cohere-incident-runbook
Execute Cohere incident response procedures with triage, mitigation, and postmortem. Use when responding to Cohere API outages, investigating errors, or running post-incident reviews for Cohere integration failures. Trigger with phrases like "cohere incident", "cohere outage", "cohere down", "cohere on-call", "cohere emergency", "cohere broken".
Best use case
cohere-incident-runbook is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Execute Cohere incident response procedures with triage, mitigation, and postmortem. Use when responding to Cohere API outages, investigating errors, or running post-incident reviews for Cohere integration failures. Trigger with phrases like "cohere incident", "cohere outage", "cohere down", "cohere on-call", "cohere emergency", "cohere broken".
Teams using cohere-incident-runbook should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/cohere-incident-runbook/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How cohere-incident-runbook Compares
| Feature / Agent | cohere-incident-runbook | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Execute Cohere incident response procedures with triage, mitigation, and postmortem. Use when responding to Cohere API outages, investigating errors, or running post-incident reviews for Cohere integration failures. Trigger with phrases like "cohere incident", "cohere outage", "cohere down", "cohere on-call", "cohere emergency", "cohere broken".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Cohere Incident Runbook
## Overview
Rapid incident response procedures for Cohere API v2 outages. Covers triage, mitigation, communication, and postmortem for Chat, Embed, Rerank, and Classify endpoints.
## Prerequisites
- Access to [status.cohere.com](https://status.cohere.com)
- kubectl access to production cluster
- Prometheus/Grafana access
- PagerDuty/Slack communication channels
## Severity Levels
| Level | Definition | Response Time | Example |
|-------|------------|---------------|---------|
| P1 | All Cohere endpoints down | < 15 min | API returning 5xx globally |
| P2 | Degraded (rate limits, high latency) | < 1 hour | 429 errors, P95 > 10s |
| P3 | Single endpoint affected | < 4 hours | Embed works, Chat fails |
| P4 | Non-blocking issue | Next business day | Slow response, minor errors |
## Quick Triage (Run These First)
```bash
# 1. Check Cohere service status
curl -s https://status.cohere.com/api/v2/status.json | jq '.status.description'
# 2. Test each endpoint directly
echo "--- Chat ---"
curl -s -o /dev/null -w "%{http_code}" \
-X POST https://api.cohere.com/v2/chat \
-H "Authorization: Bearer $CO_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model":"command-r7b-12-2024","messages":[{"role":"user","content":"ping"}]}'
echo -e "\n--- Embed ---"
curl -s -o /dev/null -w "%{http_code}" \
-X POST https://api.cohere.com/v2/embed \
-H "Authorization: Bearer $CO_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model":"embed-v4.0","texts":["test"],"input_type":"search_document","embedding_types":["float"]}'
echo -e "\n--- Rerank ---"
curl -s -o /dev/null -w "%{http_code}" \
-X POST https://api.cohere.com/v2/rerank \
-H "Authorization: Bearer $CO_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model":"rerank-v3.5","query":"test","documents":["a","b"]}'
# 3. Check our app health
curl -sf https://api.yourapp.com/api/health | jq '.cohere'
# 4. Check error rate (last 5 min)
curl -s "localhost:9090/api/v1/query?query=rate(cohere_errors_total[5m])" | jq '.data.result'
```
## Decision Tree
```
Cohere API returning errors?
├─ YES: Is status.cohere.com showing incident?
│ ├─ YES → Cohere-side outage. Enable fallback. Monitor status page.
│ └─ NO → Check our API key and configuration.
│ ├─ 401 → API key revoked or wrong. Check CO_API_KEY.
│ ├─ 429 → Rate limited. Check if trial key in prod.
│ ├─ 400 → Bad request. Check request format (v1 vs v2?).
│ └─ 5xx → Cohere server issue. Retry with backoff.
└─ NO: Is our app healthy?
├─ YES → Intermittent. Monitor.
└─ NO → Our infrastructure. Check pods, memory, network.
```
## Immediate Actions by Error Type
### 401 — Authentication Failure
```bash
# Verify API key is set
kubectl get secret cohere-secrets -o jsonpath='{.data.CO_API_KEY}' | base64 -d | head -c4
echo "..."
# Test key directly
curl -s -o /dev/null -w "%{http_code}" \
-H "Authorization: Bearer $(kubectl get secret cohere-secrets -o jsonpath='{.data.CO_API_KEY}' | base64 -d)" \
-H "Content-Type: application/json" \
https://api.cohere.com/v2/chat \
-d '{"model":"command-r7b-12-2024","messages":[{"role":"user","content":"test"}]}'
# If key is invalid: rotate
# 1. Generate new key at dashboard.cohere.com
# 2. Update secret
kubectl create secret generic cohere-secrets \
--from-literal=CO_API_KEY=NEW_KEY \
--dry-run=client -o yaml | kubectl apply -f -
# 3. Restart pods
kubectl rollout restart deployment/app
```
### 429 — Rate Limited
```bash
# Check if using trial key in production (trial = 20 calls/min)
KEY_LEN=$(kubectl get secret cohere-secrets -o jsonpath='{.data.CO_API_KEY}' | base64 -d | wc -c)
echo "Key length: $KEY_LEN chars"
# If trial key: upgrade to production key at dashboard.cohere.com
# If production key: reduce concurrency
kubectl set env deployment/app COHERE_MAX_CONCURRENT=5
# Enable request queuing
kubectl set env deployment/app COHERE_QUEUE_ENABLED=true
```
### 5xx — Cohere Server Errors
```bash
# Enable graceful degradation
kubectl set env deployment/app COHERE_FALLBACK_ENABLED=true
# If using RAG: fall back to rerank-only (skip chat)
# If using agents: fall back to cached responses
# Monitor Cohere status page for resolution
watch -n 30 'curl -s https://status.cohere.com/api/v2/status.json | jq .status.description'
```
## Graceful Degradation Pattern
```typescript
import { CohereError, CohereTimeoutError } from 'cohere-ai';
async function resilientChat(message: string): Promise<string> {
try {
const response = await cohere.chat({
model: 'command-a-03-2025',
messages: [{ role: 'user', content: message }],
});
return response.message?.content?.[0]?.text ?? '';
} catch (err) {
if (err instanceof CohereError && err.statusCode === 429) {
// Fallback to cheaper model (may have separate rate limit)
const fallback = await cohere.chat({
model: 'command-r7b-12-2024',
messages: [{ role: 'user', content: message }],
maxTokens: 200,
});
return fallback.message?.content?.[0]?.text ?? '';
}
if (err instanceof CohereError && (err.statusCode ?? 0) >= 500) {
return 'Cohere is temporarily unavailable. Please try again shortly.';
}
throw err;
}
}
```
## Communication Templates
### Internal (Slack)
```
P[1-4] INCIDENT: Cohere Integration
Status: INVESTIGATING / MITIGATED / RESOLVED
Impact: [e.g., "RAG answers unavailable, chat degraded to cached responses"]
Root cause: [e.g., "Cohere API returning 503 — confirmed on status.cohere.com"]
Current action: [e.g., "Enabled fallback mode, monitoring for recovery"]
Next update: [time]
```
### External (Status Page)
```
Cohere Integration — Degraded Performance
Some AI-powered features may be slower than usual or temporarily unavailable.
We are monitoring the situation and will provide updates as available.
Last updated: [timestamp]
```
## Post-Incident
### Evidence Collection
```bash
# Export error logs from incident window
kubectl logs -l app=my-cohere-app --since=1h | grep -i "cohere\|CohereError" > incident-logs.txt
# Export metrics
curl "localhost:9090/api/v1/query_range?query=cohere_errors_total&start=$(date -d '2 hours ago' +%s)&end=$(date +%s)&step=60" > metrics.json
# Cohere status history
curl -s https://status.cohere.com/api/v2/incidents.json | jq '.incidents[:3]'
```
### Postmortem Template
```markdown
## Incident: Cohere [endpoint] [error type]
**Date:** YYYY-MM-DD HH:MM - HH:MM UTC
**Duration:** X hours Y minutes
**Severity:** P[1-4]
**Detection:** [Alert name / user report / health check]
### Summary
[1-2 sentences]
### Timeline
- HH:MM — Alert fired: cohere_errors_total spike
- HH:MM — On-call acknowledged, began triage
- HH:MM — Root cause identified: [cause]
- HH:MM — Mitigation applied: [action]
- HH:MM — Service restored
### Root Cause
[Was it Cohere-side (status page incident) or our configuration?]
### Action Items
- [ ] Add circuit breaker for [endpoint] — @owner — due date
- [ ] Improve fallback for [scenario] — @owner — due date
- [ ] Add alert for [missed signal] — @owner — due date
```
## Output
- Triage completed with endpoint-level diagnosis
- Immediate mitigation applied (fallback, key rotation, etc.)
- Stakeholders notified via templates
- Evidence collected for postmortem
## Resources
- [Cohere Status Page](https://status.cohere.com)
- [Cohere Error Codes](https://docs.cohere.com/reference/errors)
- [Cohere Support](https://support.cohere.com)
## Next Steps
For data handling, see `cohere-data-handling`.Related Skills
responding-to-security-incidents
Analyze and guide security incident response, investigation, and remediation processes. Use when you need to handle security breaches, classify incidents, develop response playbooks, gather forensic evidence, or coordinate remediation efforts. Trigger with phrases like "security incident response", "ransomware attack response", "data breach investigation", "incident playbook", or "security forensics".
windsurf-incident-runbook
Execute Windsurf incident response when AI features fail or cause production issues. Use when Cascade breaks code, Windsurf service is down, AI-generated code causes production incidents, or team needs emergency Windsurf troubleshooting. Trigger with phrases like "windsurf incident", "windsurf outage", "windsurf broke production", "cascade caused bug", "windsurf emergency".
webflow-incident-runbook
Execute Webflow incident response — triage by HTTP status (401/403/429/500), circuit breaker activation, cached fallback, Webflow status page checks, communication templates, and postmortem process. Trigger with phrases like "webflow incident", "webflow outage", "webflow down", "webflow on-call", "webflow emergency", "webflow broken".
vercel-incident-runbook
Vercel incident response procedures with triage, instant rollback, and postmortem. Use when responding to Vercel-related outages, investigating production errors, or running post-incident reviews for deployment failures. Trigger with phrases like "vercel incident", "vercel outage", "vercel down", "vercel on-call", "vercel emergency", "vercel broken".
veeva-incident-runbook
Veeva Vault incident runbook for enterprise operations. Use when implementing advanced Veeva Vault patterns. Trigger: "veeva incident runbook".
vastai-incident-runbook
Execute Vast.ai incident response for GPU instance failures and outages. Use when responding to instance failures, investigating training crashes, or handling spot preemption emergencies. Trigger with phrases like "vastai incident", "vastai outage", "vastai down", "vastai emergency", "vastai instance failed".
twinmind-incident-runbook
Incident response for TwinMind failures: transcription not starting, audio not captured, sync failures, and calendar disconnect. Use when implementing incident runbook, or managing TwinMind meeting AI operations. Trigger with phrases like "twinmind incident runbook", "twinmind incident runbook".
supabase-incident-runbook
Execute Supabase incident response: dashboard health checks, connection pool status, pg_stat_activity queries, RLS debugging, Edge Function logs, storage health, and escalation. Use when responding to Supabase outages, investigating production errors, debugging connection issues, or preparing evidence for Supabase support escalation. Trigger: "supabase incident", "supabase outage", "supabase down", "supabase on-call", "supabase emergency", "supabase broken", "supabase connection issues".
speak-incident-runbook
Incident response for Speak API outages: triage, fallback to offline mode, and recovery procedures. Use when implementing incident runbook, or managing Speak language learning platform operations. Trigger with phrases like "speak incident runbook", "speak incident runbook".
snowflake-incident-runbook
Execute Snowflake incident response with triage, rollback, and postmortem using real SQL diagnostics. Use when responding to Snowflake outages, investigating query failures, or running post-incident reviews for pipeline failures. Trigger with phrases like "snowflake incident", "snowflake outage", "snowflake down", "snowflake on-call", "snowflake emergency".
shopify-incident-runbook
Execute Shopify incident response with triage using Shopify status page, API health checks, and rate limit diagnosis. Trigger with phrases like "shopify incident", "shopify outage", "shopify down", "shopify on-call", "shopify emergency", "shopify not responding".
sentry-incident-runbook
Execute incident response procedures using Sentry error monitoring. Use when investigating production outages, triaging error spikes, classifying incident severity, or building postmortem reports from Sentry data. Trigger with phrases like "sentry incident", "sentry triage", "investigate sentry error", "sentry runbook", "production incident sentry".