responding-to-security-incidents

The skill presents a coherent, proportionate, and security-respecting footprint for its stated purpose of security incident response automation. It emphasizes local data handling (logs, network traces, backups) and generates auditable incident playbooks without introducing external dependencies, executables, or credential exposures. Overall risk is low-to-medium, dominated by the need to enforce access controls and retention policies for sensitive incident data.