Which Postmortem Pack template should I use for an agent-caused incident?
Use blameless for standard engineering postmortems with action items — it is the default for internal incidents. Use exec-summary when stakeholders need duration, critical command counts, and a compact timeline without deep root-cause secti…
Which Postmortem Pack template should I use for an agent-caused incident?
Answer
Use blameless for standard engineering postmortems with action items — it is the default for internal incidents. Use exec-summary when stakeholders need duration, critical command counts, and a compact timeline without deep root-cause sections. Use security-incident when InfoSec is involved or when the incident touches credentials, suspected compromise, audit requirements, or unauthorized production access. All three templates fill timeline tables from the same JSONL export; only section emphasis and audience differ.
Related workflows
Start with the free IncidentScribe timeline viewer or CLI to validate JSONL exports. The Postmortem Pack adds blameless, executive-summary, and security-incident templates, a two-week team rollout guide, forensic checklist, and a GitHub Action that uploads rendered timelines as workflow artifacts or issue comments.
Next steps
Install the pack from Hermes Plant, run `incidentscribe render session.jsonl --template blameless -o postmortem.md`, and copy `github-action/attach-timeline/` into your repo for CI. Pair with DestructGuard audit logs when approve-or-abort decisions matter for the timeline.
FAQ
Which Postmortem Pack template should I use for an agent-caused incident?
Use blameless for standard engineering postmortems with action items — it is the default for internal incidents. Use exec-summary when stakeholders need duration, critical command counts, and a compact timeline without deep root-cause sections. Use security-incident when InfoSec is involved or when the incident touches credentials, suspected compromise, audit requirements, or unauthorized production access. All three templates fill timeline tables from the same JSONL export; only section emphasis and audience differ.