Incident Postmortem Writer — Blameless, Actionable Postmortems from Your Messy Incident Notes
Turn timeline fragments, Slack logs, and pager history into a complete blameless postmortem — impact summary, clean timeline, contributing factors instead of a scapegoat, action items with owners and due dates, and lessons that survive the week.
- Convert Slack history into a structured incident timeline.
- Extract systemic contributing factors from raw outage notes.
- Generate verifiable action items with clear ownership.
$14
· or 70 creditsSecure checkout via Stripe
Included in download
- Convert Slack history into a structured incident timeline.
- Extract systemic contributing factors from raw outage notes.
- file_read, file_write automation included
- Ready for Cursor
PubsProToolkit builds rigor-first skills for AI agents — they write your docs and content properly, then adversarially r…
Media gallery
See it in action
You say
Write a blameless postmortem from these notes. Checkout was down. From #incident-checkout: 14:02 deploy of config change goes out. 14:05 first 500s, PagerDuty pages on-call. 14:11 someone asks "is this the config PR?" 14:20 rolled back, errors clear by 14:23. Alert only fired after error rate hit 5%. Impact: ~21 min, checkout failing for most users. Owner for follow-ups TBD. Flag anything you're not sure about instead of guessing.
Your agent does
Postmortem: Checkout Service Degradation (HTTP 500)
Severity: SEV-1 Duration: ~21 min (14:02–14:23)
Impact Summary
Checkout returned HTTP 500 for most users for roughly 21 minutes following a configuration deploy. Customers could not complete purchases until the change was rolled back and error rates returned to normal at 14:23.
Timeline
- 14:02 — Configuration change deployed to production.
- 14:05 — First 500s observed; PagerDuty pages on-call. (At this point responders did not yet know the deploy was the trigger.)
- 14:11 — Responders raise the recent config PR as a possible cause.
- 14:20 — Change rolled back.
- 14:23 — Error rates return to baseline; incident resolved.
Contributing Factors
- The config deploy pipeline had no automated validation to catch the faulty change before it reached production.
- The 5xx alert threshold (5% error rate) delayed detection, so paging lagged the first user-facing errors.
What Went Well
- Once the config PR was suspected, rollback was fast and fully resolved the issue.
Action Items
- [ ] Add a config-validation gate to the deploy pipeline. (Owner: TODO — assign) (Due: TODO) — addresses Factor 1
- [ ] Lower the 5xx alert threshold / add rate-of-change alerting. (Owner: TODO — assign) (Due: TODO) — addresses Factor 2
Lessons for Others
- A fast, well-understood rollback path limits blast radius more than any single prevention control.
TODO: Follow-up owners and due dates were not provided in the source notes — assign before publishing.
Incident Postmortem Writer — Blameless, Actionable Postmortems from Your Messy Incident Notes
Turn timeline fragments, Slack logs, and pager history into a complete blameless postmortem — impact summary, clean timeline, contributing factors instead of a scapegoat, action items with owners and due dates, and lessons that survive the week.
$14
· or 70 creditsSecure checkout via Stripe
Included in download
- Convert Slack history into a structured incident timeline.
- Extract systemic contributing factors from raw outage notes.
- file_read, file_write automation included
- Ready for Cursor
- Instant install
Media gallery
See it in action
You say
Write a blameless postmortem from these notes. Checkout was down. From #incident-checkout: 14:02 deploy of config change goes out. 14:05 first 500s, PagerDuty pages on-call. 14:11 someone asks "is this the config PR?" 14:20 rolled back, errors clear by 14:23. Alert only fired after error rate hit 5%. Impact: ~21 min, checkout failing for most users. Owner for follow-ups TBD. Flag anything you're not sure about instead of guessing.
Your agent does
Postmortem: Checkout Service Degradation (HTTP 500)
Severity: SEV-1 Duration: ~21 min (14:02–14:23)
Impact Summary
Checkout returned HTTP 500 for most users for roughly 21 minutes following a configuration deploy. Customers could not complete purchases until the change was rolled back and error rates returned to normal at 14:23.
Timeline
- 14:02 — Configuration change deployed to production.
- 14:05 — First 500s observed; PagerDuty pages on-call. (At this point responders did not yet know the deploy was the trigger.)
- 14:11 — Responders raise the recent config PR as a possible cause.
- 14:20 — Change rolled back.
- 14:23 — Error rates return to baseline; incident resolved.
Contributing Factors
- The config deploy pipeline had no automated validation to catch the faulty change before it reached production.
- The 5xx alert threshold (5% error rate) delayed detection, so paging lagged the first user-facing errors.
What Went Well
- Once the config PR was suspected, rollback was fast and fully resolved the issue.
Action Items
- [ ] Add a config-validation gate to the deploy pipeline. (Owner: TODO — assign) (Due: TODO) — addresses Factor 1
- [ ] Lower the 5xx alert threshold / add rate-of-change alerting. (Owner: TODO — assign) (Due: TODO) — addresses Factor 2
Lessons for Others
- A fast, well-understood rollback path limits blast radius more than any single prevention control.
TODO: Follow-up owners and due dates were not provided in the source notes — assign before publishing.
About This Skill
Postmortems are the highest-leverage document an engineering team writes and usually the worst-written: composed at 5pm the day after, half timeline dump and half quiet blame, with action items like "improve monitoring" that no one owns. Incident Postmortem Writer applies the craft. Give it your raw material — timeline notes, incident-channel logs, alert history, who did what — and it produces the finished document: an impact summary a director can read alone, a timestamped timeline that notes what responders knew at each decision, contributing factors that are systemic and plural rather than a single-blame root cause, a what-went-well section, action items where every entry is concrete, owned, dated, and mapped to a factor, and lessons phrased so people outside the incident learn from them. It rewrites the blame your raw material contains while keeping every fact — people appear in the timeline doing things; causes live in the factors — and it flags timeline conflicts and missing facts as TODOs instead of inventing them. The download includes three reference files: the postmortem template, a blameless-language guide with the standard transformations and a two-reader test, and a complete annotated sample postmortem. Written by a professional writer; works with Claude Code, Cursor, Codex CLI, Gemini CLI, and any SKILL.md agent.
Use Cases
- Convert Slack history into a structured incident timeline.
- Extract systemic contributing factors from raw outage notes.
- Generate verifiable action items with clear ownership.
- Remove personal blame while retaining all technical facts.
Known Limitations
Works only from the material you provide. It does not connect to monitoring, logging, paging, or chat tools, does not fetch or verify metrics, and does not observe incidents live. If your notes are incomplete or contradictory, it flags the gaps and timestamp conflicts as TODOs rather than inventing facts, so the quality of the postmortem depends on the quality of the raw material you paste in. It produces a Markdown draft for a human to review and approve, not a system of record.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/incident-postmortem-writer-blameless-actionable-postmortems-from-your-messy-incident-notes -o /tmp/incident-postmortem-writer-blameless-actionable-postmortems-from-your-messy-incident-notes.zip && unzip -o /tmp/incident-postmortem-writer-blameless-actionable-postmortems-from-your-messy-incident-notes.zip -d ~/.claude/skills && rm /tmp/incident-postmortem-writer-blameless-actionable-postmortems-from-your-messy-incident-notes.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Reads the incident material you provide and its own three bundled reference files (references/**), and writes the finished postmortem Markdown. It does not run commands, browse the web, make network calls, read environment variables, or connect to any external service, monitoring tool, or incident platform.
Follows the open SKILL.md standard and works with any compatible agent — Claude Code, Cursor, Codex CLI, Gemini CLI, VS Code Copilot, and others. No runtime, API key, or network access required; you supply the incident material and the agent produces the postmortem locally.
Creator
PubsProToolkit builds rigor-first skills for AI agents — they write your docs and content properly, then adversarially review them to catch what's wrong before it ships. The result: cleaner output and a hard quality gate in one toolkit. Built by a CMPP-certified, PhD medical writer who brings regulated-industry standards to developer docs, content, compliance, and research integrity.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.

inline-comment
Best way to steer your agents, effortlessly.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.

Cinematic Landing Page Builder
Turn any business URL into a high-end animated landing page with 4K AI assets and GSAP animations via Cloudflare.