ClawHub

Retro

v1.0.0

Deep blameless postmortem workflow—timeline, impact, root cause vs contributing factors, what went well/poorly, action items with owners, and follow-through....

0· 116·3 current·3 all-time
by@clawkk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (postmortem/retro workflow) match the SKILL.md content. The skill requests no binaries, env vars, or config paths — consistent with a facilitator/template-style instruction set.
Instruction Scope
Runtime instructions are procedural guidance (stages, checklists, tips). They do not instruct the agent to read arbitrary host files, call external endpoints, or exfiltrate data. The only operational suggestions are linking traces/metrics/logs and redacting PII, which are appropriate for the stated purpose.
Install Mechanism
No install spec or code files are present. As an instruction-only skill, it introduces no installation risk or downloaded code.
Credentials
The skill itself requires no credentials or environment access. However, the guidance suggests linking traces, metrics and logs in appendices; if you allow an agent to gather those artifacts, you must separately grant whichever integrations/credentials are needed. That potential need for log/trace access is expected for its purpose but worth guarding (read-only access, PII redaction).
Persistence & Privilege
The skill is not always-enabled and does not request persistent system presence or modify other skills. Default autonomous invocation is allowed by the platform but this skill's content does not demand elevated privileges.
Assessment
This skill is an instruction-only retro/postmortem workflow and appears coherent and low-risk. Before using it with an agent that can access your systems: (1) verify any integrations you enable for attaching logs/traces have minimal, read-only scope and appropriate retention controls; (2) ensure PII and sensitive security details are redacted per the skill's own advice; (3) for security incidents, follow your org's legal/infosec process rather than publishing details; and (4) review any auto-generated postmortem content before it is shared externally. No credentials or installs are required by the skill itself.

Like a lobster shell, security has layers — review code before you run it.

latestvk972q47cc7fn6vfvw7aqs9txvn83pa7x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments