Skills

incident-response

Installation
SKILL.md

Incident Response Skill

Purpose

Defines security incident response procedures following NIST SP 800-61 and ISO 27001 Annex A.16.

Incident Classification

Severity Description Response Time
Critical Data breach, system compromise Immediate (< 1 hour)
High Active exploitation, service outage < 4 hours
Medium Vulnerability detected, policy violation < 24 hours
Low Minor security event, informational < 72 hours

Response Phases (NIST)

  1. Preparation — Tools, procedures, team readiness
  2. Detection & Analysis — Identify, classify, document
  3. Containment — Short-term and long-term containment
  4. Eradication — Remove threat, patch vulnerabilities
  5. Recovery — Restore systems, verify functionality
Related skills

More from hack23/riksdagsmonitor

Installs
3
Repository
hack23/riksdagsmonitor
GitHub Stars
7
First Seen
Mar 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass