response-coordinator
О программе
Навык response-coordinator помогает разработчикам внедрять структурированное управление кризисными ситуациями, предоставляя шаблоны планов действий, схемы коммуникации и инструменты координации команд. Он предназначен для активного реагирования на кризисы, тренировочных сценариев и пост-инцидентного анализа, основан на устоявшихся методологиях PPRR и инцидент-командования. Навык структурирует планы реагирования и формирует проекты коммуникаций, оставляя критические решения о запуске/отмене действий на усмотрение пользователя.
Быстрая установка
Claude Code
Рекомендуетсяnpx skills add guia-matthieu/clawfu-skills -a claude-code/plugin add https://github.com/guia-matthieu/clawfu-skillsgit clone https://github.com/guia-matthieu/clawfu-skills.git ~/.claude/skills/response-coordinatorСкопируйте и вставьте эту команду в Claude Code для установки этого навыка
Документация
Crisis Response Coordinator
Orchestrate effective crisis response through structured playbooks, clear communication templates, and coordinated team actions.
When to Use This Skill
- Active crisis situations
- Building crisis playbooks
- Training response teams
- Creating communication templates
- Post-crisis improvement
Methodology Foundation
Based on Burson-Marsteller crisis playbook and PPRR model (Prevention, Preparedness, Response, Recovery), combining:
- Incident command structure
- Stakeholder communication
- Timeline management
- Documentation practices
What Claude Does vs What You Decide
| Claude Does | You Decide |
|---|---|
| Structures response playbook | Go/no-go decisions |
| Drafts communications | Approval authority |
| Coordinates timelines | Resource deployment |
| Documents actions | Spokesperson selection |
| Suggests escalation paths | Legal implications |
Instructions
Step 1: Activate Crisis Protocol
Activation Checklist:
- Confirm crisis status (not false alarm)
- Identify crisis type and scope
- Assemble core response team
- Establish communication channels
- Begin documentation log
Step 2: Establish Command Structure
Crisis Team Roles:
| Role | Responsibility | Typical Owner |
|---|---|---|
| Crisis Lead | Overall coordination | CEO/COO |
| Comms Lead | External messaging | CMO/PR Head |
| Operations Lead | Fix the problem | CTO/VP Ops |
| Legal Counsel | Legal guidance | General Counsel |
| Customer Lead | Customer communication | VP CX |
| HR Lead | Internal/employee | CHRO |
Step 3: Execute Response
Response Phases:
| Phase | Duration | Focus |
|---|---|---|
| Contain | 0-2 hours | Stop bleeding, assess scope |
| Communicate | 2-4 hours | Stakeholder notifications |
| Resolve | 4-24 hours | Fix root cause |
| Recover | 1-7 days | Return to normal |
| Learn | 7-30 days | Post-mortem, improvements |
Step 4: Manage Communications
Stakeholder Priority:
| Stakeholder | When to Notify | Channel |
|---|---|---|
| Internal team | Immediately | Slack/Teams |
| Board/Investors | Within 1 hour | Call/Email |
| Affected customers | Within 2 hours | Direct |
| All customers | Within 4 hours | Email/Social |
| Media | Reactive | Press statement |
| Public | As needed | Website/Social |
Step 5: Document Everything
Crisis Log Template:
TIME | ACTION | OWNER | OUTCOME
-----|--------|-------|--------
10:00 | Alert received | [Name] | Verified
10:15 | Team assembled | [Name] | 5/6 present
10:30 | Root cause identified | [Name] | DB issue
...
Examples
Example 1: Crisis Response Playbook
Input:
Create a crisis response playbook for a data breach scenario.
