davepoon/ops-fires
plugins/claude-ops/skills/ops-fires/SKILL.md
Production incidents dashboard. Reads ECS health, Sentry errors, CI failures. Offers to dispatch fix agents for active fires.
$ install --global
skillsauthnpx skillsauth add davepoon/buildwithclaude ops-firesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 10, 2026, 2:58 AM209.9s1 file scanned
SKILL.md
- name:
- ops-fires
- description:
- Production incidents dashboard. Reads ECS health, Sentry errors, CI failures. Offers to dispatch fix agents for active fires.
- argument-hint:
- [project-alias|all]
- effort:
- medium
- maxTurns:
- 30
OPS ► FIRES
Runtime Context
Before executing, load available context:
-
Daemon health: Read
${CLAUDE_PLUGIN_DATA_DIR:-$HOME/.claude/plugins/data/ops-ops-marketplace}/daemon-health.json- Check
infra-monitorservice status — if not running, pre-gathered infra data may be stale - If
action_neededis not null → surface it immediately as a potential fire
- Check
-
Secrets: AWS credentials are required for ECS/CloudWatch queries.
Secret Resolution
- First: check
$AWS_ACCESS_KEY_ID/$AWS_PROFILEenv vars - Then:
doppler secrets get AWS_ACCESS_KEY_ID --plain(ifdopplerconfigured in prefs) - Then: use
password_manager_config.query_cmdfrom preferences - Sentry token:
$SENTRY_AUTH_TOKEN→ DopplerSENTRY_AUTH_TOKEN→ vault
- First: check
-
Preferences: Read
${CLAUDE_PLUGIN_DATA_DIR}/preferences.jsonforsecrets_managerconfig to know which vault to query.
CLI/API Reference
aws CLI
| Command | Usage | Output |
|---------|-------|--------|
| aws ecs list-services --cluster <name> --query 'serviceArns' | ECS services | ARN list |
| aws ecs describe-services --cluster <name> --services <arn> --query 'services[0].{status:status,running:runningCount,desired:desiredCount}' | Service health | JSON |
| aws logs tail /ecs/<service> --since 1h --format short | ECS logs | Log lines (use with Monitor for live) |
gh CLI (GitHub)
| Command | Usage | Output |
|---------|-------|--------|
| gh run list --limit 20 --json status,conclusion,name,headBranch,createdAt | Recent CI runs | JSON array |
| gh run view <id> --repo <repo> --log-failed | Failed CI logs | Log output |
sentry-cli / Sentry API
| Command | Usage | Output |
|---------|-------|--------|
| sentry-cli issues list --project <slug> --status unresolved | Unresolved issues | Issue list |
| curl -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" "https://sentry.io/api/0/projects/<org>/<proj>/issues/?query=is:unresolved" | API fallback when MCP unavailable | JSON array |
Agent Teams support
If CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1 is set, use Agent Teams when dispatching multiple fix agents simultaneously. This enables:
- Fix agents share findings (e.g., API agent discovers DB is the root cause → infra agent pivots to DB fix)
- You can prioritize: "CRITICAL ECS issue first, then CI failures"
- Real-time progress: agents report as they find root causes, you can merge fixes in optimal order
Team setup (only when flag is enabled, dispatch phase):
TeamCreate("fire-fixers")
Agent(team_name="fire-fixers", name="fix-[service]", ...)
If the flag is NOT set, use standard parallel subagents.
Pre-gathered infrastructure data
${CLAUDE_PLUGIN_ROOT}/bin/ops-infra 2>/dev/null || echo '{"clusters":[],"error":"infra check failed"}'
CI failures (last 24h)
${CLAUDE_PLUGIN_ROOT}/bin/ops-ci 2>/dev/null || echo '[]'
External projects health
${CLAUDE_PLUGIN_ROOT}/bin/ops-external 2>/dev/null || echo '[]'
Your task
Analyze the pre-gathered data — including external projects. Then run parallel checks:
- ECS health — parse infra data for unhealthy services, stopped tasks, failed deployments.
- Sentry — if Sentry MCP is connected, query recent unresolved errors. Otherwise note it's unavailable.
- CI — parse CI data for failing pipelines, broken main/dev branches.
- GitHub Actions —
gh run list --limit 20 --json status,conclusion,name,headBranch,createdAt 2>/dev/null - External projects — parse ops-external data. Flag
auth_expiredas HIGH (credential rotation needed),unreachable/degradedas MEDIUM,not_configuredas LOW.
Classify each issue by severity:
| Severity | Criteria | | -------- | ------------------------------------------------- | | CRITICAL | Service down, DB unreachable, auth broken | | HIGH | Elevated error rate, deploy stuck, CI main broken | | MEDIUM | Non-critical service degraded, flaky tests | | LOW | Warning-level, non-urgent |
Output format
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
OPS ► FIRES DASHBOARD — [timestamp]
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
CRITICAL
[service] — [issue] — [since]
HIGH
[service] — [issue] — [since]
MEDIUM
[service] — [issue] — [since]
ECS HEALTH
[cluster] [service] [desired/running] [status]
CI STATUS
[repo] [branch] [workflow] [status] [last run]
SENTRY (top errors, 24h)
[error] [count] [first seen] [project]
EXTERNAL PROJECTS
[alias] [source] [status] [details — e.g. auth_expired, unreachable]
──────────────────────────────────────────────────────
Use batched AskUserQuestion calls (max 4 options each). Only show relevant actions (e.g., skip dispatch options if no issues found):
AskUserQuestion call 1:
[Dispatch fix agent for [top critical issue]]
[Dispatch fix agent for [second issue]]
[View logs for [service]]
[More...]
AskUserQuestion call 2 (only if "More..."):
[Open Sentry dashboard]
[Open GitHub Actions]
[All clear — nothing to do]
If no fires: show "ALL SYSTEMS OPERATIONAL" with last-checked timestamps.
Dispatch fix agent
When user selects to fix an issue, use AskUserQuestion to confirm the scope before dispatching:
Dispatch fix agent for: [issue title]
Severity: [CRITICAL/HIGH/MEDIUM]
Repo: [repo]
Error: [brief description]
The agent will:
- Investigate root cause in [repo]
- Create feature branch with fix
- Open PR for review
[Dispatch agent] [Show me the logs first] [Skip — I'll fix manually]
On confirmation, spawn an Agent with:
- The error details and logs
- Access to the relevant repo
- Instruction to create a feature branch, fix, and open a PR
- Report back when done or blocked
Use the agents/infra-monitor.md agent definition for infra issues.
If $ARGUMENTS contains a project alias, filter to that project's services only.
Native tool usage
Monitor — live service health
Use Monitor to stream ECS task logs or GitHub Actions runs when investigating fires:
Monitor(command: "aws logs tail /ecs/<service> --follow --since 5m")
Tasks — incident tracking
Use TaskCreate for each active fire. Update with TaskUpdate as fires are investigated/fixed/escalated.
WebFetch — status pages
When diagnosing fires, use WebFetch to check AWS status page (https://health.aws.amazon.com/health/status), Vercel status, or third-party API status pages.
WebSearch — known outage patterns
Use WebSearch to find if the error pattern matches a known AWS/infrastructure issue (e.g., "ECS task stopped CannotPullContainerError" → known ECR throttling).
Related Skills
davepoon/whats-next
tools
VerifiedTrustedCommunity
Assesses the current state of the startup project and recommends what to focus on next. Use when there is a need or a question from the user to understand what the next steps are or what to focus on next.
3,021SKILL.mdUpdated Jun 5, 2026
davepoon/using-startup-superpowers
data-ai
VerifiedTrustedCommunity
Use at the start of any conversation about a startup idea, product validation, founder strategy, or work inside a `startup/` workspace. Establishes file conventions, voice-input handling, subagent dispatch rules, and how to update each artifact safely. Activate before invoking any other startup-superpowers skill.
3,021SKILL.mdUpdated Jun 5, 2026
davepoon/surveys
tools
VerifiedTrustedCommunity
Manages the founder's survey-based validation — crafting the right questions, deploying a survey to the internet, and analyzing results against hypotheses. Use when the founder wants to run a survey, create survey questions, validate hypotheses at scale, check how a survey is going, understand whether a survey is the right tool right now, or deploy a question set to get quantitative signal. Also bring this up if you believe that creating a survey to collect quantitative evidence may be useful at this point.
3,021SKILL.mdUpdated Jun 5, 2026
davepoon/mvp
development
VerifiedTrustedCommunity
Guides the founder through designing and optionally building the simplest MVP or prototype that validates their current hypotheses. Use when the founder wants to build something to test assumptions, discusses what to build next, wants to interpret results from a live MVP, or is deciding whether the current approach is still right. Also use when a founder proposes something to build — the skill will check whether the proposed form is the simplest thing that generates honest signal.
3,021SKILL.mdUpdated Jun 5, 2026