AgentSkillsCN

security-incident-response

安全事件响应

SKILL.md

Security Incident Response

Purpose

Handle vulnerability reports with coordinated disclosure, timely patches, and clear communication.

When to Use

  • A security report arrives via advisories or email
  • Dependabot flags a critical/high vulnerability

Steps

  1. Acknowledge the report within 24 hours.
  2. Validate and assess severity.
  3. Develop and test a private fix.
  4. Coordinate disclosure timing with the reporter.
  5. Publish a patched release and advisory.
  6. Announce the resolution and update SECURITY.md if needed.

Output Contract

  • Severity is assessed and documented.
  • A patched release is published within SLA.
  • Security advisory and communication are complete.

References

  • SECURITY.md for reporting channels and timelines.