Output:
## Crisis Playbook: Data Breach
### Severity Classification
| Level | Criteria | Response |
|-------|----------|----------|
| **Critical** | PII exposed, >10K records | Full activation |
| **High** | PII exposed, <10K records | Partial activation |
| **Medium** | Non-PII data exposed | Contained response |
| **Low** | Attempted breach, blocked | Monitor and report |
---
### Activation Trigger
**Automatic activation when:**
- Confirmed unauthorized data access
- Evidence of data exfiltration
- Regulatory notification required
- Media awareness possible
---
## Phase 1: CONTAIN (0-2 Hours)
### Immediate Actions
| Time | Action | Owner | Checklist |
|------|--------|-------|-----------|
| +0 min | Isolate affected systems | IT Security | [ ] |
| +0 min | Preserve forensic evidence | IT Security | [ ] |
| +15 min | Assemble crisis team | Crisis Lead | [ ] |
| +30 min | Brief team on situation | IT Security | [ ] |
| +30 min | Legal notification | Legal | [ ] |
| +1 hr | Scope assessment complete | IT Security | [ ] |
| +1 hr | Impact assessment complete | Ops Lead | [ ] |
### Crisis Team Assembly
**Mandatory Attendees:**
- [ ] CEO (Crisis Lead)
- [ ] CTO (Technical Lead)
- [ ] CISO (Security Lead)
- [ ] General Counsel (Legal Lead)
- [ ] CMO (Communications Lead)
- [ ] VP Customer Success (Customer Lead)
**Optional (as needed):**
- [ ] CHRO (if employee data)
- [ ] CFO (if financial impact)
- [ ] Board liaison
### Initial Assessment Template
BREACH ASSESSMENT
Discovery Time: [TIME] Breach Window: [START] to [END]
Data Involved:
- Names
- Email addresses
- Phone numbers
- Passwords
- Payment data
- SSN/Government ID
- Health information
- Other: ___________
Records Affected: [NUMBER] Customers Affected: [NUMBER]
Attack Vector: [DESCRIPTION] Current Status: [CONTAINED/ONGOING] Confidence Level: [HIGH/MEDIUM/LOW]
---
## Phase 2: COMMUNICATE (2-4 Hours)
### Communication Sequence
| Priority | Stakeholder | When | Channel | Owner |
|----------|-------------|------|---------|-------|
| 1 | Board/Investors | +2hr | Call | CEO |
| 2 | Regulators | +2hr | Formal notice | Legal |
| 3 | Affected customers | +3hr | Email | CX Lead |
| 4 | All employees | +3hr | All-hands | HR |
| 5 | Media (if inquiries) | +4hr | Statement | Comms |
| 6 | Public | +4hr | Website | Comms |
---
### Communication Templates
#### Customer Notification (Direct Victims)
Subject: Important Security Notice - Action Required
Dear [Name],
We're writing to inform you about a security incident that may have involved your personal information.
WHAT HAPPENED On [DATE], we discovered unauthorized access to [SYSTEM]. The incident occurred between [DATE] and [DATE].
WHAT INFORMATION WAS INVOLVED Based on our investigation, the following information may have been accessed:
- [List specific data types]
WHAT WE'RE DOING
- We immediately secured our systems
- We engaged cybersecurity experts to investigate
- We notified law enforcement
- We are providing [credit monitoring/identity protection]
WHAT YOU CAN DO
- [Specific action 1]
- [Specific action 2]
- [Specific action 3]
CONTACT US If you have questions, please contact our dedicated support line:
- Phone: [NUMBER] (24/7 for next 30 days)
- Email: [EMAIL]
- FAQ: [URL]
We sincerely apologize for this incident and any concern it causes.
[Signature]
#### All-Customer Notification
Subject: Security Update from [Company]
Dear [Customer],
We're writing with an important security update.
On [DATE], we discovered a security incident affecting some customer accounts. We want to be transparent about what happened and what we're doing.
THE INCIDENT [2-3 sentence summary of what happened]
YOUR ACCOUNT Based on our investigation, your account [was / was not] affected. [If affected: See separate email with specific details]
OUR RESPONSE
- [Action taken 1]
- [Action taken 2]
- [Action taken 3]
GOING FORWARD [Steps being taken to prevent future incidents]
We're deeply sorry this occurred and are committed to earning back your trust.
[Signature]
#### Media Statement
STATEMENT FROM [COMPANY] REGARDING SECURITY INCIDENT
[DATE]
[Company] recently discovered unauthorized access to certain company systems. Upon discovery, we immediately took steps to secure our systems and engaged leading cybersecurity experts to investigate.
Based on our investigation:
- [Key fact 1]
- [Key fact 2]
- [Key fact 3]
We have notified the appropriate authorities and are working closely with law enforcement.
Affected individuals are being notified directly and we are providing [specific remediation].
We take the security of our customers' information extremely seriously. We apologize for this incident and are taking steps to prevent similar incidents in the future.
For more information, please visit: [URL]
Media Contact: [Name], [Email]
---
## Phase 3: RESOLVE (4-24 Hours)
### Technical Remediation
| Action | Owner | Deadline | Status |
|--------|-------|----------|--------|
| Patch vulnerability | Security | +6hr | [ ] |
| Reset affected credentials | IT | +8hr | [ ] |
| Deploy additional monitoring | Security | +12hr | [ ] |
| Third-party security audit | Security | +7 days | [ ] |
### Customer Remediation
| Action | Owner | Deadline | Status |
|--------|-------|----------|--------|
| Credit monitoring enrollment | CX | +24hr | [ ] |
| Password reset flow | Product | +24hr | [ ] |
| Support surge staffing | CX | +24hr | [ ] |
| FAQ page live | Marketing | +6hr | [ ] |
---
## Phase 4: RECOVER (1-7 Days)
### Operational Recovery
| Milestone | Target | Owner |
|-----------|--------|-------|
| Normal operations | +24hr | Ops |
| Support queue normal | +72hr | CX |
| Security audit complete | +7 days | Security |
| All notifications sent | +72hr | Legal |
### Communication Recovery
| Activity | Timing | Owner |
|----------|--------|-------|
| Progress update #1 | +24hr | Comms |
| Progress update #2 | +72hr | Comms |
| Final resolution notice | +7 days | Comms |
| Thank you to customers | +14 days | CEO |
---
## Phase 5: LEARN (7-30 Days)
### Post-Incident Review
**Schedule within 7 days of resolution**
Agenda:
1. Timeline reconstruction
2. What worked well
3. What needs improvement
4. Action items for prevention
5. Communication effectiveness
6. Documentation updates
### Playbook Updates
Based on learnings, update:
- [ ] Detection capabilities
- [ ] Response procedures
- [ ] Communication templates
- [ ] Team training
- [ ] Vendor relationships
Example 2: Real-Time Response Coordination
Input:
We're in the middle of a crisis - product recall needed.
Contaminated ingredient found in batch.
What do we do now?
Output:
## ACTIVE CRISIS: Product Recall
### STATUS: PHASE 1 - CONTAIN
---
### IMMEDIATE ACTIONS (Next 60 Minutes)
| # | Action | Owner | Done |
|---|--------|-------|------|
| 1 | STOP all shipments of affected batch | Operations | [ ] |
| 2 | Identify batch numbers affected | QC | [ ] |
| 3 | Pull from retail shelves (notify partners) | Sales | [ ] |
| 4 | Count units sold vs. in inventory | Operations | [ ] |
| 5 | Assemble full crisis team | CEO | [ ] |
| 6 | Contact legal counsel | CEO | [ ] |
| 7 | Notify regulatory authority (FDA/etc) | Legal | [ ] |
---
### INFORMATION NEEDED NOW
Fill in as you gather:
AFFECTED BATCH:
- Batch number(s): _______________
- Production date(s): _______________
- Contamination type: _______________
- Health risk level: [ ] Low [ ] Medium [ ] High [ ] Critical
DISTRIBUTION:
- Units produced: _______________
- Units shipped: _______________
- Units in warehouse: _______________
- Retailers received: _______________
- Units sold to consumers (est): _______________
CUSTOMERS AT RISK:
- Can you identify purchasers? [ ] Yes [ ] No
- Geographic distribution: _______________
---
### COMMUNICATION PRIORITY
| Priority | Who | When | Message |
|----------|-----|------|---------|
| 1 | Retail partners | NOW | Stop sales, pull from shelves |
| 2 | Regulatory body | Within 1hr | Formal notification |
| 3 | Identified customers | Within 2hr | Direct recall notice |
| 4 | All customers | Within 4hr | Public recall announcement |
| 5 | Media | As needed | Press statement ready |
---
### HOLDING STATEMENT (Use if media calls NOW)
"We are aware of an issue with [product] and are taking immediate action. Customer safety is our top priority. We will have a full statement within [X] hours.
In the meantime, customers who have purchased [product] should [specific action].
Questions: [contact]"
---
### CUSTOMER COMMUNICATION TEMPLATE
URGENT PRODUCT RECALL NOTICE
[Company] is voluntarily recalling [Product Name] due to potential contamination with [substance].
