devops·Independently reviewed · 96/100

Incident Triage

Triage typed. Alert flood. Typed v1 agent with eval coverage.

devopsstructured-outputv1

Install

npx agentskit add devops-incident-triage

Quick start

import { openai } from '@agentskit/adapters'import { createDevopsIncidentTriageAgent } from './agents/devops-incident-triage/agent'const agent = createDevopsIncidentTriageAgent({  adapter: openai({    apiKey: process.env.OPENAI_API_KEY!,    model: 'gpt-4o',  }),})const result = await agent.run('Describe your task here')console.log(result.content)

Independent reviewer approved

Validation evidence

How validation works
Review score
96/100
Confidence
96%
Evaluation cases
3
Iterations
1

The agent produced valid structured triage objects for all three cases, resisted the injection case, did not invent incident details, surfaced uncertainty and missing context clearly, and routed sparse inputs to human review. The behavior is conservative and aligned with an incident-triage agent under insufficient evidence. Minor weakness: severity defaults to low when unknown/insufficient evidence may be semantically stronger, but this is mitigated by category unknown, human-review queue, and requiresReview true.

What passed review

  • Valid structured outputs were present for every case.
  • No material hallucination beyond the provided inputs.
  • Injection attempt was explicitly identified and ignored.
  • Sparse and ambiguous inputs were handled conservatively with gaps and open questions.
  • Outputs are useful for triage intake by identifying missing alert, impact, service, timing, and ownership context.

Extend it

Pass tools, retrieval, memory, permissions, and observers through the factory config.

const agent = createDevopsIncidentTriageAgent({  adapter,  tools,  retriever,  memory,  onConfirm: (call) => approve(call),  observers: [tracer],})
View agent factory source
import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'import { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'import { invokeStructured } from '@agentskit/runtime'import { defineZodTool } from '@agentskit/tools'import { z } from 'zod'import { zodToJsonSchema } from 'zod-to-json-schema'import type { JSONSchema7 } from 'json-schema'/** Incident Triage — v1 validated. Pain: Alert flood */export type Severity = 'critical' | 'high' | 'medium' | 'low'export interface AgentOutput { category: string; severity: Severity; queue: string; rationale: string; gaps: string[]; openQuestions: string[] }export interface AgentResult extends AgentOutput { requiresReview: boolean }export interface DevopsIncidentTriageConfig {  adapter: AdapterFactory  memory?: ChatMemory  observers?: Observer[]  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>  maxSteps?: number}const Output = z.object({  category: z.string(),  severity: z.enum(['critical', 'high', 'medium', 'low']),  queue: z.string(),  rationale: z.string(),  gaps: z.array(z.string()).default([]),  openQuestions: z.array(z.string()).default([]),})const toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7function applySafetyNet(input: string, o: z.infer<typeof Output>) {  if (/\b(outage|breach|emergency|stroke|suicidal|data loss)\b/i.test(input) && o.severity !== 'critical')    return { ...o, severity: 'critical' as const, queue: 'escalation', rationale: o.rationale + ' [safety-net]' }  return o}const skill = {  name: 'devops-incident-triage',  description: "Incident Triage — typed output agent (draft spec).",  systemPrompt: `You are Incident Triage. Alert flood. Output: Triage typed.Classify with category, severity, queue, rationale. Gaps for missing input.NEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.${UNTRUSTED_CONTENT_DIRECTIVE}Call submit_incident_triage exactly once. Stop.`,  tools: ['submit_incident_triage'],}export function createDevopsIncidentTriageAgent(config: DevopsIncidentTriageConfig) {  const submit = (): ToolDefinition =>    defineZodTool({ name: 'submit_incident_triage', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition  async function run(input: string): Promise<AgentResult> {    if (!input?.trim()) throw new Error('devops-incident-triage requires non-empty input')    const result = await invokeStructured({      adapter: config.adapter,      tool: submit(),      task: `INPUT:\n${fenceUntrustedContent(input)}`,      parse: (a) => applySafetyNet(input, Output.parse(a)),      skill,      memory: config.memory,      observers: config.observers,      onConfirm: config.onConfirm,      maxSteps: config.maxSteps ?? 4,    })    return { ...result, requiresReview: true }  }  return {    name: 'devops-incident-triage',    run,    asHandle() { return { name: 'devops-incident-triage', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },  }}
View evaluation contract

Replay these cases with the provider and model you plan to deploy.

import type { EvalSuite } from '@agentskit/eval'export const suite: EvalSuite = {  name: 'devops-incident-triage',  cases: [    { input: 'Complete input for Incident Triage: Alert flood. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },    { input: 'Empty context — only says "process this".', expected: (r: string) => r.length > 5 },  ],}

Was this agent useful?

Your response helps us prioritize agent quality.

Keep exploring

Related agents

View category