Loading...
Loading...
Found 106 Skills
Production incident response automation. Reads logs, checks recent deploys, identifies root cause, suggests fixes, drafts incident comms, creates post-mortem templates. Severity classification (SEV1-4), escalation paths, status page updates. Generates incident-report.md with timeline, root cause, impact assessment, remediation steps, and prevention measures.
Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIPAA/GDPR), security architecture strategy, incident response leadership, and board-level security reporting. Use when building security programs, justifying security budget, selecting compliance frameworks, managing incidents, assessing vendor risk, or when user mentions CISO, security strategy, compliance roadmap, zero trust, or board security reporting.
服务概述 + alerts 表 + dashboards + 操作命令 + on-call + 事故清单
Hermes-native AIOps agent for evidence-driven incident response, approval-gated remediation, and runbook learning
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Security & compliance skill suite for OWASP scanning, CVE detection, GDPR/SOC2 audits, threat modeling, and incident response workflows
SRE patterns for production service reliability: SLOs, error budgets, postmortems, and incident response. Use when defining reliability targets, writing postmortems, implementing SLO alerting, or establishing on-call practices. NOT for initial service development (use scaffolding skills instead).
Security incident remediation playbooks for removing threats, restoring systems, and recovering from incidents. Use for post-containment cleanup, system recovery, and returning to normal operations.
Execute PostHog incident response procedures with triage, mitigation, and postmortem. Use when responding to PostHog-related outages, investigating errors, or running post-incident reviews for PostHog integration failures. Trigger with phrases like "posthog incident", "posthog outage", "posthog down", "posthog on-call", "posthog emergency", "posthog broken".
Use when user needs security incident response, operational incident management, evidence collection, forensic analysis, or coordinated response for outages and breaches.
Create a blameless postmortem when the user asks to write a postmortem, document what went wrong, analyze an incident, or run a 5 Whys analysis
Guides Site Reliability Engineering—SLI/SLO and error budgets, reliability dashboards and burn-rate alerting, production readiness reviews, capacity planning for availability, toil reduction, dependency and failure-mode analysis, release reliability (canaries, rollback criteria), and service-owner incident mitigation tied to customer impact. Use when defining or operating SLOs, measuring error budget burn, improving service reliability, running PRRs before launch, planning scalable resilient capacity, or leading technical mitigation during outages—not for CI/CD pipeline implementation (devops), incident program and paging policy design (incident-management-engineer), cloud access and patch tickets (cloud-system-administrator), load-test profiling (performance-engineer), rollout cutover strategy (deployment-strategist), or greenfield cloud build-out (cloud-engineer).