of personal data into incident descriptions; and 4) consider testing the skill in a non-production environment to confirm it behaves as expected.

Like a lobster shell, security has layers — review code before you run it.

latestvk978d22117wgjwrdfwecjpdb958441fq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments