Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

SethGammon/postmortem

Name: postmortem
Author: SethGammon

skills/postmortem/SKILL.md

npx skillsauth add SethGammon/Citadel postmortem

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

/postmortem — Campaign Postmortem Generator

Orientation

Use when: A campaign just completed and you want a structured analysis of what broke, what safety systems caught, and what patterns emerged. Also for ad-hoc incident analysis from recent git history.

Don't use when: You want to preserve session context for the next conversation (use /session-handoff), extract reusable patterns from findings into the knowledge base (use /learn), or score and improve quality iteratively (use /improve).

When to Use

After any Archon campaign completes (Archon should suggest it)
After a difficult debugging session
When the user says "what just happened" or "what broke"
When /do routes "postmortem", "retro", "what broke", "what happened"

Inputs

One of:

A campaign file path (.planning/campaigns/*.md)
A time range ("last session", "today", "this week")
Nothing (reads the most recent completed campaign)

Protocol

Step 1: GATHER

Collect data from all available sources:

From the campaign file (if it exists):

Direction vs what was actually built (scope drift?)
Phase completion timeline (which phases needed rework?)
Decision log entries (what architectural choices were made?)
Review queue items (what needed human eyes?)
Circuit breaker activations (what hit the limit?)
Feature ledger (what shipped?)

From telemetry (.planning/telemetry/):

hook-timing.jsonl: which hooks fired most, any patterns
hook-errors.log: what was blocked, what failed, what had parse errors
Circuit breaker trips
Quality gate violations

From git history:

Commits during the campaign period
Files changed (which areas got the most churn?)
Any reverts (what was undone?)
Commit message patterns (fix: commits indicate bugs found)

From the session itself (if no campaign):

Recent tool calls and their outcomes
Files edited and errors encountered

Step 2: ANALYZE

Identify patterns across the data:

What broke: List every failure, error, or unexpected outcome. For each: what happened, what caught it (hook/gate/human/nothing), what it cost (time, rework, tokens).
What the safety systems caught: Circuit breaker activations, quality gate blocks, anti-pattern warnings, typecheck failures. This is the "invisible value" section — problems prevented.
What drifted: Compare the campaign direction to what was built. Did scope expand? Did phases get skipped or reordered? Did the architecture change mid-build?
What patterns emerged: Recurring error types, files that kept needing fixes, phases that took longest, common anti-patterns.

Step 3: PRODUCE

Write to .planning/postmortems/postmortem-{slug}-{date}.md:

# Postmortem: {Campaign Name or Session Description}

> Date: {ISO date}
> Campaign: {path to campaign file, or "ad-hoc session"}
> Duration: {time from first to last commit}
> Outcome: {completed | partial | parked}

## Summary
{2-3 sentences: what was attempted, what happened, what the result was}

## What Broke
{Numbered list. For each:}
### {N}. {Short description}
- **What happened:** {the failure}
- **Caught by:** {hook name / quality gate / human / nothing}
- **Cost:** {rework time, files affected, phases repeated}
- **Fix:** {what resolved it}
- **Infrastructure created:** {new hook rule, new anti-pattern, new end condition — or "none needed"}

## What Safety Systems Caught
{Things that WOULD have been problems without the hooks/gates}
| System | What It Caught | Times | Impact Prevented |
|--------|---------------|-------|-----------------|
| {hook/gate name} | {description} | {count} | {what would have happened} |

## Scope Analysis
- **Planned:** {what the campaign direction said}
- **Built:** {what the feature ledger shows}
- **Drift:** {none | minor | significant — with specifics}

## Patterns
{Recurring themes worth watching:}
- {pattern 1}
- {pattern 2}

## Recommendations
{Concrete next actions:}
1. {recommendation — e.g., "Add anti-pattern rule for X"}
2. {recommendation — e.g., "Phase Y needs tighter end conditions"}

## Numbers
| Metric | Value |
|--------|-------|
| Phases planned | {N} |
| Phases completed | {N} |
| Commits | {N} |
| Files changed | {N} |
| Circuit breaker trips | {N} |
| Quality gate blocks | {N} |
| Anti-pattern warnings | {N} |
| Rework cycles | {N} |

Step 4: HANDOFF

Output the HANDOFF block from the Exit Protocol, then suggest: Run /learn {campaign-slug} to extract patterns into the knowledge base.

What /postmortem Does NOT Do

Invent failures that didn't happen (real data only)
Blame the user or the model (document what happened, not whose fault)
Recommend changes to skill files (that's for the user to decide)
Run during a campaign (only after completion or on demand)

Quality Gates

Every "What Broke" entry has all 5 fields filled
Numbers section has real data (not estimates)
Recommendations are concrete actions (not "be more careful")
If no failures occurred, say so honestly (don't manufacture drama)

Fringe Cases

Campaign not found: If the specified campaign file doesn't exist, check .planning/campaigns/ for the most recently modified campaign. If no campaigns exist, run in ad-hoc mode using recent git history and session context.

No telemetry data: Proceed without telemetry. Mark the "What Safety Systems Caught" table as "No telemetry available" and the Numbers section fields as "N/A". Don't manufacture data.

Partial campaign (parked or in-progress): Generate the postmortem with Outcome: partial. Document what was completed and what was parked. Include a "Remaining Work" section listing incomplete phases.

If .planning/postmortems/ does not exist: Create it before writing. If .planning/ itself doesn't exist, output the postmortem inline and note: "Run /do setup to initialize .planning/ for future storage."

Exit Protocol

---HANDOFF---
- Postmortem: {name}
- Document: .planning/postmortems/postmortem-{slug}-{date}.md
- Failures documented: {count}
- Safety catches: {count}
- Recommendations: {count}
- Reversibility: green — one file written to .planning/postmortems/; git rm to undo
---

After displaying the HANDOFF block, suggest: Run /learn {campaign-slug} to extract patterns into the knowledge base.

SethGammon/postmortem

skills/postmortem/SKILL.md

Auto-generates a structured postmortem from a completed campaign. Reads the campaign file, telemetry logs, and feature ledger. Produces a documented analysis of what broke, what the safety systems caught, and what patterns emerged. Can also be invoked manually for any incident.

603 stars

testing

Updated Jun 12, 2026

$ install --global

skillsauth

npx skillsauth add SethGammon/Citadel postmortem

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 12, 2026, 2:37 AM128.5s3 files scanned

SKILL.md

name:: postmortem
license:: MIT
description:: >-
user-invocable:: true
auto-trigger:: false
effort:: medium

/postmortem — Campaign Postmortem Generator

Orientation

When to Use

After any Archon campaign completes (Archon should suggest it)
After a difficult debugging session
When the user says "what just happened" or "what broke"
When /do routes "postmortem", "retro", "what broke", "what happened"

Inputs

One of:

A campaign file path (.planning/campaigns/*.md)
A time range ("last session", "today", "this week")
Nothing (reads the most recent completed campaign)

Protocol

Step 1: GATHER

Collect data from all available sources:

From the campaign file (if it exists):

Direction vs what was actually built (scope drift?)
Phase completion timeline (which phases needed rework?)
Decision log entries (what architectural choices were made?)
Review queue items (what needed human eyes?)
Circuit breaker activations (what hit the limit?)
Feature ledger (what shipped?)

From telemetry (.planning/telemetry/):

hook-timing.jsonl: which hooks fired most, any patterns
hook-errors.log: what was blocked, what failed, what had parse errors
Circuit breaker trips
Quality gate violations

From git history:

Commits during the campaign period
Files changed (which areas got the most churn?)
Any reverts (what was undone?)
Commit message patterns (fix: commits indicate bugs found)

From the session itself (if no campaign):

Recent tool calls and their outcomes
Files edited and errors encountered

Step 2: ANALYZE

Identify patterns across the data:

What broke: List every failure, error, or unexpected outcome. For each: what happened, what caught it (hook/gate/human/nothing), what it cost (time, rework, tokens).
What the safety systems caught: Circuit breaker activations, quality gate blocks, anti-pattern warnings, typecheck failures. This is the "invisible value" section — problems prevented.
What drifted: Compare the campaign direction to what was built. Did scope expand? Did phases get skipped or reordered? Did the architecture change mid-build?
What patterns emerged: Recurring error types, files that kept needing fixes, phases that took longest, common anti-patterns.

Step 3: PRODUCE

Write to .planning/postmortems/postmortem-{slug}-{date}.md:

# Postmortem: {Campaign Name or Session Description}

> Date: {ISO date}
> Campaign: {path to campaign file, or "ad-hoc session"}
> Duration: {time from first to last commit}
> Outcome: {completed | partial | parked}

## Summary
{2-3 sentences: what was attempted, what happened, what the result was}

## What Broke
{Numbered list. For each:}
### {N}. {Short description}
- **What happened:** {the failure}
- **Caught by:** {hook name / quality gate / human / nothing}
- **Cost:** {rework time, files affected, phases repeated}
- **Fix:** {what resolved it}
- **Infrastructure created:** {new hook rule, new anti-pattern, new end condition — or "none needed"}

## What Safety Systems Caught
{Things that WOULD have been problems without the hooks/gates}
| System | What It Caught | Times | Impact Prevented |
|--------|---------------|-------|-----------------|
| {hook/gate name} | {description} | {count} | {what would have happened} |

## Scope Analysis
- **Planned:** {what the campaign direction said}
- **Built:** {what the feature ledger shows}
- **Drift:** {none | minor | significant — with specifics}

## Patterns
{Recurring themes worth watching:}
- {pattern 1}
- {pattern 2}

## Recommendations
{Concrete next actions:}
1. {recommendation — e.g., "Add anti-pattern rule for X"}
2. {recommendation — e.g., "Phase Y needs tighter end conditions"}

## Numbers
| Metric | Value |
|--------|-------|
| Phases planned | {N} |
| Phases completed | {N} |
| Commits | {N} |
| Files changed | {N} |
| Circuit breaker trips | {N} |
| Quality gate blocks | {N} |
| Anti-pattern warnings | {N} |
| Rework cycles | {N} |

Step 4: HANDOFF

Output the HANDOFF block from the Exit Protocol, then suggest: Run /learn {campaign-slug} to extract patterns into the knowledge base.

What /postmortem Does NOT Do

Invent failures that didn't happen (real data only)
Blame the user or the model (document what happened, not whose fault)
Recommend changes to skill files (that's for the user to decide)
Run during a campaign (only after completion or on demand)

Quality Gates

Every "What Broke" entry has all 5 fields filled
Numbers section has real data (not estimates)
Recommendations are concrete actions (not "be more careful")
If no failures occurred, say so honestly (don't manufacture drama)

Fringe Cases

No telemetry data: Proceed without telemetry. Mark the "What Safety Systems Caught" table as "No telemetry available" and the Numbers section fields as "N/A". Don't manufacture data.

Exit Protocol

---HANDOFF---
- Postmortem: {name}
- Document: .planning/postmortems/postmortem-{slug}-{date}.md
- Failures documented: {count}
- Safety catches: {count}
- Recommendations: {count}
- Reversibility: green — one file written to .planning/postmortems/; git rm to undo
---

After displaying the HANDOFF block, suggest: Run /learn {campaign-slug} to extract patterns into the knowledge base.

Related Skills

SethGammon/loop

tools

VerifiedTrustedCommunity

Bounded foreground repetition for the current session. Creates a loop contract, runs or coordinates an action plus verifier up to a declared attempt limit, and records evidence under .planning/loops/. Use for repeat-until-pass work that is too small for daemon and not time-based scheduling.

603SKILL.mdUpdated Jun 10, 2026

SethGammon/unharness

testing

VerifiedTrustedCommunity

Remove Citadel from a project. Exports valuable state (campaigns, postmortems, research, backlog, discoveries) to docs/citadel/ as human-readable markdown, then removes all harness files and hooks. The archive is detected by /do setup on re-install and offered for restore.

603SKILL.mdUpdated May 4, 2026

SethGammon/evolve

development

VerifiedTrustedCommunity

Research-driven multi-cycle improvement director. Forms causal hypotheses about why scores are low, validates them with scout agents before attacking, dispatches axis-parallel fleet attacks, extracts transferable patterns, and runs indefinitely within a budget envelope. Accumulates a persistent belief model and pattern library across sessions.

603SKILL.mdUpdated May 4, 2026

SethGammon/workspace

data-ai

VerifiedTrustedCommunity

Multi-repo campaign coordinator. Same lifecycle as fleet -- scope claims, discovery relay, wave-based execution -- but the unit of work is a repo, not a file. Coordinates campaigns across repositories with shared context.

603SKILL.mdUpdated Apr 21, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/SethGammon/Citadel.git

# Copy into Claude Code skills folder (global)
cp -r Citadel/skills/postmortem ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

SethGammon/Citadel

603 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT