How does it assist with post-incident analysis?

The skill guides the creation of blameless postmortems, documenting the incident timeline, identifying contributing factors, and proposing long-term system hardening actions.

Can I use this for security incidents?

Absolutely. The workflow includes specific steps for security assessment, including checking for DDoS indicators, authentication failures, and data exposure risks.

Does this skill help with stakeholder communication?

Yes, the skill includes a dedicated phase for communication, helping you generate status page updates, internal engineering briefs, and executive summaries based on the incident timeline.

What is the SRE Incident Response skill for Claude Code?

It is a specialized capability that allows Claude Code to orchestrate a structured, multi-agent workflow for managing production incidents, from initial detection to final resolution.

Which monitoring tools are supported?

The workflow is designed to integrate with standard observability stacks including Prometheus, Grafana, Datadog, ELK, Splunk, and OpenTelemetry through sub-agent prompts.

SRE Incident Response & Orchestration

Name: SRE Incident Response & Orchestration
Author: sickn33

bysickn33

•

31,721

•

Analytics & Monitoring

Orchestrates multi-agent incident response workflows using modern SRE practices to accelerate service restoration and root cause analysis.

This skill provides a comprehensive Incident Command System (ICS) for Claude Code, guiding users through a structured five-phase response: Detection & Triage, Investigation & RCA, Resolution & Recovery, Communication & Coordination, and Postmortem & Prevention. By leveraging specialized sub-agents for observability, debugging, and security, it automates the heavy lifting of production incident management. It ensures that critical tasks—such as stakeholder updates, observability sweeps, and blameless postmortems—are performed consistently, helping teams maintain SLAs while turning every outage into a learning opportunity.

Key Features

01Automated generation of blameless postmortems and system hardening roadmaps

02Automated incident classification and severity-based communication protocols

0331,721 GitHub stars

04Multi-agent coordination for specialized roles like Security Auditor and Observability Engineer

05Structured five-phase workflow based on SRE best practices

06Deep-dive debugging and root cause analysis using Five Whys methodology

Use Cases

01Coordinating cross-functional communication between engineering and stakeholders during downtime

02Managing high-severity (P0/P1) production outages with a clear command structure

03Performing rapid root cause analysis and implementing emergency hotfixes in production

Key Features

01Automated generation of blameless postmortems and system hardening roadmaps

02Automated incident classification and severity-based communication protocols

0331,721 GitHub stars

04Multi-agent coordination for specialized roles like Security Auditor and Observability Engineer

05Structured five-phase workflow based on SRE best practices

06Deep-dive debugging and root cause analysis using Five Whys methodology

Use Cases

01Coordinating cross-functional communication between engineering and stakeholders during downtime

02Managing high-severity (P0/P1) production outages with a clear command structure

03Performing rapid root cause analysis and implementing emergency hotfixes in production