ClawHub

Incident Response Team Setup

v1.0.0

Use when you need to set up an incident response team from scratch, design an IR team charter, define severity and priority models for incidents, create IR p...

0· 96·0 current·0 all-time
byHung Quoc To@quochungto
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description describe building an IR team, charter, severity models, playbooks and tests. The SKILL.md content provides procedural guidance and templates that align with that purpose and does not request unrelated capabilities (cloud creds, system access, or external services).
Instruction Scope
The instructions legitimately reference consuming a 'risk register' produced by a separate 'disaster-risk-assessment' step and reference another skill ('incident-command'). This is within scope for calibrating severity models, but the skill assumes access to that risk register (which may contain sensitive organization data). The skill is otherwise instruction-only and does not tell the agent to read arbitrary system files, call unknown endpoints, or exfiltrate data.
Install Mechanism
No install spec and no code files — lowest-risk format. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. That matches expectations for a documentation/instruction-only IR team design guide.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or modify other skills' configurations. Autonomous invocation is allowed by platform default but does not multiply risk here because the skill has no network/install footprint or credential access.
Assessment
This skill appears to be a coherent, instruction-only IR playbook. Before installing or using it, confirm: (1) where the 'risk register' it expects lives and who can access it — avoid sending sensitive risk data to external agents; (2) the referenced companion skills (disaster-risk-assessment, incident-command) exist and are trustworthy; (3) outputs or templates the skill generates are stored in a location appropriate for sensitive IR material; and (4) limit which agents/users can invoke the skill if you want to control access to your incident planning artifacts. If you plan to feed real incident logs or risk data into the agent while using this skill, treat those inputs as sensitive and audit access accordingly.

Like a lobster shell, security has layers — review code before you run it.

bookforgevk9738x5jchf6ny4vkkjawqs2t184g672disaster-planningvk9738x5jchf6ny4vkkjawqs2t184g672incident-responsevk9738x5jchf6ny4vkkjawqs2t184g672latestvk9738x5jchf6ny4vkkjawqs2t184g672securityvk9738x5jchf6ny4vkkjawqs2t184g672tabletop-exercisevk9738x5jchf6ny4vkkjawqs2t184g672team-designvk9738x5jchf6ny4vkkjawqs2t184g672

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments