What it does
PagerDuty Incident Postmortem Writer is an SRE-focused agent that turns PagerDuty incident data into a complete blameless postmortem draft. It collects incident details, notes, and log entries from the PagerDuty API, builds a chronological timeline, scores findings (severity, duration, escalations, responders), and synthesizes narrative postmortem sections — executive summary, impact analysis, root cause hypotheses, a 5 Whys framework, and lessons learned — using an LLM with a deterministic fallback. The draft is returned as structured JSON and can be pushed to Confluence and announced in Slack. Fully offline in mock mode — no credentials required for testing. Built for SRE and platform teams who want fast, consistent, blameless postmortems instead of manually reconstructing incident timelines.
Example prompts
- Generate a full blameless postmortem for this PagerDuty incident
- Build a timeline of events for this incident
- Give me 5 Whys root-cause questions for this outage
- Get a quick summary of this incident without a full postmortem
Tools (8)
Tools the agent exposes — your AI client calls them automatically when it needs them.
- run_full — Generate a complete blameless postmortem draft from a PagerDuty incident.
- analyze_incident — Run deterministic analysis on a PagerDuty incident and return scored findings. No LLM call.
- generate_timeline — Build a chronological timeline of events for an incident, ordered from trigger to resolution.
- build_five_whys — Generate structured 5 Whys root-cause analysis prompts for an incident (blameless, system-focused).
- get_incident_summary — Return a concise incident summary without generating the full postmortem.
- discover_intent — Route a freeform user request to the most appropriate tool.
- list_capabilities — List all available tools and their purposes.
- plan_inputs — Plan inputs for a tool: returns questions, JSON schema, and a ready-to-edit example.
What you'll need to connect
This agent will ask you for the following. You enter them when you connect — they're encrypted and never shared with the creator.
- PagerDuty API Key · optionalPagerDuty API key with incidents:read scope. Leave blank to use mock data for testing.Get this from pagerduty.com's account or API settings.Paste the value as a single line.Only sent to: api.pagerduty.com
- Confluence API Token · optionalOptional. Atlassian API token for creating postmortem pages in Confluence.Get this from *.atlassian.net's account or API settings.Paste the value as a single line.Only sent to: *.atlassian.net
- Slack Bot Token · optionalOptional. Slack bot OAuth token for posting postmortem-ready notifications. Requires chat:write scope.Create a Slack app (api.slack.com/apps), add the scopes the agent needs, install it to your workspace, and copy the bot/user token.Paste the value as a single line.Only sent to: slack.com
- Anthropic API Key · optionalOptional. Leave blank on a sampling-capable client to use the host model with no key.Create a key on the Anthropic Console API keys page (console.anthropic.com → API keys).Paste the value as a single line.Only sent to: api.anthropic.com
How you're protected
FindAgent runs these safety checks on every agent automatically. They're always on and can't be turned off.
- Prompt-injection scanning
Every request is checked for known prompt-injection and jailbreak attempts before the agent runs. This is always on.
- Secret-leak scanning
Every response is scanned for leaked API keys, tokens, and other secrets before it reaches you. This is always on.