ClawHub

The Agent Incident Response Playbook: Detect, Contain, Recover, and Learn When AI Agent Systems Fail

v1.3.1

The Agent Incident Response Playbook: Detect, Contain, Recover, and Learn When AI Agent Systems Fail. Structured runbooks for AI agent commerce failures: run...

0· 101·0 current·0 all-time
by@mirni
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is an incident-response guide that includes API-backed examples; requesting GREENHELIX_API_KEY is consistent with demonstrating live API calls. Minor inconsistency: the SKILL.md text says the GreenHelix sandbox 'no API key required', but the registry metadata marks GREENHELIX_API_KEY as required (the guide both references sandbox usage and full API integration).
Instruction Scope
The SKILL.md is a runbook with illustrative code examples targeting the GreenHelix API. There is no evidence the instructions ask the agent to read unrelated system files, other credentials, or exfiltrate data to unknown endpoints; it confines activity to GreenHelix integration and incident-response patterns.
Install Mechanism
No install spec and no code files — instruction-only — so nothing is downloaded or installed by the skill itself (lowest install risk).
Credentials
Only a single env var (GREENHELIX_API_KEY) is required, which is proportional given the guide's API examples. However the key appears to grant read/write access for commerce operations (sensitive); the guide's claim that the sandbox requires no key conflicts with the metadata requiring the key.
Persistence & Privilege
The skill is not always-enabled and has no special persistence or privileged system configuration requests. It does allow normal autonomous invocation by the agent (platform default).
Assessment
This guide is internally consistent for its purpose, but treat the GREENHELIX_API_KEY as sensitive: do not paste production keys into a new skill without review. Verify the origin of the playbook (source/homepage is unknown), and prefer using the sandbox or a limited-scope/test key first. Read the code examples before running anything against live accounts — watch for automated operations that create/lock/unlock financial resources (escrows, refunds). If you plan to let an agent invoke this autonomously, restrict the credential scope and consider disabling autonomous calls or using a test environment until you're confident. Finally, confirm GreenHelix is a legitimate provider and rotate any keys used for testing.

Like a lobster shell, security has layers — review code before you run it.

agent-opsvk97c7kysh2ngt9m4tn3tg97ws184x1szai-agentvk97c7kysh2ngt9m4tn3tg97ws184x1szcommercevk97c7kysh2ngt9m4tn3tg97ws184x1szcontainmentvk97c7kysh2ngt9m4tn3tg97ws184x1szforensicsvk97c7kysh2ngt9m4tn3tg97ws184x1szgreenhelixvk97c7kysh2ngt9m4tn3tg97ws184x1szguidevk97c7kysh2ngt9m4tn3tg97ws184x1szincident-responsevk97c7kysh2ngt9m4tn3tg97ws184x1szlatestvk97c7kysh2ngt9m4tn3tg97ws184x1szopenclawvk97c7kysh2ngt9m4tn3tg97ws184x1szrunbooksvk97c7kysh2ngt9m4tn3tg97ws184x1sz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvGREENHELIX_API_KEY
Primary envGREENHELIX_API_KEY

Comments