Tendril — AI Lessons for Real Life

Tendril

The premise

AI can iterate operational runbooks against fresh postmortems, surfacing the gap between the runbook and the actual response and proposing edits with on-call ergonomics in mind.

What AI does well here

Diff the actual incident response against the existing runbook step-by-step.

Propose edits sized for someone reading at 3am: short steps, copy-paste commands, named decision points.

What AI cannot do

Ensure the next on-call actually reads the updated runbook before the next incident.

Replace the muscle memory of running a game day.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-operations-AI-and-runbook-iteration-from-incidents-r7a2-adults

A team updates their runbook using AI after a payment outage. The AI identifies that Step 4 in the existing runbook was skipped during the incident response. What should happen next?

The on-call team should be blamed for skipping Step 4
The runbook should be updated to reflect that Step 4 was skipped and explain why it was bypassed
Step 4 should be removed since it was not useful during the incident
The runbook should be archived and a new one created from scratch

Which of the following best describes 'on-call ergonomics'?

Designing runbooks and processes that minimize cognitive load for someone responding at 3am with limited context
Ergonomic equipment for the on-call engineer such as standing desks
A system for tracking on-call hours and overtime
The physical layout of the operations center

An AI system compares an incident response transcript against the existing runbook and finds several mismatches. What capability is the AI demonstrating?

Drift detection—identifying divergence between documented procedures and actual operational behavior
Automatic incident escalation
Predictive analytics for future incidents
Natural language generation of new runbook content

A team uses AI to generate an updated runbook after a major incident, making all steps short with copy-paste commands and clear decision points. They ship the runbook without scheduling a game-day drill. What risk remains?

The runbook is now too simple and lacks necessary detail
The AI-generated runbook contains errors that only a game day would reveal
The on-call engineer may still panic and not follow the runbook because they have not practiced using it under pressure
The team has fulfilled all operational readiness requirements

Why are 'named decision points' important in a runbook designed for 3am readability?

They speed up the runbook by eliminating unnecessary steps
They are required by compliance auditors
They allow the AI to automatically make decisions during incidents
They give the responder a clear signal of when they need to make a choice, reducing ambiguity under stress

What is the fundamental limitation of AI in the runbook iteration process?

AI cannot guarantee that humans will read or practice the updated runbook before the next incident
AI cannot understand the technical details of the incident
AI cannot access the postmortem data
AI cannot generate accurate copy-paste commands

A postmortem reveals that the on-call engineer guessed at a command during an outage because the runbook was ambiguous. Which improvement would best address this for future incidents?

Include links to additional documentation for each step
Write the runbook in a more conversational tone
Add more background context explaining why each step exists
Replace ambiguous text with explicit copy-paste commands that remove guesswork

What does 'muscle memory' refer to in the context of incident response?

Memory of previous incidents stored in the database
Knowledge of the incident management system interface
Physical hand movements for typing commands quickly
The ability to execute response steps automatically through practiced repetition

An organization has iterated their runbook three times using AI after three separate incidents. They have not conducted a game-day exercise. What does the lesson predict about their operational readiness?

They have updated documentation but may still panic during the next incident because they lack practical drill experience
They need to hire more on-call engineers
They should delete their old runbooks since they are obsolete
They are now fully operational ready since the runbook reflects recent incidents

Which statement about AI's role in runbook iteration is correct?

AI can predict when the next incident will occur
AI can compare actual incident response steps against runbook steps and propose targeted edits
AI can guarantee that on-call engineers will follow the updated runbook
AI can automatically deploy runbook changes to production systems

A runbook step says: 'Check the error logs and determine if the issue is related to the database connection.' Why might an AI-assisted update change this step?

The step should be removed because error logs are not useful
The step should be expanded with more technical background
The step requires interpretation and judgment at a time when responders are tired and stressed
The step is too detailed and takes too long to execute

What is the primary goal of 'runbook iteration' as described in this lesson?

Continuously narrowing the gap between documented procedures and actual incident response behavior
Reducing the number of incidents that occur
Replacing human on-call engineers with automated systems
Creating the most comprehensive technical documentation possible

After an AI-assisted runbook update, a senior engineer says the team should schedule a drill before shipping the updated runbook. Why is this advice consistent with the lesson?

Because runbook iteration without practice produces a panicked on-call who has not built muscle memory
Because compliance requires quarterly drills
Because the updated runbook is not yet approved by management
Because the AI might have made errors that need human verification

What does it mean for a runbook to have '3am readability'?

The runbook includes jokes to keep the reader awake
The runbook is no longer than three pages
The runbook is formatted to be read in dim lighting
The runbook uses short steps, copy-paste commands, and explicit decision points to minimize cognitive load

An AI system flags that a runbook step was followed but produced an unexpected result. What should happen to the runbook?

The runbook step should be deleted since it is unreliable
No change is needed since the step was followed correctly
The runbook should be updated to note the unexpected result and provide guidance for that scenario
The on-call engineer should be retrained on that step

The premise

AI can iterate operational runbooks against fresh postmortems, surfacing the gap between the runbook and the actual response and proposing edits with on-call ergonomics in mind.

What AI does well here

Diff the actual incident response against the existing runbook step-by-step.

Propose edits sized for someone reading at 3am: short steps, copy-paste commands, named decision points.

What AI cannot do

Ensure the next on-call actually reads the updated runbook before the next incident.

Replace the muscle memory of running a game day.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-operations-AI-and-runbook-iteration-from-incidents-r7a2-adults

A team updates their runbook using AI after a payment outage. The AI identifies that Step 4 in the existing runbook was skipped during the incident response. What should happen next?

The on-call team should be blamed for skipping Step 4
The runbook should be updated to reflect that Step 4 was skipped and explain why it was bypassed
Step 4 should be removed since it was not useful during the incident
The runbook should be archived and a new one created from scratch

Which of the following best describes 'on-call ergonomics'?

Designing runbooks and processes that minimize cognitive load for someone responding at 3am with limited context
Ergonomic equipment for the on-call engineer such as standing desks
A system for tracking on-call hours and overtime
The physical layout of the operations center

An AI system compares an incident response transcript against the existing runbook and finds several mismatches. What capability is the AI demonstrating?

Drift detection—identifying divergence between documented procedures and actual operational behavior
Automatic incident escalation
Predictive analytics for future incidents
Natural language generation of new runbook content

The runbook is now too simple and lacks necessary detail
The AI-generated runbook contains errors that only a game day would reveal
The on-call engineer may still panic and not follow the runbook because they have not practiced using it under pressure
The team has fulfilled all operational readiness requirements

Why are 'named decision points' important in a runbook designed for 3am readability?

They speed up the runbook by eliminating unnecessary steps
They are required by compliance auditors
They allow the AI to automatically make decisions during incidents
They give the responder a clear signal of when they need to make a choice, reducing ambiguity under stress

What is the fundamental limitation of AI in the runbook iteration process?

AI cannot guarantee that humans will read or practice the updated runbook before the next incident
AI cannot understand the technical details of the incident
AI cannot access the postmortem data
AI cannot generate accurate copy-paste commands

A postmortem reveals that the on-call engineer guessed at a command during an outage because the runbook was ambiguous. Which improvement would best address this for future incidents?

Include links to additional documentation for each step
Write the runbook in a more conversational tone
Add more background context explaining why each step exists
Replace ambiguous text with explicit copy-paste commands that remove guesswork

What does 'muscle memory' refer to in the context of incident response?

Memory of previous incidents stored in the database
Knowledge of the incident management system interface
Physical hand movements for typing commands quickly
The ability to execute response steps automatically through practiced repetition

They have updated documentation but may still panic during the next incident because they lack practical drill experience
They need to hire more on-call engineers
They should delete their old runbooks since they are obsolete
They are now fully operational ready since the runbook reflects recent incidents

Which statement about AI's role in runbook iteration is correct?

AI can predict when the next incident will occur
AI can compare actual incident response steps against runbook steps and propose targeted edits
AI can guarantee that on-call engineers will follow the updated runbook
AI can automatically deploy runbook changes to production systems

A runbook step says: 'Check the error logs and determine if the issue is related to the database connection.' Why might an AI-assisted update change this step?

The step should be removed because error logs are not useful
The step should be expanded with more technical background
The step requires interpretation and judgment at a time when responders are tired and stressed
The step is too detailed and takes too long to execute

What is the primary goal of 'runbook iteration' as described in this lesson?

Continuously narrowing the gap between documented procedures and actual incident response behavior
Reducing the number of incidents that occur
Replacing human on-call engineers with automated systems
Creating the most comprehensive technical documentation possible

After an AI-assisted runbook update, a senior engineer says the team should schedule a drill before shipping the updated runbook. Why is this advice consistent with the lesson?

Because runbook iteration without practice produces a panicked on-call who has not built muscle memory
Because compliance requires quarterly drills
Because the updated runbook is not yet approved by management
Because the AI might have made errors that need human verification

What does it mean for a runbook to have '3am readability'?

The runbook includes jokes to keep the reader awake
The runbook is no longer than three pages
The runbook is formatted to be read in dim lighting
The runbook uses short steps, copy-paste commands, and explicit decision points to minimize cognitive load

An AI system flags that a runbook step was followed but produced an unexpected result. What should happen to the runbook?

The runbook step should be deleted since it is unreliable
No change is needed since the step was followed correctly
The runbook should be updated to note the unexpected result and provide guidance for that scenario
The on-call engineer should be retrained on that step

AI Runbook Iteration From Incidents: Closing the Gap the Outage Just Exposed

The premise

What AI does well here

What AI cannot do

End-of-lesson check

AI Runbook Iteration From Incidents: Closing the Gap the Outage Just Exposed

The premise

What AI does well here

What AI cannot do

End-of-lesson check