feat: implement incident response playbook with tests and docs

README.md

@@ -2,6 +2,16 @@
 
 Express API for the TalentTrust decentralized freelancer escrow protocol. Handles contract metadata, reputation, and integration with Stellar/Soroban.
 
+## Incident Response Playbook
+
+The backend now exposes responder-ready incident runbooks for outage triage, recovery, and postmortems.
+
+- `GET /api/v1/incident-response` returns the available runbook summaries
+- `GET /api/v1/incident-response/:runbookId` returns a full runbook
+- Supported runbooks: `api-outage`, `data-integrity`, `security-breach`
+
+Detailed reviewer-oriented documentation lives in [docs/backend/incident-response-playbook.md](/Users/mac/Documents/github/wave/Talenttrust-Backend/docs/backend/incident-response-playbook.md).
+
 ## Prerequisites
 
 - Node.js 18+
@@ -23,6 +33,9 @@ npm run build
 # Run tests
 npm test
 
+# Run tests with coverage
+npm test -- --coverage
+
 # Start dev server (with hot reload)
 npm run dev
 
@@ -40,6 +53,12 @@ npm start
 | `npm test`      | Run Jest tests                 |
 | `npm run lint`  | Run ESLint                     |
 
+## Security Notes
+
+- Runbook identifiers are validated to accept only lowercase letters, numbers, and hyphens.
+- Recovery guidance explicitly avoids bypassing authentication, rate limiting, and audit controls.
+- Security-sensitive incidents require evidence preservation, least-privilege recovery access, and controlled communications.
+
 ## Contributing
 
 1. Fork the repo and create a branch from `main`.

docs/backend/incident-response-playbook.md

@@ -0,0 +1,39 @@
+# Incident Response Playbook
+
+This backend exposes responder-facing incident runbooks at `GET /api/v1/incident-response` and `GET /api/v1/incident-response/:runbookId`.
+
+## Scope
+
+- Outage triage
+- Recovery execution
+- Postmortem follow-up
+- Security constraints during incident handling
+
+## Runbooks
+
+### `api-outage`
+
+- Use for widespread API unavailability, elevated latency, or sustained 5xx errors.
+- Prioritize blast-radius confirmation, rollback or failover, and a stable observation window before closing the incident.
+
+### `data-integrity`
+
+- Use for corruption, missing data, duplicated records, or reconciliation drift.
+- Prioritize evidence preservation, write containment, verified restore paths, and dual-review for repair actions.
+
+### `security-breach`
+
+- Use for suspected compromise, unauthorized access, or credential exposure.
+- Prioritize containment, credential rotation, rebuild from trusted images, and controlled communications.
+
+## Security Notes
+
+- Reject malformed runbook identifiers to avoid path-style abuse and undefined lookups.
+- Keep incident artifacts and raw logs confidential because they may contain sensitive customer or operational data.
+- Do not weaken authentication, rate limiting, or audit controls to speed up recovery.
+
+## Review Guidance
+
+- Runbook content is versioned with the backend so API clients and docs stay aligned.
+- `lastReviewed` should be updated whenever runbook steps or security assumptions change.
+- Add new runbooks through `src/incidentResponse.data.ts` and extend tests before exposing them.