AFFECTED PRODUCTS:
- Product: [Name]
- Batch #: [Numbers]
- Expiration dates: [Dates]
- Sold at: [Retailers]
WHAT TO DO:
- STOP using the product immediately
- [Disposal instructions OR return instructions]
- Contact us for full refund: [phone/email/url]
IF YOU'VE CONSUMED THE PRODUCT:
- [Symptoms to watch for]
- [When to seek medical attention]
- [Who to call]
We sincerely apologize for this situation and are taking all steps to ensure this doesn't happen again.
Questions: [24/7 Hotline Number]
---
### NEXT CHECK-IN: 30 MINUTES
At that time, confirm:
- [ ] All shipments stopped
- [ ] Batch scope finalized
- [ ] Retail partners notified
- [ ] Regulatory notification sent
- [ ] Customer communication ready
Skill Boundaries
What This Skill Does Well
- Structuring response playbooks
- Creating communication templates
- Coordinating response timelines
- Organizing team actions
What This Skill Cannot Do
- Make legal determinations
- Access your systems
- Speak on your behalf
- Know regulatory requirements
Iteration Guide
Follow-up Prompts:
- "Create a playbook for [crisis type]"
- "Draft communication for [stakeholder]"
- "What should our next 30 minutes look like?"
- "How do we communicate [specific development]?"
References
- Burson Crisis Communications
- PPRR Crisis Management Model
- FEMA Incident Command System
- Harvard Business Review Crisis Response
Related Skills
crisis-detector- Early warningsocial-listening- Monitoringreputation-recovery- Post-crisis
Skill Metadata
- Domain: Crisis
- Complexity: Advanced
- Mode: centaur
- Time to Value: Immediate in crisis
- Prerequisites: Stakeholder alignment, authority to act
GitHub репозиторий
Frequently asked questions
What is the response-coordinator skill?
response-coordinator is a Claude Skill by guia-matthieu. Skills package instructions and resources that Claude loads on demand, so Claude can perform response-coordinator-related tasks without extra prompting.
How do I install response-coordinator?
Use the install commands on this page: add response-coordinator to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does response-coordinator belong to?
response-coordinator is in the Meta category, tagged general.
Is response-coordinator free to use?
Yes. response-coordinator is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
Похожие навыки
Этот навык предоставляет проверенную в продакшене настройку для Content Collections — TypeScript-ориентированного инструмента, который преобразует файлы Markdown/MDX в типобезопасные коллекции данных с валидацией Zod. Используйте его при создании блогов, сайтов документации или контентных приложений на Vite + React для обеспечения типобезопасности и автоматической проверки содержимого. Он охватывает всё: от настройки плагина Vite и компиляции MDX до оптимизации развертывания и валидации схем.
Этот навык позволяет разработчикам создавать приложения на платформе прогнозных рынков Polymarket, включая интеграцию с API для торговли и получения рыночных данных. Он также обеспечивает потоковую передачу данных в реальном времени через WebSocket для отслеживания текущих сделок и рыночной активности. Используйте его для реализации торговых стратегий или создания инструментов, обрабатывающих обновления рынка в реальном времени.
Этот навык помогает разработчикам создавать плагины OpenCode, которые подключаются к более чем 25 типам событий, таким как команды, файлы и операции LSP. Он предоставляет структуру плагина, спецификации API событий и шаблоны реализации для модулей на JavaScript/TypeScript. Используйте его, когда вам нужно перехватывать, отслеживать или расширять жизненный цикл ассистента OpenCode AI с помощью пользовательской событийно-ориентированной логики.
SGLang — это высокопроизводительный фреймворк для обслуживания больших языковых моделей (LLM), специализирующийся на быстрой структурированной генерации JSON, regex и рабочих процессов агентов с использованием кэширования префиксов RadixAttention. Он обеспечивает значительно более высокую скорость вывода, особенно для задач с повторяющимися префиксами, что делает его идеальным для сложных структурированных результатов и многократных диалогов. Выбирайте SGLang вместо альтернатив, таких как vLLM, когда вам требуется ограниченное декодирование или вы создаете приложения с интенсивным совместным использованием префиксов.
