📦 Incident Response Lifecycle — 实用工具

v1.0.0

流程 management following NIST 800-61 lifecycle. Covers severity classification, escalation matrices, role assignment, communication...

0· 125·1 当前·1 累计

by @vahagn-madatyan (Vahagn Madatyan)

API工具工作流开发工具自动化系统工具

下载技能包

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

medium confidence

The skill is an instruction-only incident response runbook and appears harmless, but there is a small metadata inconsistency (it declares a required 'ssh' binary inside SKILL.md metadata despite no SSH or remote actions in the instructions), so you should confirm that discrepancy before trusting it in automated workflows.

评估建议

This skill is essentially a documented incident-response runbook with templates and RCA guidance — there is no code or external network behavior, which is good. Before installing or enabling autonomous invocation: (1) Ask the publisher or maintainer to explain the SKILL.md metadata that lists 'ssh' as a required binary — that looks like either a stale field or a mis-declared capability. (2) If you plan to allow autonomous invocation, ensure your agent's policy prevents it from executing arbitrar...

详细分析 ▾

⚠ 用途与能力

The declared in-file metadata (openclaw.requires.bins) lists 'ssh' as a required binary, but the skill's name, description, and all instructions focus purely on organizational process, templates, and facilitation — no SSH or remote execution is described or needed. The registry-level requirements shown to you list no required binaries, so there is an internal inconsistency between the SKILL.md metadata and the registry manifest. This mismatch should be clarified.

✓ 指令范围

SKILL.md and the two reference documents are process-oriented: severity classification, role assignment, escalation, communication templates, and RCA frameworks. The runtime instructions do not tell the agent to read unrelated files, access environment variables, call external endpoints, or execute system commands. Scope stays within coordination and documentation.

✓ 安装机制

There is no install spec and no code files — this is instruction-only. Nothing will be written to disk or fetched during install, which minimizes risk.

✓ 凭证需求

The skill declares no required environment variables, credentials, or config paths, and the instructions do not reference any secrets or external tokens. That is proportionate to a runbook-style skill. The only oddity is the in-file metadata requiring 'ssh' (see purpose_capability).

✓ 持久化与权限

The skill is not marked always:true, it's user-invocable, and model invocation is allowed (normal defaults). There is no install-time persistence, no requested modification of other skills, and no evidence it tries to store credentials or change agent-wide settings.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install incident-response-lifecycle

镜像加速npx clawhub@latest install incident-response-lifecycle --registry https://cn.longxiaskill.com镜像同步中

需要定制？告诉我你的需求 →

数据来源：ClawHub ↗ · 中文优化：龙虾技能库