# Incident Response

RAX Protocol includes monitoring and alerting mechanisms designed to surface abnormal conditions and potential incidents.

***

#### What Constitutes an Incident <a href="#id-8482ed68-ddae-488d-8d11-06cf159433ca" id="id-8482ed68-ddae-488d-8d11-06cf159433ca"></a>

An incident may include severe liquidity stress, rapid increases in Risk Scores, persistent high-severity alerts, widespread anomalies, or infrastructure disruptions.

#### Detection <a href="#id-1454eb85-d3ac-4a08-bb3c-4f919c85f8b5" id="id-1454eb85-d3ac-4a08-bb3c-4f919c85f8b5"></a>

RAX detects incidents through real-time monitoring, risk threshold breaches, anomaly detection in the decision cycle, and emergency trigger activation. When an incident is detected, alerts are generated according to configured severity levels.

#### System Response <a href="#id-9a56ca66-d088-491f-a789-8818c8186c4a" id="id-9a56ca66-d088-491f-a789-8818c8186c4a"></a>

Upon detecting an incident, RAX may increase alert frequency, highlight affected positions, apply more conservative behavior through mandate enforcement, restrict allocation suggestions to lower-risk positions, and — in critical cases — trigger an automatic emergency stop that pauses the vault on-chain.

#### User Responsibilities During an Incident <a href="#e1346198-95ce-48f9-bbf6-af0dad6a644a" id="e1346198-95ce-48f9-bbf6-af0dad6a644a"></a>

During elevated risk conditions, users should review alerts and supporting metrics, avoid increasing exposure without thorough analysis, reassess risk constraints and strategy profiles, use simulations to evaluate downside scenarios, and apply independent judgment.

#### Communication <a href="#id-7b7cee24-2036-43a3-8cbe-4a98720eec1d" id="id-7b7cee24-2036-43a3-8cbe-4a98720eec1d"></a>

Significant incidents affecting system-wide behavior may be communicated through in-app notifications, documentation updates, and public communication channels. Transparency is prioritized.

#### Limitations <a href="#id-1d218d91-b97a-4f72-a9d1-7fae80a08155" id="id-1d218d91-b97a-4f72-a9d1-7fae80a08155"></a>

Incident detection does not guarantee prevention of losses. RAX may not detect all incidents in advance, particularly those involving novel or unprecedented conditions.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.raxprotocol.xyz/security/incident-response.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.