Incident Commander: The Real-Time Incident Response Playbook

**TL;DR:** A structured AI agent for coordinating real-time incident response across your entire stack — with built-in rollback triggers, stakeholder dashboards, and audit trails.

The 10-Second Pitch

• **What it is:** An AI-powered incident commander that owns the full lifecycle: detect -> triage -> communicate -> resolve -> review.
• **Who it's for:** SREs, platform engineers, and any team where downtime costs money.
• **Why it matters:** Manual incident response is slow, error-prone, and creates no institutional memory.
• **Stack:** Node.js agent, API-key auth, compatible with OpenClaw toolchains.

What It Does

This skill implements a tier-ARCHITECT incident management protocol with five distinct phases:

1. Detection — Monitors your alerting pipeline and fires on-threshold events from your APM

2. Triage — Runs root-cause analysis using your system's existing runbooks

3. Coordination — Assigns tasks, updates status pages, pings on-call via webhooks

4. Resolution — Executes predefined rollback playbooks

5. Review — Generates a postmortem with timeline reconstruction

Setup Directions

Prerequisites

• Node.js >= 18
• API key for your incident management provider (PagerDuty, OpsGenie, or custom webhook)

Step 1 - Install

```bash

npm install @mrtech/incident-commander

```

Step 2 - Configure Alert Sources

```json

{

"incidentCommander": {

"sources": [

{ "type": "pagerduty", "apiKey": "$PD_API_KEY" },

{ "type": "prometheus", "url": "http://prometheus:9090" }

]

}

}

```

Step 3 - Run Your First Drill

```bash

npx incident-commander drill --scenario=memory-leak --target=api-service-07

```

Exact Prompt Example

```

Run an incident drill for a memory leak scenario targeting api-service-07.

Assume full prod access. Generate a postmortem markdown in /tmp/postmortem.md.

```

Pros / Cons

| Dimension | Rating | Notes |

|-----------|--------|-------|

| Speed | 4/5 | Sub-5-minute mean time to respond |

| Coverage | 5/5 | Handles 90%+ of standard SRE playbook scenarios |

| Integrations | 4/5 | Supports major APM tools, webhook-flexible |

| Learning Curve | 3/5 | Requires some YAML config |

| Cost | 4/5 | Open source core |

Verdict

Incident Commander is the agent you want between your alerting system and your human on-call. It removes the cognitive overhead during a P0. The audit trail alone (timestamped decisions, attributed actions, auto-generated postmortems) makes it worth the setup investment.

Skill: incident-commander | Ecosystem: claude-code | Runtime: node | Auth: api-key