Status: draft | published | delayed Severity: P0 | P1 | P2 Incident window: Detected at: Resolved at: Repository version: Operator environment:
One paragraph describing what happened and what was affected.
- Affected users or operators:
- Affected systems:
- Live capital affected:
- Public artifacts affected:
- Data privacy affected:
| Time | Event |
|---|---|
| YYYY-MM-DDTHH:MM:SSZ | Detection event. |
| YYYY-MM-DDTHH:MM:SSZ | Containment action. |
| YYYY-MM-DDTHH:MM:SSZ | Verification complete. |
Link to one or more IDs from Failure Modes Of The Autonomous Loop.
What check, alert, verifier, operator action, or external report detected the incident?
What could the incident affect before containment? Be explicit about what it could not affect.
What kill, pause, flatten, revert, rollback receipt, deployment rollback, or publication stop was used?
- Journal entry or audit packet:
- Proof hash:
- Verifier command:
- Redacted artifact path:
Which operator-visible alert fired? If no alert fired, explain the gap.
What failed technically and operationally?
What prevented a worse outcome?
What should have caught this earlier?
| Item | Owner | Status |
|---|---|---|
| Add regression test. | TBD | open |
| Update runbook. | TBD | open |
| Verify release or deployment. | TBD | open |
List the deterministic tests, property tests, drills, or verifiers added after the incident.
Explain redactions and any delayed-publication reason.