Amazon Capabilities
Naftiko 0.5 capability definitions for Amazon - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Advertising Campaign Metrics
▼
advertising marketing analytics
Retrieves performance metrics for an Amazon Advertising campaign including impressions, clicks, and spend.
naftiko: "0.5"
info:
label: "Advertising Campaign Metrics"
description: "Retrieves performance metrics for an Amazon Advertising campaign including impressions, clicks, and spend."
tags:
- advertising
- marketing
- analytics
capability:
exposes:
- type: mcp
namespace: ads-metrics
port: 8080
tools:
- name: get-campaign-metrics
description: "Fetch performance metrics for a given Amazon Advertising campaign. Returns impressions, clicks, CTR, and spend."
inputParameters:
- name: campaign_id
in: body
type: string
description: "The Amazon Advertising campaign ID to retrieve metrics for."
- name: date_range
in: body
type: string
description: "The date range for metrics, e.g. last-7-days."
call: "ads-api.get-campaign-report"
with:
campaign_id: "{{campaign_id}}"
date_range: "{{date_range}}"
outputParameters:
- name: impressions
type: number
mapping: "$.metrics.impressions"
- name: clicks
type: number
mapping: "$.metrics.clicks"
- name: spend
type: number
mapping: "$.metrics.cost"
consumes:
- namespace: ads-api
type: http
baseUri: "https://advertising-api.amazon.com/v3"
authentication:
type: bearer
token: "$secrets.amazon_ads_token"
resources:
- name: campaigns
path: "/campaigns/{campaign_id}/report"
inputParameters:
- name: campaign_id
in: path
- name: date_range
in: query
operations:
- name: get-campaign-report
method: GET
Advertising Spend Anomaly Detector
▼
advertising finops cost-management marketing slack
Monitors Amazon Advertising campaign spend against budget thresholds, pauses overspending campaigns, and notifies the marketing team via Slack.
naftiko: "0.5"
info:
label: "Advertising Spend Anomaly Detector"
description: "Monitors Amazon Advertising campaign spend against budget thresholds, pauses overspending campaigns, and notifies the marketing team via Slack."
tags:
- advertising
- finops
- cost-management
- marketing
- slack
capability:
exposes:
- type: mcp
namespace: ads-anomaly
port: 8080
tools:
- name: detect-spend-anomaly
description: "Check advertising campaign spend against budget, pause campaigns exceeding threshold, and alert the marketing team."
inputParameters:
- name: campaign_id
in: body
type: string
description: "The Amazon Advertising campaign ID to monitor."
- name: budget_threshold
in: body
type: number
description: "The daily budget threshold in USD."
- name: slack_channel
in: body
type: string
description: "The Slack channel for marketing alerts."
steps:
- name: get-spend
type: call
call: "ads-spend.get-campaign-spend"
with:
campaign_id: "{{campaign_id}}"
- name: pause-campaign
type: call
call: "ads-spend.update-campaign-status"
with:
campaign_id: "{{campaign_id}}"
status: "PAUSED"
- name: alert-team
type: call
call: "slack-ads.post-message"
with:
channel: "{{slack_channel}}"
text: "Spend Alert: Campaign {{campaign_id}} spend ${{get-spend.daily_spend}} exceeded budget ${{budget_threshold}}. Campaign paused."
consumes:
- namespace: ads-spend
type: http
baseUri: "https://advertising-api.amazon.com/v3"
authentication:
type: bearer
token: "$secrets.amazon_ads_token"
resources:
- name: campaign-spend
path: "/campaigns/{campaign_id}/spend"
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-campaign-spend
method: GET
- name: campaign-status
path: "/campaigns/{campaign_id}"
inputParameters:
- name: campaign_id
in: path
- name: status
in: body
operations:
- name: update-campaign-status
method: PUT
- namespace: slack-ads
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
AI-Assisted Document Summarization
▼
ai knowledge-management confluence anthropic slack
Fetches a Confluence page by ID, sends the content to the Anthropic Claude API for summarization, and posts the executive summary to a Slack channel.
naftiko: "0.5"
info:
label: "AI-Assisted Document Summarization"
description: "Fetches a Confluence page by ID, sends the content to the Anthropic Claude API for summarization, and posts the executive summary to a Slack channel."
tags:
- ai
- knowledge-management
- confluence
- anthropic
- slack
capability:
exposes:
- type: mcp
namespace: ai-summarize
port: 8080
tools:
- name: summarize-confluence-page
description: "Given a Confluence page ID and a Slack channel, fetch the page content from Confluence, send it to the Anthropic Claude API for a concise executive summary, and post the result to Slack."
inputParameters:
- name: page_id
in: body
type: string
description: "The Confluence page ID to fetch and summarize."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the AI-generated summary will be posted."
steps:
- name: get-page
type: call
call: "confluence-ai.get-page"
with:
page_id: "{{page_id}}"
- name: generate-summary
type: call
call: "anthropic-ai.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 300
system: "You are a technical writer. Produce a concise 3-sentence executive summary of the following document."
user_message: "{{get-page.body}}"
- name: post-summary
type: call
call: "slack-ai.post-message"
with:
channel: "{{slack_channel}}"
text: "AI Summary of '{{get-page.title}}': {{generate-summary.content}}"
consumes:
- namespace: confluence-ai
type: http
baseUri: "https://amazon.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: page
path: "/content/{page_id}"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
- namespace: anthropic-ai
type: http
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- namespace: slack-ai
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Alexa Skill Status Check
▼
voice alexa smart-home
Checks the publication status of an Alexa skill by skill ID and returns its current certification state.
naftiko: "0.5"
info:
label: "Alexa Skill Status Check"
description: "Checks the publication status of an Alexa skill by skill ID and returns its current certification state."
tags:
- voice
- alexa
- smart-home
capability:
exposes:
- type: mcp
namespace: alexa-status
port: 8080
tools:
- name: get-skill-status
description: "Given an Alexa skill ID, return its current publication and certification status."
inputParameters:
- name: skill_id
in: body
type: string
description: "The Alexa skill ID to check status for."
call: "alexa-api.get-skill-status"
with:
skill_id: "{{skill_id}}"
outputParameters:
- name: status
type: string
mapping: "$.manifest.lastUpdateRequest.status"
consumes:
- namespace: alexa-api
type: http
baseUri: "https://api.amazonalexa.com/v1"
authentication:
type: bearer
token: "$secrets.alexa_developer_token"
resources:
- name: skill
path: "/skills/{skill_id}/status"
inputParameters:
- name: skill_id
in: path
operations:
- name: get-skill-status
method: GET
Alexa Skill Usage Analytics Digest
▼
voice alexa analytics slack
Pulls usage metrics for an Alexa skill, generates a weekly digest, and posts the summary to a Slack channel.
naftiko: "0.5"
info:
label: "Alexa Skill Usage Analytics Digest"
description: "Pulls usage metrics for an Alexa skill, generates a weekly digest, and posts the summary to a Slack channel."
tags:
- voice
- alexa
- analytics
- slack
capability:
exposes:
- type: mcp
namespace: alexa-analytics
port: 8080
tools:
- name: generate-usage-digest
description: "Generate a weekly usage analytics digest for an Alexa skill and post it to Slack."
inputParameters:
- name: skill_id
in: body
type: string
description: "The Alexa skill ID to pull usage metrics for."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to post the digest to."
steps:
- name: get-usage-metrics
type: call
call: "alexa-metrics.get-skill-metrics"
with:
skill_id: "{{skill_id}}"
metric: "uniqueCustomers,totalSessions"
- name: post-digest
type: call
call: "slack-alexa.post-message"
with:
channel: "{{slack_channel}}"
text: "Alexa Skill Weekly Digest ({{skill_id}}): Unique customers: {{get-usage-metrics.unique_customers}}, Total sessions: {{get-usage-metrics.total_sessions}}"
consumes:
- namespace: alexa-metrics
type: http
baseUri: "https://api.amazonalexa.com/v1"
authentication:
type: bearer
token: "$secrets.alexa_developer_token"
resources:
- name: metrics
path: "/skills/{skill_id}/metrics"
inputParameters:
- name: skill_id
in: path
- name: metric
in: query
operations:
- name: get-skill-metrics
method: GET
- namespace: slack-alexa
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Amazon Q Knowledge Base Sync
▼
ai knowledge-management aws amazon-q confluence slack
Syncs content from Confluence into an Amazon Q knowledge base index, triggers a re-index, and posts sync status to Slack.
naftiko: "0.5"
info:
label: "Amazon Q Knowledge Base Sync"
description: "Syncs content from Confluence into an Amazon Q knowledge base index, triggers a re-index, and posts sync status to Slack."
tags:
- ai
- knowledge-management
- aws
- amazon-q
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: q-kb-sync
port: 8080
tools:
- name: sync-knowledge-base
description: "Pull content from Confluence, sync it to an Amazon Q knowledge base, and report status to Slack."
inputParameters:
- name: confluence_space
in: body
type: string
description: "The Confluence space key to sync from."
- name: index_id
in: body
type: string
description: "The Amazon Q index ID to sync to."
- name: slack_channel
in: body
type: string
description: "Slack channel for sync notifications."
steps:
- name: get-space-content
type: call
call: "confluence-q.get-space-content"
with:
space_key: "{{confluence_space}}"
- name: start-sync
type: call
call: "q-api.start-data-source-sync"
with:
index_id: "{{index_id}}"
data_source_id: "confluence-{{confluence_space}}"
- name: notify-sync
type: call
call: "slack-q.post-message"
with:
channel: "{{slack_channel}}"
text: "Amazon Q KB Sync started for index {{index_id}} from Confluence space {{confluence_space}}. Sync execution: {{start-sync.execution_id}}."
consumes:
- namespace: confluence-q
type: http
baseUri: "https://amazon.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: space
path: "/space/{space_key}/content"
inputParameters:
- name: space_key
in: path
operations:
- name: get-space-content
method: GET
- namespace: q-api
type: http
baseUri: "https://qbusiness.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_q_token"
placement: header
resources:
- name: data-source-sync
path: "/applications/{index_id}/data-sources/{data_source_id}/sync"
inputParameters:
- name: index_id
in: path
- name: data_source_id
in: path
operations:
- name: start-data-source-sync
method: POST
- namespace: slack-q
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
API Gateway Throttling Adjuster
▼
cloud api-management aws api-gateway cloudwatch dynamodb
Monitors API Gateway 429 error rates via CloudWatch, adjusts throttling limits, and logs the changes to DynamoDB.
naftiko: "0.5"
info:
label: "API Gateway Throttling Adjuster"
description: "Monitors API Gateway 429 error rates via CloudWatch, adjusts throttling limits, and logs the changes to DynamoDB."
tags:
- cloud
- api-management
- aws
- api-gateway
- cloudwatch
- dynamodb
capability:
exposes:
- type: mcp
namespace: apigw-throttle
port: 8080
tools:
- name: adjust-throttling
description: "Monitor API Gateway 429 rates, adjust throttling limits if needed, and log the change."
inputParameters:
- name: api_id
in: body
type: string
description: "The API Gateway API ID."
- name: stage_name
in: body
type: string
description: "The API Gateway stage name."
- name: new_rate_limit
in: body
type: number
description: "The new requests-per-second rate limit."
steps:
- name: get-429-rate
type: call
call: "cw-apigw.get-metric-data"
with:
namespace: "AWS/ApiGateway"
metric_name: "4XXError"
api_id: "{{api_id}}"
- name: update-throttle
type: call
call: "apigw-api.update-stage"
with:
api_id: "{{api_id}}"
stage_name: "{{stage_name}}"
rate_limit: "{{new_rate_limit}}"
- name: log-change
type: call
call: "dynamo-apigw.put-item"
with:
table_name: "apigw-throttle-changes"
api_id: "{{api_id}}"
previous_429_rate: "{{get-429-rate.sum}}"
new_rate_limit: "{{new_rate_limit}}"
consumes:
- namespace: cw-apigw
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: get-metric-data
method: POST
- namespace: apigw-api
type: http
baseUri: "https://apigateway.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_apigw_token"
placement: header
resources:
- name: stage
path: "/restapis/{api_id}/stages/{stage_name}"
inputParameters:
- name: api_id
in: path
- name: stage_name
in: path
operations:
- name: update-stage
method: PATCH
- namespace: dynamo-apigw
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
Athena Query Cost Tracker
▼
cloud analytics cost-management aws athena dynamodb slack
Monitors Athena query execution costs by tracking data scanned, logs expensive queries to DynamoDB, and alerts the data team via Slack.
naftiko: "0.5"
info:
label: "Athena Query Cost Tracker"
description: "Monitors Athena query execution costs by tracking data scanned, logs expensive queries to DynamoDB, and alerts the data team via Slack."
tags:
- cloud
- analytics
- cost-management
- aws
- athena
- dynamodb
- slack
capability:
exposes:
- type: mcp
namespace: athena-cost
port: 8080
tools:
- name: track-query-cost
description: "Check an Athena query execution for data scanned, log expensive queries, and alert the data team."
inputParameters:
- name: query_execution_id
in: body
type: string
description: "The Athena query execution ID to track."
- name: cost_threshold_gb
in: body
type: number
description: "Data scanned threshold in GB that triggers an alert."
- name: slack_channel
in: body
type: string
description: "Slack channel for data cost alerts."
steps:
- name: get-query-execution
type: call
call: "athena-api.get-query-execution"
with:
query_execution_id: "{{query_execution_id}}"
- name: log-expensive-query
type: call
call: "dynamo-athena.put-item"
with:
table_name: "athena-cost-tracking"
query_id: "{{query_execution_id}}"
data_scanned_bytes: "{{get-query-execution.data_scanned}}"
status: "{{get-query-execution.status}}"
- name: alert-team
type: call
call: "slack-athena.post-message"
with:
channel: "{{slack_channel}}"
text: "Athena Cost Alert: Query {{query_execution_id}} scanned {{get-query-execution.data_scanned}} bytes. Status: {{get-query-execution.status}}."
consumes:
- namespace: athena-api
type: http
baseUri: "https://athena.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_athena_token"
placement: header
resources:
- name: query
path: "/"
operations:
- name: get-query-execution
method: POST
- namespace: dynamo-athena
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
- namespace: slack-athena
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Bedrock Model Invocation Monitor
▼
ai generative-ai monitoring aws bedrock dynamodb slack
Tracks Amazon Bedrock foundation model invocation metrics, logs usage patterns to DynamoDB, and posts a usage digest to Slack.
naftiko: "0.5"
info:
label: "Bedrock Model Invocation Monitor"
description: "Tracks Amazon Bedrock foundation model invocation metrics, logs usage patterns to DynamoDB, and posts a usage digest to Slack."
tags:
- ai
- generative-ai
- monitoring
- aws
- bedrock
- dynamodb
- slack
capability:
exposes:
- type: mcp
namespace: bedrock-monitor
port: 8080
tools:
- name: monitor-model-usage
description: "Track Bedrock model invocations, log usage to DynamoDB, and post a digest to Slack."
inputParameters:
- name: model_id
in: body
type: string
description: "The Bedrock model ID to monitor, e.g. anthropic.claude-v2."
- name: slack_channel
in: body
type: string
description: "Slack channel for usage digests."
steps:
- name: get-invocation-metrics
type: call
call: "cw-bedrock.get-metric-data"
with:
namespace: "AWS/Bedrock"
metric_name: "Invocations"
model_id: "{{model_id}}"
- name: log-usage
type: call
call: "dynamo-bedrock.put-item"
with:
table_name: "bedrock-usage-log"
model_id: "{{model_id}}"
invocation_count: "{{get-invocation-metrics.sum}}"
- name: post-digest
type: call
call: "slack-bedrock.post-message"
with:
channel: "{{slack_channel}}"
text: "Bedrock Usage Digest: Model {{model_id}} - {{get-invocation-metrics.sum}} invocations in the last 24 hours."
consumes:
- namespace: cw-bedrock
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: get-metric-data
method: POST
- namespace: dynamo-bedrock
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
- namespace: slack-bedrock
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
CI/CD Pipeline Failure Response
▼
devops ci-cd incident-response github jira datadog slack
When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts a Datadog deployment event marker, and alerts the engineering team Slack channel.
naftiko: "0.5"
info:
label: "CI/CD Pipeline Failure Response"
description: "When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts a Datadog deployment event marker, and alerts the engineering team Slack channel."
tags:
- devops
- ci-cd
- incident-response
- github
- jira
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: devops-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions pipeline failure event with project, branch, commit SHA, and log URL, create a Jira bug, post a Datadog deployment marker, and alert the Slack engineering channel."
inputParameters:
- name: project
in: body
type: string
description: "The GitHub repository name where the pipeline failed, e.g. amazon/platform-core."
- name: branch
in: body
type: string
description: "The branch name where the pipeline failure occurred."
- name: commit_sha
in: body
type: string
description: "The git commit SHA that triggered the failed pipeline run."
- name: failed_job
in: body
type: string
description: "The name of the specific job that failed in the workflow."
- name: log_url
in: body
type: string
description: "The URL to the failed pipeline run logs in GitHub Actions."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for engineering alerts."
steps:
- name: create-bug
type: call
call: "jira-devops.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{project}} / {{branch}} — {{failed_job}}"
description: "Commit: {{commit_sha}}\nLog: {{log_url}}"
- name: create-dd-event
type: call
call: "datadog.create-event"
with:
title: "Pipeline failure: {{project}} on {{branch}}"
text: "Job {{failed_job}} failed. Commit: {{commit_sha}}"
alert_type: "error"
- name: post-alert
type: call
call: "slack-devops.post-message"
with:
channel: "{{slack_channel}}"
text: "Pipeline Failure: {{project}} | Branch: {{branch}} | Job: {{failed_job}} | Jira: {{create-bug.key}} | Log: {{log_url}}"
consumes:
- namespace: jira-devops
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: datadog
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: event
path: "/events"
operations:
- name: create-event
method: POST
- namespace: slack-devops
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Cloud Cost Anomaly Responder
▼
cloud finops cost-management datadog jira slack
Queries Datadog for cloud cost anomalies exceeding a threshold, creates a Jira cost-investigation ticket, and posts a summary to the FinOps Slack channel.
naftiko: "0.5"
info:
label: "Cloud Cost Anomaly Responder"
description: "Queries Datadog for cloud cost anomalies exceeding a threshold, creates a Jira cost-investigation ticket, and posts a summary to the FinOps Slack channel."
tags:
- cloud
- finops
- cost-management
- datadog
- jira
- slack
capability:
exposes:
- type: mcp
namespace: finops-ops
port: 8080
tools:
- name: handle-cost-anomaly
description: "Given a cost anomaly metric query and threshold, fetch Datadog metrics to confirm the anomaly, open a Jira cost-investigation ticket, and post a FinOps Slack alert."
inputParameters:
- name: metric_query
in: body
type: string
description: "The Datadog metrics query string identifying the cost metric, e.g. aws.ec2.estimated_charges."
- name: threshold
in: body
type: number
description: "The cost threshold in USD above which an anomaly is declared."
- name: jira_project_key
in: body
type: string
description: "The Jira project key for the cost-investigation ticket, e.g. FINOPS."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the FinOps alert notification."
steps:
- name: query-metrics
type: call
call: "datadog-cost.query-metrics"
with:
query: "{{metric_query}}"
- name: create-ticket
type: call
call: "jira-cost.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Task"
summary: "Cost anomaly detected: {{metric_query}} exceeded ${{threshold}}"
description: "Datadog query result: {{query-metrics.value}}"
- name: post-finops-alert
type: call
call: "slack-cost.post-message"
with:
channel: "{{slack_channel}}"
text: "Cost Anomaly: {{metric_query}} = {{query-metrics.value}} (threshold: ${{threshold}}). Jira: {{create-ticket.key}}"
consumes:
- namespace: datadog-cost
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- namespace: jira-cost
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-cost
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
CloudFormation Stack Status
▼
cloud infrastructure aws cloudformation
Describes a CloudFormation stack and returns its current status, outputs, and last updated timestamp.
naftiko: "0.5"
info:
label: "CloudFormation Stack Status"
description: "Describes a CloudFormation stack and returns its current status, outputs, and last updated timestamp."
tags:
- cloud
- infrastructure
- aws
- cloudformation
capability:
exposes:
- type: mcp
namespace: cfn-status
port: 8080
tools:
- name: describe-stack
description: "Get the status, outputs, and last update time for a CloudFormation stack."
inputParameters:
- name: stack_name
in: body
type: string
description: "The CloudFormation stack name or ARN to describe."
call: "cfn-api.describe-stack"
with:
stack_name: "{{stack_name}}"
outputParameters:
- name: stack_status
type: string
mapping: "$.Stacks[0].StackStatus"
- name: outputs
type: array
mapping: "$.Stacks[0].Outputs"
consumes:
- namespace: cfn-api
type: http
baseUri: "https://cloudformation.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cfn_token"
placement: header
resources:
- name: stack
path: "/"
inputParameters:
- name: stack_name
in: query
operations:
- name: describe-stack
method: GET
CloudFront Cache Invalidation Workflow
▼
cloud cdn deployment aws cloudfront slack
Creates a CloudFront cache invalidation after a deployment, monitors its completion, and notifies the engineering team via Slack.
naftiko: "0.5"
info:
label: "CloudFront Cache Invalidation Workflow"
description: "Creates a CloudFront cache invalidation after a deployment, monitors its completion, and notifies the engineering team via Slack."
tags:
- cloud
- cdn
- deployment
- aws
- cloudfront
- slack
capability:
exposes:
- type: mcp
namespace: cf-invalidation
port: 8080
tools:
- name: invalidate-and-notify
description: "Create a CloudFront cache invalidation for specified paths, check completion status, and notify the team via Slack."
inputParameters:
- name: distribution_id
in: body
type: string
description: "The CloudFront distribution ID to invalidate."
- name: paths
in: body
type: string
description: "Comma-separated list of paths to invalidate, e.g. /index.html,/assets/*."
- name: slack_channel
in: body
type: string
description: "Slack channel for invalidation notifications."
steps:
- name: create-invalidation
type: call
call: "cf-api.create-invalidation"
with:
distribution_id: "{{distribution_id}}"
paths: "{{paths}}"
- name: check-status
type: call
call: "cf-api.get-invalidation"
with:
distribution_id: "{{distribution_id}}"
invalidation_id: "{{create-invalidation.invalidation_id}}"
- name: notify-team
type: call
call: "slack-cf.post-message"
with:
channel: "{{slack_channel}}"
text: "CloudFront Invalidation {{create-invalidation.invalidation_id}} for distribution {{distribution_id}}: Status {{check-status.status}}. Paths: {{paths}}"
consumes:
- namespace: cf-api
type: http
baseUri: "https://cloudfront.amazonaws.com/2020-05-31"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudfront_token"
placement: header
resources:
- name: invalidation
path: "/distribution/{distribution_id}/invalidation"
inputParameters:
- name: distribution_id
in: path
- name: paths
in: body
operations:
- name: create-invalidation
method: POST
- name: invalidation-status
path: "/distribution/{distribution_id}/invalidation/{invalidation_id}"
inputParameters:
- name: distribution_id
in: path
- name: invalidation_id
in: path
operations:
- name: get-invalidation
method: GET
- namespace: slack-cf
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
CloudTrail Suspicious Activity Alerter
▼
cloud security monitoring aws cloudtrail security-hub pagerduty
Queries CloudTrail for suspicious API activity patterns, creates a finding in Security Hub, and alerts the SOC team via PagerDuty.
naftiko: "0.5"
info:
label: "CloudTrail Suspicious Activity Alerter"
description: "Queries CloudTrail for suspicious API activity patterns, creates a finding in Security Hub, and alerts the SOC team via PagerDuty."
tags:
- cloud
- security
- monitoring
- aws
- cloudtrail
- security-hub
- pagerduty
capability:
exposes:
- type: mcp
namespace: cloudtrail-alert
port: 8080
tools:
- name: detect-suspicious-activity
description: "Query CloudTrail for suspicious patterns, create a Security Hub finding, and page the SOC team."
inputParameters:
- name: event_name
in: body
type: string
description: "The CloudTrail event name to search for, e.g. ConsoleLogin."
- name: time_range_hours
in: body
type: number
description: "Number of hours to look back for events."
steps:
- name: lookup-events
type: call
call: "cloudtrail-api.lookup-events"
with:
event_name: "{{event_name}}"
time_range_hours: "{{time_range_hours}}"
- name: create-finding
type: call
call: "securityhub-api.batch-import-findings"
with:
title: "Suspicious Activity: {{event_name}}"
description: "{{lookup-events.event_count}} occurrences of {{event_name}} in the last {{time_range_hours}} hours."
severity: "HIGH"
- name: page-soc
type: call
call: "pagerduty-ct.create-incident"
with:
service_id: "SOC_SERVICE"
title: "CloudTrail Alert: {{lookup-events.event_count}} suspicious {{event_name}} events detected."
consumes:
- namespace: cloudtrail-api
type: http
baseUri: "https://cloudtrail.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudtrail_token"
placement: header
resources:
- name: events
path: "/"
operations:
- name: lookup-events
method: POST
- namespace: securityhub-api
type: http
baseUri: "https://securityhub.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_securityhub_token"
placement: header
resources:
- name: findings
path: "/findings/import"
operations:
- name: batch-import-findings
method: POST
- namespace: pagerduty-ct
type: http
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident
path: "/incidents"
operations:
- name: create-incident
method: POST
CloudWatch Metric Query
▼
cloud monitoring aws cloudwatch
Queries a specific CloudWatch metric for a given namespace and returns the latest data points.
naftiko: "0.5"
info:
label: "CloudWatch Metric Query"
description: "Queries a specific CloudWatch metric for a given namespace and returns the latest data points."
tags:
- cloud
- monitoring
- aws
- cloudwatch
capability:
exposes:
- type: mcp
namespace: cw-metrics
port: 8080
tools:
- name: get-metric-data
description: "Retrieve the latest data points for a specific CloudWatch metric. Use to check resource utilization or operational health."
inputParameters:
- name: namespace
in: body
type: string
description: "The CloudWatch metric namespace, e.g. AWS/EC2."
- name: metric_name
in: body
type: string
description: "The name of the metric to query, e.g. CPUUtilization."
- name: period
in: body
type: number
description: "The granularity in seconds for the metric data points."
call: "cloudwatch-api.get-metric-data"
with:
namespace: "{{namespace}}"
metric_name: "{{metric_name}}"
period: "{{period}}"
outputParameters:
- name: datapoints
type: array
mapping: "$.MetricDataResults[0].Values"
consumes:
- namespace: cloudwatch-api
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric-data
path: "/"
inputParameters:
- name: namespace
in: query
- name: metric_name
in: query
- name: period
in: query
operations:
- name: get-metric-data
method: POST
CodePipeline Deployment Tracker
▼
cloud cicd deployment aws codepipeline slack
Monitors an AWS CodePipeline execution, fetches stage results, and posts a deployment summary to Slack with pass/fail status.
naftiko: "0.5"
info:
label: "CodePipeline Deployment Tracker"
description: "Monitors an AWS CodePipeline execution, fetches stage results, and posts a deployment summary to Slack with pass/fail status."
tags:
- cloud
- cicd
- deployment
- aws
- codepipeline
- slack
capability:
exposes:
- type: mcp
namespace: codepipeline-track
port: 8080
tools:
- name: track-deployment
description: "Monitor a CodePipeline execution, gather stage results, and post a deployment summary to Slack."
inputParameters:
- name: pipeline_name
in: body
type: string
description: "The CodePipeline pipeline name."
- name: execution_id
in: body
type: string
description: "The pipeline execution ID to track."
- name: slack_channel
in: body
type: string
description: "Slack channel for deployment updates."
steps:
- name: get-execution
type: call
call: "cp-api.get-pipeline-execution"
with:
pipeline_name: "{{pipeline_name}}"
execution_id: "{{execution_id}}"
- name: get-stage-states
type: call
call: "cp-api.get-pipeline-state"
with:
pipeline_name: "{{pipeline_name}}"
- name: post-summary
type: call
call: "slack-cp.post-message"
with:
channel: "{{slack_channel}}"
text: "Deployment {{execution_id}} for {{pipeline_name}}: Status {{get-execution.status}}. Stages: {{get-stage-states.stage_count}} total."
consumes:
- namespace: cp-api
type: http
baseUri: "https://codepipeline.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_codepipeline_token"
placement: header
resources:
- name: execution
path: "/"
operations:
- name: get-pipeline-execution
method: POST
- name: state
path: "/"
operations:
- name: get-pipeline-state
method: POST
- namespace: slack-cp
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Cognito User Provisioning Workflow
▼
cloud identity aws cognito ses
Creates a new user in Amazon Cognito, assigns them to appropriate groups, and sends a welcome email via SES with temporary credentials.
naftiko: "0.5"
info:
label: "Cognito User Provisioning Workflow"
description: "Creates a new user in Amazon Cognito, assigns them to appropriate groups, and sends a welcome email via SES with temporary credentials."
tags:
- cloud
- identity
- aws
- cognito
- ses
capability:
exposes:
- type: mcp
namespace: cognito-provision
port: 8080
tools:
- name: provision-user
description: "Create a Cognito user, assign to groups, and send a welcome email with temporary credentials."
inputParameters:
- name: user_pool_id
in: body
type: string
description: "The Cognito user pool ID."
- name: username
in: body
type: string
description: "The username to create."
- name: email
in: body
type: string
description: "The user email address."
- name: group_name
in: body
type: string
description: "The Cognito group to assign the user to."
steps:
- name: create-user
type: call
call: "cognito-api.admin-create-user"
with:
user_pool_id: "{{user_pool_id}}"
username: "{{username}}"
email: "{{email}}"
- name: add-to-group
type: call
call: "cognito-api.admin-add-user-to-group"
with:
user_pool_id: "{{user_pool_id}}"
username: "{{username}}"
group_name: "{{group_name}}"
- name: send-welcome
type: call
call: "ses-cognito.send-email"
with:
to: "{{email}}"
subject: "Welcome to Amazon - Your Account is Ready"
body: "Hello {{username}}, your account has been created. Temporary password: {{create-user.temporary_password}}. You will be prompted to change it on first login."
consumes:
- namespace: cognito-api
type: http
baseUri: "https://cognito-idp.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cognito_token"
placement: header
resources:
- name: user
path: "/"
operations:
- name: admin-create-user
method: POST
- name: admin-add-user-to-group
method: POST
- namespace: ses-cognito
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Config Compliance Remediator
▼
cloud compliance security aws config ssm slack
Fetches non-compliant AWS Config rule evaluations, triggers SSM Automation remediation, and posts the remediation status to Slack.
naftiko: "0.5"
info:
label: "Config Compliance Remediator"
description: "Fetches non-compliant AWS Config rule evaluations, triggers SSM Automation remediation, and posts the remediation status to Slack."
tags:
- cloud
- compliance
- security
- aws
- config
- ssm
- slack
capability:
exposes:
- type: mcp
namespace: config-remediate
port: 8080
tools:
- name: remediate-non-compliant
description: "Fetch non-compliant Config evaluations, trigger SSM remediation, and report status to Slack."
inputParameters:
- name: config_rule_name
in: body
type: string
description: "The AWS Config rule name to check."
- name: ssm_document_name
in: body
type: string
description: "The SSM Automation document for remediation."
- name: slack_channel
in: body
type: string
description: "Slack channel for compliance notifications."
steps:
- name: get-compliance
type: call
call: "config-api.get-compliance-details"
with:
config_rule_name: "{{config_rule_name}}"
- name: start-remediation
type: call
call: "ssm-api.start-automation-execution"
with:
document_name: "{{ssm_document_name}}"
resource_id: "{{get-compliance.non_compliant_resource}}"
- name: notify-team
type: call
call: "slack-config.post-message"
with:
channel: "{{slack_channel}}"
text: "Config Remediation: Rule {{config_rule_name}} - Resource {{get-compliance.non_compliant_resource}} remediation started. SSM execution: {{start-remediation.execution_id}}."
consumes:
- namespace: config-api
type: http
baseUri: "https://config.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_config_token"
placement: header
resources:
- name: compliance
path: "/"
operations:
- name: get-compliance-details
method: POST
- namespace: ssm-api
type: http
baseUri: "https://ssm.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ssm_token"
placement: header
resources:
- name: automation
path: "/"
operations:
- name: start-automation-execution
method: POST
- namespace: slack-config
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Confluence Runbook Lookup
▼
itsm knowledge-management confluence incident-response
Given a service name, searches the Confluence knowledge base for the relevant runbook page and returns the runbook URL and summary for use during incident response.
naftiko: "0.5"
info:
label: "Confluence Runbook Lookup"
description: "Given a service name, searches the Confluence knowledge base for the relevant runbook page and returns the runbook URL and summary for use during incident response."
tags:
- itsm
- knowledge-management
- confluence
- incident-response
capability:
exposes:
- type: mcp
namespace: kb-lookup
port: 8080
tools:
- name: get-runbook
description: "Given a service name, search Confluence for the relevant runbook page and return the page URL and excerpt. Use during incident triage to quickly surface operational runbooks."
inputParameters:
- name: service_name
in: body
type: string
description: "The service name to search for in Confluence runbooks, e.g. payment-gateway."
call: "confluence.search-content"
with:
cql: "type=page AND title~\"{{service_name}} runbook\""
outputParameters:
- name: runbook_url
type: string
mapping: "$.results[0]._links.webui"
- name: runbook_title
type: string
mapping: "$.results[0].title"
consumes:
- namespace: confluence
type: http
baseUri: "https://amazon.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
inputParameters:
- name: cql
in: query
operations:
- name: search-content
method: GET
Cost Explorer Budget Alert
▼
cloud finops cost-management aws cost-explorer jira slack
Queries AWS Cost Explorer for current month spend by service, compares against budgets, and posts an overspend alert to Slack with a Jira ticket.
naftiko: "0.5"
info:
label: "Cost Explorer Budget Alert"
description: "Queries AWS Cost Explorer for current month spend by service, compares against budgets, and posts an overspend alert to Slack with a Jira ticket."
tags:
- cloud
- finops
- cost-management
- aws
- cost-explorer
- jira
- slack
capability:
exposes:
- type: mcp
namespace: cost-budget
port: 8080
tools:
- name: check-budget-compliance
description: "Query Cost Explorer for current spend, compare against budget, create a Jira ticket if over budget, and post to Slack."
inputParameters:
- name: budget_amount
in: body
type: number
description: "The monthly budget amount in USD."
- name: jira_project_key
in: body
type: string
description: "Jira project key for budget tickets."
- name: slack_channel
in: body
type: string
description: "Slack channel for budget alerts."
steps:
- name: get-cost-data
type: call
call: "ce-api.get-cost-and-usage"
with:
granularity: "MONTHLY"
metrics: "UnblendedCost"
- name: create-ticket
type: call
call: "jira-budget.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Task"
summary: "Budget Alert: Current spend ${{get-cost-data.total_cost}} vs budget ${{budget_amount}}"
- name: post-alert
type: call
call: "slack-budget.post-message"
with:
channel: "{{slack_channel}}"
text: "Budget Alert: Current month spend ${{get-cost-data.total_cost}} against budget ${{budget_amount}}. Jira: {{create-ticket.key}}"
consumes:
- namespace: ce-api
type: http
baseUri: "https://ce.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cost_explorer_token"
placement: header
resources:
- name: cost
path: "/"
operations:
- name: get-cost-and-usage
method: POST
- namespace: jira-budget
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-budget
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Alert Incident Bridge
▼
observability incident-response datadog servicenow pagerduty slack
When a Datadog monitor triggers a critical alert, automatically opens a ServiceNow incident, pages the on-call team via PagerDuty, and posts a war-room Slack message.
naftiko: "0.5"
info:
label: "Datadog Alert Incident Bridge"
description: "When a Datadog monitor triggers a critical alert, automatically opens a ServiceNow incident, pages the on-call team via PagerDuty, and posts a war-room Slack message."
tags:
- observability
- incident-response
- datadog
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: observability-ops
port: 8080
tools:
- name: handle-critical-alert
description: "Given a Datadog monitor ID and alert details, open a ServiceNow incident, trigger a PagerDuty incident for the on-call engineer, and post a war-room message in Slack."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that triggered the alert."
- name: monitor_name
in: body
type: string
description: "The human-readable name of the Datadog monitor."
- name: alert_message
in: body
type: string
description: "The alert body text describing what threshold was breached."
- name: pagerduty_service_key
in: body
type: string
description: "The PagerDuty integration service key for routing the incident."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the war-room notification."
steps:
- name: open-incident
type: call
call: "servicenow-obs.create-incident"
with:
short_description: "Critical alert: {{monitor_name}}"
description: "{{alert_message}}"
urgency: "1"
impact: "1"
- name: page-oncall
type: call
call: "pagerduty.create-incident"
with:
service_key: "{{pagerduty_service_key}}"
description: "Critical Datadog alert: {{monitor_name}}"
incident_key: "dd-{{monitor_id}}"
- name: post-warroom
type: call
call: "slack-obs.post-message"
with:
channel: "{{slack_channel}}"
text: "CRITICAL ALERT: {{monitor_name}} | ServiceNow: {{open-incident.number}} | PagerDuty: {{page-oncall.incident_id}} | {{alert_message}}"
consumes:
- namespace: servicenow-obs
type: http
baseUri: "https://amazon.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
operations:
- name: create-incident
method: POST
- namespace: pagerduty
type: http
baseUri: "https://events.pagerduty.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident
path: "/enqueue"
operations:
- name: create-incident
method: POST
- namespace: slack-obs
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog SLO Burn Rate Alert
▼
observability slo datadog pagerduty slack
Queries Datadog for SLO burn rate on a target service, and if the burn rate exceeds the threshold, pages PagerDuty and posts a remediation link in Slack.
naftiko: "0.5"
info:
label: "Datadog SLO Burn Rate Alert"
description: "Queries Datadog for SLO burn rate on a target service, and if the burn rate exceeds the threshold, pages PagerDuty and posts a remediation link in Slack."
tags:
- observability
- slo
- datadog
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: slo-ops
port: 8080
tools:
- name: handle-slo-burn-alert
description: "Given a Datadog SLO ID and burn rate threshold, check the current SLO burn rate and if it exceeds the threshold, page PagerDuty and alert the Slack ops channel with the SLO status and a remediation link."
inputParameters:
- name: slo_id
in: body
type: string
description: "The Datadog SLO ID to check the burn rate for."
- name: burn_rate_threshold
in: body
type: number
description: "The burn rate multiplier above which an alert is triggered, e.g. 14.4 for a 1-hour burn window."
- name: pagerduty_service_key
in: body
type: string
description: "The PagerDuty integration service key for routing the SLO burn alert."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the SLO burn notification."
steps:
- name: get-slo
type: call
call: "datadog-slo.get-slo"
with:
slo_id: "{{slo_id}}"
- name: page-oncall
type: call
call: "pagerduty-slo.create-incident"
with:
service_key: "{{pagerduty_service_key}}"
description: "SLO burn rate alert: {{get-slo.name}} burn rate = {{get-slo.burn_rate}}"
incident_key: "slo-{{slo_id}}"
- name: post-slo-alert
type: call
call: "slack-slo.post-message"
with:
channel: "{{slack_channel}}"
text: "SLO BURN ALERT: {{get-slo.name}} | Burn rate: {{get-slo.burn_rate}} (threshold: {{burn_rate_threshold}}) | Remaining error budget: {{get-slo.error_budget_remaining}}%"
consumes:
- namespace: datadog-slo
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slo
path: "/slo/{slo_id}"
inputParameters:
- name: slo_id
in: path
operations:
- name: get-slo
method: GET
- namespace: pagerduty-slo
type: http
baseUri: "https://events.pagerduty.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident
path: "/enqueue"
operations:
- name: create-incident
method: POST
- namespace: slack-slo
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Delivery ETA Estimator
▼
ecommerce logistics delivery fulfillment
Calculates estimated delivery time for an Amazon order using logistics data and warehouse location, then updates the order with the delivery estimate.
naftiko: "0.5"
info:
label: "Delivery ETA Estimator"
description: "Calculates estimated delivery time for an Amazon order using logistics data and warehouse location, then updates the order with the delivery estimate."
tags:
- ecommerce
- logistics
- delivery
- fulfillment
capability:
exposes:
- type: mcp
namespace: delivery-eta
port: 8080
tools:
- name: estimate-delivery
description: "Calculate delivery ETA for an order using warehouse location and destination, then update the order with the estimate."
inputParameters:
- name: order_id
in: body
type: string
description: "The Amazon order ID to estimate delivery for."
- name: destination_zip
in: body
type: string
description: "The destination ZIP code."
steps:
- name: get-order-warehouse
type: call
call: "logistics-api.get-fulfillment-center"
with:
order_id: "{{order_id}}"
- name: calculate-eta
type: call
call: "logistics-api.calculate-transit-time"
with:
origin_zip: "{{get-order-warehouse.warehouse_zip}}"
destination_zip: "{{destination_zip}}"
shipping_method: "{{get-order-warehouse.shipping_method}}"
- name: update-order-eta
type: call
call: "logistics-api.update-delivery-estimate"
with:
order_id: "{{order_id}}"
estimated_delivery: "{{calculate-eta.estimated_date}}"
consumes:
- namespace: logistics-api
type: http
baseUri: "https://api.amazon.com/logistics/v1"
authentication:
type: bearer
token: "$secrets.amazon_logistics_token"
resources:
- name: fulfillment-center
path: "/orders/{order_id}/fulfillment-center"
inputParameters:
- name: order_id
in: path
operations:
- name: get-fulfillment-center
method: GET
- name: transit-time
path: "/transit-time/calculate"
operations:
- name: calculate-transit-time
method: POST
- name: delivery-estimate
path: "/orders/{order_id}/delivery-estimate"
inputParameters:
- name: order_id
in: path
operations:
- name: update-delivery-estimate
method: PUT
DSP Advertising Report Generator
▼
advertising dsp analytics aws s3 slack
Generates an Amazon DSP programmatic advertising report, uploads it to S3, and shares the download link via Slack.
naftiko: "0.5"
info:
label: "DSP Advertising Report Generator"
description: "Generates an Amazon DSP programmatic advertising report, uploads it to S3, and shares the download link via Slack."
tags:
- advertising
- dsp
- analytics
- aws
- s3
- slack
capability:
exposes:
- type: mcp
namespace: dsp-report
port: 8080
tools:
- name: generate-dsp-report
description: "Generate a DSP advertising report, store it in S3, and share the link in Slack."
inputParameters:
- name: advertiser_id
in: body
type: string
description: "The Amazon DSP advertiser ID."
- name: report_type
in: body
type: string
description: "The report type, e.g. campaign, audience, inventory."
- name: s3_bucket
in: body
type: string
description: "The S3 bucket for report storage."
- name: slack_channel
in: body
type: string
description: "Slack channel to share the report link."
steps:
- name: generate-report
type: call
call: "dsp-api.create-report"
with:
advertiser_id: "{{advertiser_id}}"
report_type: "{{report_type}}"
- name: upload-to-s3
type: call
call: "s3-dsp.put-object"
with:
bucket: "{{s3_bucket}}"
key: "dsp-reports/{{advertiser_id}}/{{generate-report.report_id}}.csv"
body: "{{generate-report.report_data}}"
- name: share-link
type: call
call: "slack-dsp.post-message"
with:
channel: "{{slack_channel}}"
text: "DSP Report Ready: s3://{{s3_bucket}}/dsp-reports/{{advertiser_id}}/{{generate-report.report_id}}.csv"
consumes:
- namespace: dsp-api
type: http
baseUri: "https://advertising-api.amazon.com/dsp/reports/v3"
authentication:
type: bearer
token: "$secrets.amazon_dsp_token"
resources:
- name: report
path: "/"
operations:
- name: create-report
method: POST
- namespace: s3-dsp
type: http
baseUri: "https://s3.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_s3_token"
placement: header
resources:
- name: object
path: "/{bucket}/{key}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- namespace: slack-dsp
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
DynamoDB Item Lookup
▼
cloud database aws dynamodb
Retrieves a single item from a DynamoDB table by primary key and returns the full item attributes.
naftiko: "0.5"
info:
label: "DynamoDB Item Lookup"
description: "Retrieves a single item from a DynamoDB table by primary key and returns the full item attributes."
tags:
- cloud
- database
- aws
- dynamodb
capability:
exposes:
- type: mcp
namespace: dynamo-lookup
port: 8080
tools:
- name: get-item
description: "Fetch a single item from a DynamoDB table by its primary key. Returns all item attributes."
inputParameters:
- name: table_name
in: body
type: string
description: "The DynamoDB table name to query."
- name: key_value
in: body
type: string
description: "The primary key value for the item to retrieve."
call: "dynamodb-api.get-item"
with:
table_name: "{{table_name}}"
key_value: "{{key_value}}"
outputParameters:
- name: item
type: object
mapping: "$.Item"
consumes:
- namespace: dynamodb-api
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
inputParameters:
- name: table_name
in: body
- name: key_value
in: body
operations:
- name: get-item
method: POST
EC2 Instance Rightsizing Advisor
▼
cloud finops cost-optimization aws ec2 cloudwatch slack
Analyzes EC2 instance CPU and memory utilization via CloudWatch, generates rightsizing recommendations, and posts the findings to a Slack channel.
naftiko: "0.5"
info:
label: "EC2 Instance Rightsizing Advisor"
description: "Analyzes EC2 instance CPU and memory utilization via CloudWatch, generates rightsizing recommendations, and posts the findings to a Slack channel."
tags:
- cloud
- finops
- cost-optimization
- aws
- ec2
- cloudwatch
- slack
capability:
exposes:
- type: mcp
namespace: ec2-rightsize
port: 8080
tools:
- name: analyze-rightsizing
description: "Given an EC2 instance ID, analyze its CPU and memory utilization over the last 14 days, generate a rightsizing recommendation, and post results to Slack."
inputParameters:
- name: instance_id
in: body
type: string
description: "The EC2 instance ID to analyze for rightsizing."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to post the recommendation to."
steps:
- name: get-cpu-metrics
type: call
call: "cloudwatch-rs.get-metric-statistics"
with:
instance_id: "{{instance_id}}"
metric_name: "CPUUtilization"
- name: get-instance-type
type: call
call: "ec2-rs.describe-instance"
with:
instance_id: "{{instance_id}}"
- name: post-recommendation
type: call
call: "slack-rs.post-message"
with:
channel: "{{slack_channel}}"
text: "Rightsizing Report for {{instance_id}} ({{get-instance-type.instance_type}}): Avg CPU {{get-cpu-metrics.average}}%. Consider downsizing if consistently under 20%."
consumes:
- namespace: cloudwatch-rs
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metrics
path: "/"
inputParameters:
- name: instance_id
in: query
- name: metric_name
in: query
operations:
- name: get-metric-statistics
method: GET
- namespace: ec2-rs
type: http
baseUri: "https://ec2.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ec2_token"
placement: header
resources:
- name: instance
path: "/"
inputParameters:
- name: instance_id
in: query
operations:
- name: describe-instance
method: GET
- namespace: slack-rs
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ECR Image List
▼
cloud containers aws ecr
Lists container images in an Amazon ECR repository and returns image tags and push timestamps.
naftiko: "0.5"
info:
label: "ECR Image List"
description: "Lists container images in an Amazon ECR repository and returns image tags and push timestamps."
tags:
- cloud
- containers
- aws
- ecr
capability:
exposes:
- type: mcp
namespace: ecr-images
port: 8080
tools:
- name: list-images
description: "List all container images in a given ECR repository. Returns image tags and pushed-at dates."
inputParameters:
- name: repository_name
in: body
type: string
description: "The ECR repository name to list images for."
call: "ecr-api.list-images"
with:
repository_name: "{{repository_name}}"
outputParameters:
- name: images
type: array
mapping: "$.imageIds"
consumes:
- namespace: ecr-api
type: http
baseUri: "https://api.ecr.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ecr_token"
placement: header
resources:
- name: images
path: "/"
inputParameters:
- name: repository_name
in: body
operations:
- name: list-images
method: POST
ECS Auto-Scaling Adjuster
▼
cloud containers auto-scaling aws ecs cloudwatch dynamodb
Monitors ECS service CPU utilization via CloudWatch, adjusts the desired task count based on load, and logs the scaling event to DynamoDB.
naftiko: "0.5"
info:
label: "ECS Auto-Scaling Adjuster"
description: "Monitors ECS service CPU utilization via CloudWatch, adjusts the desired task count based on load, and logs the scaling event to DynamoDB."
tags:
- cloud
- containers
- auto-scaling
- aws
- ecs
- cloudwatch
- dynamodb
capability:
exposes:
- type: mcp
namespace: ecs-scaling
port: 8080
tools:
- name: adjust-scaling
description: "Monitor ECS service CPU, adjust desired task count if needed, and log the scaling event."
inputParameters:
- name: cluster_name
in: body
type: string
description: "The ECS cluster name."
- name: service_name
in: body
type: string
description: "The ECS service name to scale."
- name: cpu_threshold
in: body
type: number
description: "CPU percentage threshold that triggers scaling."
- name: desired_count
in: body
type: number
description: "The new desired task count to set."
steps:
- name: get-cpu-metric
type: call
call: "cw-ecs.get-metric-data"
with:
cluster_name: "{{cluster_name}}"
service_name: "{{service_name}}"
metric_name: "CPUUtilization"
- name: update-service
type: call
call: "ecs-scale.update-service"
with:
cluster_name: "{{cluster_name}}"
service_name: "{{service_name}}"
desired_count: "{{desired_count}}"
- name: log-event
type: call
call: "dynamo-ecs.put-item"
with:
table_name: "ecs-scaling-events"
service_name: "{{service_name}}"
cpu_avg: "{{get-cpu-metric.average}}"
new_count: "{{desired_count}}"
consumes:
- namespace: cw-ecs
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
inputParameters:
- name: cluster_name
in: query
- name: service_name
in: query
- name: metric_name
in: query
operations:
- name: get-metric-data
method: POST
- namespace: ecs-scale
type: http
baseUri: "https://ecs.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ecs_token"
placement: header
resources:
- name: service
path: "/"
operations:
- name: update-service
method: POST
- namespace: dynamo-ecs
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
ECS Service Status
▼
cloud containers aws ecs
Retrieves the current status and running task count for an Amazon ECS service in a cluster.
naftiko: "0.5"
info:
label: "ECS Service Status"
description: "Retrieves the current status and running task count for an Amazon ECS service in a cluster."
tags:
- cloud
- containers
- aws
- ecs
capability:
exposes:
- type: mcp
namespace: ecs-status
port: 8080
tools:
- name: describe-service
description: "Get the status, running count, and desired count for an ECS service. Use to verify deployment health."
inputParameters:
- name: cluster_name
in: body
type: string
description: "The ECS cluster name."
- name: service_name
in: body
type: string
description: "The ECS service name to describe."
call: "ecs-api.describe-service"
with:
cluster_name: "{{cluster_name}}"
service_name: "{{service_name}}"
outputParameters:
- name: running_count
type: number
mapping: "$.services[0].runningCount"
- name: status
type: string
mapping: "$.services[0].status"
consumes:
- namespace: ecs-api
type: http
baseUri: "https://ecs.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ecs_token"
placement: header
resources:
- name: service
path: "/"
inputParameters:
- name: cluster_name
in: body
- name: service_name
in: body
operations:
- name: describe-service
method: POST
EKS Cluster Upgrade Planner
▼
cloud kubernetes aws eks confluence slack
Checks the current EKS cluster version, compares with available Kubernetes versions, and generates an upgrade plan posted to Confluence and Slack.
naftiko: "0.5"
info:
label: "EKS Cluster Upgrade Planner"
description: "Checks the current EKS cluster version, compares with available Kubernetes versions, and generates an upgrade plan posted to Confluence and Slack."
tags:
- cloud
- kubernetes
- aws
- eks
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: eks-upgrade
port: 8080
tools:
- name: plan-upgrade
description: "Check EKS cluster version, identify available upgrades, and post an upgrade plan to Confluence and Slack."
inputParameters:
- name: cluster_name
in: body
type: string
description: "The EKS cluster name to check."
- name: confluence_space
in: body
type: string
description: "Confluence space key for the upgrade plan."
- name: slack_channel
in: body
type: string
description: "Slack channel for upgrade notifications."
steps:
- name: describe-cluster
type: call
call: "eks-api.describe-cluster"
with:
cluster_name: "{{cluster_name}}"
- name: create-plan-page
type: call
call: "confluence-eks.create-page"
with:
space_key: "{{confluence_space}}"
title: "EKS Upgrade Plan: {{cluster_name}}"
body: "Current version: {{describe-cluster.version}}. Cluster status: {{describe-cluster.status}}. Review add-on compatibility before upgrading."
- name: notify-team
type: call
call: "slack-eks.post-message"
with:
channel: "{{slack_channel}}"
text: "EKS Upgrade Plan created for {{cluster_name}} (current: v{{describe-cluster.version}}). Confluence: {{create-plan-page.url}}"
consumes:
- namespace: eks-api
type: http
baseUri: "https://eks.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_eks_token"
placement: header
resources:
- name: cluster
path: "/clusters/{cluster_name}"
inputParameters:
- name: cluster_name
in: path
operations:
- name: describe-cluster
method: GET
- namespace: confluence-eks
type: http
baseUri: "https://amazon.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: page
path: "/content"
operations:
- name: create-page
method: POST
- namespace: slack-eks
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ElastiCache Cluster Health Reporter
▼
cloud caching monitoring aws elasticache cloudwatch slack
Checks ElastiCache Redis cluster node health and memory utilization via CloudWatch, then posts a health summary to Slack.
naftiko: "0.5"
info:
label: "ElastiCache Cluster Health Reporter"
description: "Checks ElastiCache Redis cluster node health and memory utilization via CloudWatch, then posts a health summary to Slack."
tags:
- cloud
- caching
- monitoring
- aws
- elasticache
- cloudwatch
- slack
capability:
exposes:
- type: mcp
namespace: elasticache-health
port: 8080
tools:
- name: report-cluster-health
description: "Check ElastiCache cluster health metrics and post a summary to Slack."
inputParameters:
- name: cluster_id
in: body
type: string
description: "The ElastiCache cluster ID to check."
- name: slack_channel
in: body
type: string
description: "Slack channel for health reports."
steps:
- name: describe-cluster
type: call
call: "elasticache-api.describe-cache-cluster"
with:
cluster_id: "{{cluster_id}}"
- name: get-memory-metric
type: call
call: "cw-cache.get-metric-data"
with:
cluster_id: "{{cluster_id}}"
metric_name: "DatabaseMemoryUsagePercentage"
- name: post-health
type: call
call: "slack-cache.post-message"
with:
channel: "{{slack_channel}}"
text: "ElastiCache Health: Cluster {{cluster_id}} status: {{describe-cluster.status}}. Memory usage: {{get-memory-metric.average}}%. Nodes: {{describe-cluster.num_cache_nodes}}."
consumes:
- namespace: elasticache-api
type: http
baseUri: "https://elasticache.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_elasticache_token"
placement: header
resources:
- name: cluster
path: "/"
inputParameters:
- name: cluster_id
in: query
operations:
- name: describe-cache-cluster
method: GET
- namespace: cw-cache
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: get-metric-data
method: POST
- namespace: slack-cache
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Employee Offboarding Sequence
▼
hr offboarding workday okta github jira servicenow
When an employee departure is recorded in Workday, revokes GitHub org access, deactivates the Okta account, resolves open Jira tickets assigned to the departing user, and posts a ServiceNow offboarding task.
naftiko: "0.5"
info:
label: "Employee Offboarding Sequence"
description: "When an employee departure is recorded in Workday, revokes GitHub org access, deactivates the Okta account, resolves open Jira tickets assigned to the departing user, and posts a ServiceNow offboarding task."
tags:
- hr
- offboarding
- workday
- okta
- github
- jira
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: "Given a Workday employee ID and last working date, revoke GitHub org membership, deactivate Okta account, reassign open Jira issues, and create a ServiceNow offboarding task."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID of the departing employee."
- name: jira_project_key
in: body
type: string
description: "The Jira project key to query for open issues assigned to the departing user."
steps:
- name: get-employee
type: call
call: "workday-off.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: remove-github
type: call
call: "github-off.remove-org-member"
with:
org: "amzn"
username: "{{get-employee.github_username}}"
- name: deactivate-okta
type: call
call: "okta.deactivate-user"
with:
user_id: "{{get-employee.okta_user_id}}"
- name: create-offboarding-task
type: call
call: "servicenow-off.create-incident"
with:
short_description: "Offboarding: {{get-employee.full_name}}"
assignment_group: "IT_Offboarding"
category: "hr_offboarding"
consumes:
- namespace: workday-off
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker
path: "/workers/{worker_id}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- namespace: github-off
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: org-member
path: "/orgs/{org}/members/{username}"
inputParameters:
- name: org
in: path
- name: username
in: path
operations:
- name: remove-org-member
method: DELETE
- namespace: okta
type: http
baseUri: "https://amazon.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: user
path: "/users/{user_id}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- namespace: servicenow-off
type: http
baseUri: "https://amazon.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
operations:
- name: create-incident
method: POST
EventBridge Rule Health Checker
▼
cloud event-driven monitoring aws eventbridge cloudwatch slack
Validates EventBridge rules are actively triggering by checking CloudWatch invocation metrics and posts a health report to Slack.
naftiko: "0.5"
info:
label: "EventBridge Rule Health Checker"
description: "Validates EventBridge rules are actively triggering by checking CloudWatch invocation metrics and posts a health report to Slack."
tags:
- cloud
- event-driven
- monitoring
- aws
- eventbridge
- cloudwatch
- slack
capability:
exposes:
- type: mcp
namespace: eb-health
port: 8080
tools:
- name: check-rule-health
description: "Check EventBridge rule invocation metrics and report health status to Slack."
inputParameters:
- name: rule_name
in: body
type: string
description: "The EventBridge rule name to check."
- name: slack_channel
in: body
type: string
description: "Slack channel for health reports."
steps:
- name: get-invocation-count
type: call
call: "cw-eb.get-metric-data"
with:
namespace: "AWS/Events"
metric_name: "Invocations"
rule_name: "{{rule_name}}"
- name: get-failed-count
type: call
call: "cw-eb.get-failed-metric"
with:
namespace: "AWS/Events"
metric_name: "FailedInvocations"
rule_name: "{{rule_name}}"
- name: post-report
type: call
call: "slack-eb.post-message"
with:
channel: "{{slack_channel}}"
text: "EventBridge Rule Health: {{rule_name}} - Invocations: {{get-invocation-count.sum}}, Failed: {{get-failed-count.sum}}."
consumes:
- namespace: cw-eb
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: get-metric-data
method: POST
- name: get-failed-metric
method: POST
- namespace: slack-eb
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
FBA Inventory Reconciliation
▼
ecommerce marketplace fulfillment fba inventory
Reconciles Fulfillment by Amazon inventory levels against seller records, identifies discrepancies, and creates a case in Seller Central support.
naftiko: "0.5"
info:
label: "FBA Inventory Reconciliation"
description: "Reconciles Fulfillment by Amazon inventory levels against seller records, identifies discrepancies, and creates a case in Seller Central support."
tags:
- ecommerce
- marketplace
- fulfillment
- fba
- inventory
capability:
exposes:
- type: mcp
namespace: fba-reconcile
port: 8080
tools:
- name: reconcile-inventory
description: "Compare FBA inventory levels with seller records and create a support case for discrepancies."
inputParameters:
- name: seller_id
in: body
type: string
description: "The Amazon seller ID."
- name: sku
in: body
type: string
description: "The product SKU to reconcile."
- name: expected_quantity
in: body
type: number
description: "The expected inventory quantity per seller records."
steps:
- name: get-fba-inventory
type: call
call: "sp-fba.get-inventory-summary"
with:
seller_id: "{{seller_id}}"
sku: "{{sku}}"
- name: create-case
type: call
call: "sp-fba.create-support-case"
with:
subject: "FBA Inventory Discrepancy: SKU {{sku}}"
description: "Expected: {{expected_quantity}}, FBA reports: {{get-fba-inventory.fulfillable_quantity}}. Difference: needs investigation."
consumes:
- namespace: sp-fba
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: inventory
path: "/fba/inventory/v1/summaries"
inputParameters:
- name: seller_id
in: query
- name: sku
in: query
operations:
- name: get-inventory-summary
method: GET
- name: support
path: "/messaging/v1/cases"
operations:
- name: create-support-case
method: POST
Fresh Grocery Delivery Scheduler
▼
grocery amazon-fresh delivery logistics sns
Schedules Amazon Fresh grocery deliveries by checking available delivery windows, reserving a slot, and sending a confirmation to the customer via SNS.
naftiko: "0.5"
info:
label: "Fresh Grocery Delivery Scheduler"
description: "Schedules Amazon Fresh grocery deliveries by checking available delivery windows, reserving a slot, and sending a confirmation to the customer via SNS."
tags:
- grocery
- amazon-fresh
- delivery
- logistics
- sns
capability:
exposes:
- type: mcp
namespace: fresh-delivery
port: 8080
tools:
- name: schedule-delivery
description: "Check available delivery windows for Amazon Fresh, reserve a slot, and confirm with the customer."
inputParameters:
- name: order_id
in: body
type: string
description: "The Amazon Fresh order ID."
- name: zip_code
in: body
type: string
description: "The delivery ZIP code."
- name: customer_phone
in: body
type: string
description: "The customer phone number for SMS confirmation."
steps:
- name: get-windows
type: call
call: "fresh-api.get-delivery-windows"
with:
zip_code: "{{zip_code}}"
- name: reserve-slot
type: call
call: "fresh-api.reserve-delivery-slot"
with:
order_id: "{{order_id}}"
slot_id: "{{get-windows.first_available_slot_id}}"
- name: confirm-customer
type: call
call: "sns-fresh.publish"
with:
phone_number: "{{customer_phone}}"
message: "Your Amazon Fresh delivery for order {{order_id}} is scheduled for {{reserve-slot.delivery_time}}. Track at amazon.com/orders."
consumes:
- namespace: fresh-api
type: http
baseUri: "https://api.amazon.com/fresh/v1"
authentication:
type: bearer
token: "$secrets.amazon_fresh_token"
resources:
- name: delivery-windows
path: "/delivery-windows"
inputParameters:
- name: zip_code
in: query
operations:
- name: get-delivery-windows
method: GET
- name: delivery-slot
path: "/orders/{order_id}/delivery-slot"
inputParameters:
- name: order_id
in: path
operations:
- name: reserve-delivery-slot
method: POST
- namespace: sns-fresh
type: http
baseUri: "https://sns.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sns_token"
placement: header
resources:
- name: sms
path: "/"
operations:
- name: publish
method: POST
GitHub Dependabot Alert Remediation
▼
security devops github jira slack dependabot
When a critical Dependabot vulnerability alert is raised in a GitHub repository, creates a Jira security ticket, notifies the owning team in Slack, and opens a GitHub issue for tracking.
naftiko: "0.5"
info:
label: "GitHub Dependabot Alert Remediation"
description: "When a critical Dependabot vulnerability alert is raised in a GitHub repository, creates a Jira security ticket, notifies the owning team in Slack, and opens a GitHub issue for tracking."
tags:
- security
- devops
- github
- jira
- slack
- dependabot
capability:
exposes:
- type: mcp
namespace: vuln-ops
port: 8080
tools:
- name: handle-dependabot-alert
description: "Given a GitHub repo and Dependabot alert number, fetch alert details, create a Jira security remediation ticket, open a GitHub tracking issue, and notify the team Slack channel."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository in owner/repo format where the Dependabot alert was raised."
- name: alert_number
in: body
type: integer
description: "The Dependabot alert number to process."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the security alert notification."
steps:
- name: get-alert
type: call
call: "github-dep.get-dependabot-alert"
with:
repo: "{{repo}}"
alert_number: "{{alert_number}}"
- name: create-sec-ticket
type: call
call: "jira-dep.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "Dependabot: {{get-alert.dependency_name}} {{get-alert.severity}} in {{repo}}"
description: "CVE: {{get-alert.cve_id}}\nSeverity: {{get-alert.severity}}\nFixed in: {{get-alert.fixed_in}}"
- name: notify-team
type: call
call: "slack-dep.post-message"
with:
channel: "{{slack_channel}}"
text: "Dependabot Alert: {{get-alert.severity}} vulnerability in {{get-alert.dependency_name}} ({{repo}}). CVE: {{get-alert.cve_id}}. Jira: {{create-sec-ticket.key}}"
consumes:
- namespace: github-dep
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dependabot-alert
path: "/repos/{repo}/dependabot/alerts/{alert_number}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- namespace: jira-dep
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-dep
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub PR Security Scan Gate
▼
devops security github snyk code-quality
When a GitHub pull request is opened against a main branch, triggers a Snyk security scan and posts the results as a PR comment. Blocks merge if critical vulnerabilities are detected.
naftiko: "0.5"
info:
label: "GitHub PR Security Scan Gate"
description: "When a GitHub pull request is opened against a main branch, triggers a Snyk security scan and posts the results as a PR comment. Blocks merge if critical vulnerabilities are detected."
tags:
- devops
- security
- github
- snyk
- code-quality
capability:
exposes:
- type: mcp
namespace: devops-security
port: 8080
tools:
- name: run-pr-security-scan
description: "Given a GitHub repo and PR number, trigger a Snyk security scan on the PR branch and post scan results as a GitHub PR review comment. Use when enforcing security gates on pull requests."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository in owner/repo format, e.g. amzn/service-catalog."
- name: pr_number
in: body
type: integer
description: "The pull request number to scan and comment on."
- name: branch
in: body
type: string
description: "The branch name associated with the pull request."
steps:
- name: trigger-scan
type: call
call: "snyk.test-project"
with:
org: "amazon"
target_reference: "{{branch}}"
- name: post-review
type: call
call: "github-sec.create-pr-review"
with:
repo: "{{repo}}"
pull_number: "{{pr_number}}"
body: "Snyk scan complete. Issues found: {{trigger-scan.issue_count}}. Critical: {{trigger-scan.critical_count}}. See full report: {{trigger-scan.report_url}}"
event: "COMMENT"
consumes:
- namespace: snyk
type: http
baseUri: "https://api.snyk.io/rest"
authentication:
type: bearer
token: "$secrets.snyk_token"
resources:
- name: project-test
path: "/orgs/{org}/test"
inputParameters:
- name: org
in: path
operations:
- name: test-project
method: POST
- namespace: github-sec
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pr-review
path: "/repos/{repo}/pulls/{pull_number}/reviews"
inputParameters:
- name: repo
in: path
- name: pull_number
in: path
operations:
- name: create-pr-review
method: POST
GitHub Repository Compliance Audit
▼
devops compliance github slack security
Audits a GitHub repository for branch protection rules, required status checks, and code owner file presence, then posts a compliance report to a Slack channel.
naftiko: "0.5"
info:
label: "GitHub Repository Compliance Audit"
description: "Audits a GitHub repository for branch protection rules, required status checks, and code owner file presence, then posts a compliance report to a Slack channel."
tags:
- devops
- compliance
- github
- slack
- security
capability:
exposes:
- type: mcp
namespace: devops-compliance
port: 8080
tools:
- name: audit-repo-compliance
description: "Given a GitHub repository name, check branch protection rules on the default branch, verify required status checks are configured, and post a compliance status report to Slack."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository in owner/repo format to audit, e.g. amzn/service-catalog."
- name: branch
in: body
type: string
description: "The branch to check protection rules on, typically main or master."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the compliance report will be posted."
steps:
- name: get-branch-protection
type: call
call: "github-compliance.get-branch-protection"
with:
repo: "{{repo}}"
branch: "{{branch}}"
- name: post-compliance-report
type: call
call: "slack-compliance.post-message"
with:
channel: "{{slack_channel}}"
text: "Compliance Audit: {{repo}} / {{branch}} | Required reviews: {{get-branch-protection.required_approving_review_count}} | Status checks required: {{get-branch-protection.required_status_checks_count}} | Admin enforced: {{get-branch-protection.enforce_admins}}"
consumes:
- namespace: github-compliance
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branch-protection
path: "/repos/{repo}/branches/{branch}/protection"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch-protection
method: GET
- namespace: slack-compliance
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub Secret Scanning Alert Handler
▼
security devops github jira slack okta secret-scanning
When GitHub Advanced Security detects a secret in a repository, creates a Jira security ticket, notifies the security Slack channel, and revokes the exposed credential via Okta.
naftiko: "0.5"
info:
label: "GitHub Secret Scanning Alert Handler"
description: "When GitHub Advanced Security detects a secret in a repository, creates a Jira security ticket, notifies the security Slack channel, and revokes the exposed credential via Okta."
tags:
- security
- devops
- github
- jira
- slack
- okta
- secret-scanning
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: handle-secret-alert
description: "Given a GitHub secret scanning alert ID and repository, fetch alert details, create a Jira security ticket, revoke the associated credential in Okta, and notify the security Slack channel."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository in owner/repo format where the secret was detected."
- name: alert_number
in: body
type: integer
description: "The GitHub secret scanning alert number."
- name: okta_token_id
in: body
type: string
description: "The Okta API token ID to revoke if it matches the exposed credential."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the security team notification."
steps:
- name: get-alert
type: call
call: "github-ss.get-secret-alert"
with:
repo: "{{repo}}"
alert_number: "{{alert_number}}"
- name: create-security-ticket
type: call
call: "jira-ss.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "Secret exposed in {{repo}}: {{get-alert.secret_type}}"
description: "Alert: {{alert_number}}\nSecret type: {{get-alert.secret_type}}\nState: {{get-alert.state}}"
- name: revoke-token
type: call
call: "okta-ss.revoke-token"
with:
token_id: "{{okta_token_id}}"
- name: notify-security
type: call
call: "slack-ss.post-message"
with:
channel: "{{slack_channel}}"
text: "SECRET ALERT: {{get-alert.secret_type}} exposed in {{repo}}. Token revoked in Okta. Jira: {{create-security-ticket.key}}"
consumes:
- namespace: github-ss
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: secret-alert
path: "/repos/{repo}/secret-scanning/alerts/{alert_number}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-secret-alert
method: GET
- namespace: jira-ss
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: okta-ss
type: http
baseUri: "https://amazon.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: token
path: "/users/me/tokens/{token_id}"
inputParameters:
- name: token_id
in: path
operations:
- name: revoke-token
method: DELETE
- namespace: slack-ss
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Glue Job Failure Handler
▼
cloud etl data-engineering aws glue cloudwatch jira
Detects failed AWS Glue ETL jobs, collects error logs from CloudWatch, and creates a Jira ticket for the data engineering team.
naftiko: "0.5"
info:
label: "Glue Job Failure Handler"
description: "Detects failed AWS Glue ETL jobs, collects error logs from CloudWatch, and creates a Jira ticket for the data engineering team."
tags:
- cloud
- etl
- data-engineering
- aws
- glue
- cloudwatch
- jira
capability:
exposes:
- type: mcp
namespace: glue-failure
port: 8080
tools:
- name: handle-glue-failure
description: "Process a Glue job failure by fetching error logs and creating a Jira ticket for investigation."
inputParameters:
- name: job_name
in: body
type: string
description: "The AWS Glue job name that failed."
- name: job_run_id
in: body
type: string
description: "The Glue job run ID."
- name: jira_project_key
in: body
type: string
description: "Jira project key for data engineering tickets."
steps:
- name: get-job-run
type: call
call: "glue-api.get-job-run"
with:
job_name: "{{job_name}}"
job_run_id: "{{job_run_id}}"
- name: get-error-logs
type: call
call: "cw-glue.get-log-events"
with:
log_group: "/aws-glue/jobs/error"
log_stream: "{{job_run_id}}"
- name: create-ticket
type: call
call: "jira-glue.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Bug"
summary: "Glue Job Failure: {{job_name}} (Run: {{job_run_id}})"
description: "Error: {{get-job-run.error_message}}. Logs: {{get-error-logs.events}}"
consumes:
- namespace: glue-api
type: http
baseUri: "https://glue.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_glue_token"
placement: header
resources:
- name: job-run
path: "/"
operations:
- name: get-job-run
method: POST
- namespace: cw-glue
type: http
baseUri: "https://logs.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: log-events
path: "/"
operations:
- name: get-log-events
method: POST
- namespace: jira-glue
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
GuardDuty Finding Incident Creator
▼
cloud security incident-response aws guardduty servicenow slack
Retrieves GuardDuty security findings, creates an incident in ServiceNow, and notifies the security operations team via Slack.
naftiko: "0.5"
info:
label: "GuardDuty Finding Incident Creator"
description: "Retrieves GuardDuty security findings, creates an incident in ServiceNow, and notifies the security operations team via Slack."
tags:
- cloud
- security
- incident-response
- aws
- guardduty
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: guardduty-incident
port: 8080
tools:
- name: process-finding
description: "Fetch a GuardDuty finding, create a ServiceNow incident for it, and alert the security team on Slack."
inputParameters:
- name: detector_id
in: body
type: string
description: "The GuardDuty detector ID."
- name: finding_id
in: body
type: string
description: "The GuardDuty finding ID to process."
- name: slack_channel
in: body
type: string
description: "Slack channel for security operations alerts."
steps:
- name: get-finding
type: call
call: "guardduty-api.get-findings"
with:
detector_id: "{{detector_id}}"
finding_id: "{{finding_id}}"
- name: create-incident
type: call
call: "servicenow-gd.create-incident"
with:
short_description: "GuardDuty: {{get-finding.type}} - Severity {{get-finding.severity}}"
description: "Finding: {{get-finding.description}}. Resource: {{get-finding.resource}}."
urgency: "2"
- name: alert-security
type: call
call: "slack-gd.post-message"
with:
channel: "{{slack_channel}}"
text: "GuardDuty Alert: {{get-finding.type}} (Severity: {{get-finding.severity}}). ServiceNow Incident: {{create-incident.number}}."
consumes:
- namespace: guardduty-api
type: http
baseUri: "https://guardduty.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_guardduty_token"
placement: header
resources:
- name: findings
path: "/detector/{detector_id}/findings/get"
inputParameters:
- name: detector_id
in: path
operations:
- name: get-findings
method: POST
- namespace: servicenow-gd
type: http
baseUri: "https://amazon.service-now.com/api/now/table"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incident
path: "/incident"
operations:
- name: create-incident
method: POST
- namespace: slack-gd
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
IAM Access Key Rotation Enforcer
▼
cloud security compliance aws iam ses
Audits IAM user access keys for age, deactivates keys older than 90 days, and sends a compliance report via SES.
naftiko: "0.5"
info:
label: "IAM Access Key Rotation Enforcer"
description: "Audits IAM user access keys for age, deactivates keys older than 90 days, and sends a compliance report via SES."
tags:
- cloud
- security
- compliance
- aws
- iam
- ses
capability:
exposes:
- type: mcp
namespace: iam-key-rotation
port: 8080
tools:
- name: enforce-key-rotation
description: "Audit IAM access keys, deactivate stale keys older than the threshold, and email a compliance report."
inputParameters:
- name: username
in: body
type: string
description: "The IAM username to audit access keys for."
- name: max_age_days
in: body
type: number
description: "Maximum allowed age in days before a key is deactivated."
- name: report_email
in: body
type: string
description: "Email address to send the compliance report to."
steps:
- name: list-keys
type: call
call: "iam-keys.list-access-keys"
with:
username: "{{username}}"
- name: deactivate-old-key
type: call
call: "iam-keys.update-access-key"
with:
username: "{{username}}"
access_key_id: "{{list-keys.oldest_key_id}}"
status: "Inactive"
- name: send-report
type: call
call: "ses-iam.send-email"
with:
to: "{{report_email}}"
subject: "IAM Key Rotation Report: {{username}}"
body: "User {{username}}: Key {{list-keys.oldest_key_id}} (age: {{list-keys.oldest_key_age}} days) has been deactivated."
consumes:
- namespace: iam-keys
type: http
baseUri: "https://iam.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_iam_token"
placement: header
resources:
- name: access-keys
path: "/"
inputParameters:
- name: username
in: query
operations:
- name: list-access-keys
method: GET
- name: update-key
path: "/"
inputParameters:
- name: username
in: query
- name: access_key_id
in: query
- name: status
in: query
operations:
- name: update-access-key
method: POST
- namespace: ses-iam
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Inspector Vulnerability Report
▼
cloud security vulnerability-management aws inspector jira
Fetches Amazon Inspector vulnerability findings for EC2 instances, generates a risk summary, and creates a Jira security ticket.
naftiko: "0.5"
info:
label: "Inspector Vulnerability Report"
description: "Fetches Amazon Inspector vulnerability findings for EC2 instances, generates a risk summary, and creates a Jira security ticket."
tags:
- cloud
- security
- vulnerability-management
- aws
- inspector
- jira
capability:
exposes:
- type: mcp
namespace: inspector-report
port: 8080
tools:
- name: generate-vuln-report
description: "Fetch Inspector findings, summarize vulnerabilities by severity, and create a Jira ticket for remediation."
inputParameters:
- name: account_id
in: body
type: string
description: "The AWS account ID to scan findings for."
- name: jira_project_key
in: body
type: string
description: "Jira project key for security tickets."
steps:
- name: list-findings
type: call
call: "inspector-api.list-findings"
with:
account_id: "{{account_id}}"
- name: create-ticket
type: call
call: "jira-inspector.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Bug"
summary: "Inspector Findings: {{list-findings.critical_count}} critical, {{list-findings.high_count}} high vulnerabilities"
description: "Account {{account_id}} has {{list-findings.total_count}} findings. Critical: {{list-findings.critical_count}}, High: {{list-findings.high_count}}. Remediation required."
consumes:
- namespace: inspector-api
type: http
baseUri: "https://inspector2.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_inspector_token"
placement: header
resources:
- name: findings
path: "/findings/list"
operations:
- name: list-findings
method: POST
- namespace: jira-inspector
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
Jira Issue Triage with AI Summarization
▼
itsm ai triage jira anthropic
Fetches a newly created Jira issue, sends the description to the Anthropic Claude API for priority triage and summarization, and updates the Jira issue with the AI-generated priority label and summary.
naftiko: "0.5"
info:
label: "Jira Issue Triage with AI Summarization"
description: "Fetches a newly created Jira issue, sends the description to the Anthropic Claude API for priority triage and summarization, and updates the Jira issue with the AI-generated priority label and summary."
tags:
- itsm
- ai
- triage
- jira
- anthropic
capability:
exposes:
- type: mcp
namespace: itsm-ai
port: 8080
tools:
- name: triage-issue
description: "Given a Jira issue key, fetch its description, send it to the Anthropic Claude API for triage analysis, and update the Jira issue with the recommended priority and AI-generated summary."
inputParameters:
- name: issue_key
in: body
type: string
description: "The Jira issue key to triage, e.g. ENG-4201."
steps:
- name: get-issue
type: call
call: "jira-triage.get-issue"
with:
issue_key: "{{issue_key}}"
- name: ai-triage
type: call
call: "anthropic.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 512
system: "You are a software engineering triage assistant. Respond with a JSON object containing 'priority' (P1/P2/P3/P4) and 'summary' (one sentence)."
user_message: "Triage this issue: {{get-issue.summary}}\n\n{{get-issue.description}}"
- name: update-issue
type: call
call: "jira-triage.update-issue"
with:
issue_key: "{{issue_key}}"
priority: "{{ai-triage.priority}}"
description: "AI Triage Summary: {{ai-triage.summary}}\n\nOriginal: {{get-issue.description}}"
consumes:
- namespace: jira-triage
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue/{issue_key}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
- name: update-issue
method: PUT
- namespace: anthropic
type: http
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: message
path: "/messages"
operations:
- name: create-message
method: POST
Jira Sprint Velocity Report
▼
devops reporting jira slack agile
Fetches the completed sprint data from Jira, calculates story point velocity, and publishes the sprint review digest to the engineering Slack channel.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity Report"
description: "Fetches the completed sprint data from Jira, calculates story point velocity, and publishes the sprint review digest to the engineering Slack channel."
tags:
- devops
- reporting
- jira
- slack
- agile
capability:
exposes:
- type: mcp
namespace: agile-reporting
port: 8080
tools:
- name: publish-sprint-velocity
description: "Given a Jira board ID and sprint ID, fetch completed issue story points, calculate velocity, and post the sprint velocity digest to the engineering Slack channel."
inputParameters:
- name: board_id
in: body
type: integer
description: "The Jira Agile board ID to query sprint data from."
- name: sprint_id
in: body
type: integer
description: "The sprint ID to report velocity for."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the sprint velocity digest."
steps:
- name: get-sprint-issues
type: call
call: "jira-agile.get-sprint-issues"
with:
board_id: "{{board_id}}"
sprint_id: "{{sprint_id}}"
- name: post-velocity
type: call
call: "slack-agile.post-message"
with:
channel: "{{slack_channel}}"
text: "Sprint {{sprint_id}} Velocity: {{get-sprint-issues.completed_points}} story points completed out of {{get-sprint-issues.committed_points}} committed ({{get-sprint-issues.completion_pct}}%)."
consumes:
- namespace: jira-agile
type: http
baseUri: "https://amazon.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: sprint-issues
path: "/board/{board_id}/sprint/{sprint_id}/issue"
inputParameters:
- name: board_id
in: path
- name: sprint_id
in: path
operations:
- name: get-sprint-issues
method: GET
- namespace: slack-agile
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Kinesis Data Pipeline Health Check
▼
cloud streaming monitoring aws kinesis pagerduty
Monitors a Kinesis data stream for iterator age and throughput, logs health metrics to CloudWatch, and alerts via PagerDuty if thresholds are breached.
naftiko: "0.5"
info:
label: "Kinesis Data Pipeline Health Check"
description: "Monitors a Kinesis data stream for iterator age and throughput, logs health metrics to CloudWatch, and alerts via PagerDuty if thresholds are breached."
tags:
- cloud
- streaming
- monitoring
- aws
- kinesis
- pagerduty
capability:
exposes:
- type: mcp
namespace: kinesis-health
port: 8080
tools:
- name: check-pipeline-health
description: "Monitor Kinesis stream health by checking iterator age and throughput. Log to CloudWatch and alert PagerDuty if unhealthy."
inputParameters:
- name: stream_name
in: body
type: string
description: "The Kinesis stream name to monitor."
- name: max_iterator_age_ms
in: body
type: number
description: "Maximum acceptable iterator age in milliseconds."
steps:
- name: get-stream-metrics
type: call
call: "cw-kinesis.get-metric-data"
with:
stream_name: "{{stream_name}}"
metric_name: "GetRecords.IteratorAgeMilliseconds"
- name: log-health
type: call
call: "cw-kinesis.put-metric-data"
with:
namespace: "Custom/KinesisHealth"
metric_name: "PipelineHealthScore"
value: "{{get-stream-metrics.average}}"
- name: trigger-alert
type: call
call: "pagerduty-kinesis.create-incident"
with:
service_id: "KINESIS_SVC"
title: "Kinesis stream {{stream_name}} iterator age {{get-stream-metrics.average}}ms exceeds {{max_iterator_age_ms}}ms"
consumes:
- namespace: cw-kinesis
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric-data
path: "/"
inputParameters:
- name: stream_name
in: query
- name: metric_name
in: query
operations:
- name: get-metric-data
method: POST
- name: put-metric
path: "/"
operations:
- name: put-metric-data
method: POST
- namespace: pagerduty-kinesis
type: http
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident
path: "/incidents"
operations:
- name: create-incident
method: POST
Kinesis Stream Description
▼
cloud streaming aws kinesis
Describes a Kinesis data stream and returns its shard count, retention period, and status.
naftiko: "0.5"
info:
label: "Kinesis Stream Description"
description: "Describes a Kinesis data stream and returns its shard count, retention period, and status."
tags:
- cloud
- streaming
- aws
- kinesis
capability:
exposes:
- type: mcp
namespace: kinesis-desc
port: 8080
tools:
- name: describe-stream
description: "Describe a Kinesis data stream to get shard count, retention period, and current status."
inputParameters:
- name: stream_name
in: body
type: string
description: "The name of the Kinesis stream to describe."
call: "kinesis-api.describe-stream"
with:
stream_name: "{{stream_name}}"
outputParameters:
- name: shard_count
type: number
mapping: "$.StreamDescription.Shards.length"
- name: status
type: string
mapping: "$.StreamDescription.StreamStatus"
consumes:
- namespace: kinesis-api
type: http
baseUri: "https://kinesis.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_kinesis_token"
placement: header
resources:
- name: stream
path: "/"
inputParameters:
- name: stream_name
in: body
operations:
- name: describe-stream
method: POST
Lambda Deployment with Rollback
▼
cloud serverless deployment aws lambda slack
Deploys a new Lambda function version, runs a smoke test, and rolls back to the previous version if the test fails, notifying the team via Slack.
naftiko: "0.5"
info:
label: "Lambda Deployment with Rollback"
description: "Deploys a new Lambda function version, runs a smoke test, and rolls back to the previous version if the test fails, notifying the team via Slack."
tags:
- cloud
- serverless
- deployment
- aws
- lambda
- slack
capability:
exposes:
- type: mcp
namespace: lambda-deploy
port: 8080
tools:
- name: deploy-with-rollback
description: "Deploy a new Lambda version from S3, invoke a smoke test, and roll back if it fails. Posts deployment status to Slack."
inputParameters:
- name: function_name
in: body
type: string
description: "The Lambda function name to deploy."
- name: s3_bucket
in: body
type: string
description: "The S3 bucket containing the deployment package."
- name: s3_key
in: body
type: string
description: "The S3 key for the deployment package zip."
- name: slack_channel
in: body
type: string
description: "The Slack channel for deployment notifications."
steps:
- name: update-function
type: call
call: "lambda-dep.update-function-code"
with:
function_name: "{{function_name}}"
s3_bucket: "{{s3_bucket}}"
s3_key: "{{s3_key}}"
- name: invoke-smoke-test
type: call
call: "lambda-dep.invoke-function"
with:
function_name: "{{function_name}}"
payload: "{\"test\": true}"
- name: notify-team
type: call
call: "slack-dep.post-message"
with:
channel: "{{slack_channel}}"
text: "Lambda deployment for {{function_name}}: version {{update-function.version}} deployed. Smoke test status: {{invoke-smoke-test.status_code}}."
consumes:
- namespace: lambda-dep
type: http
baseUri: "https://lambda.us-east-1.amazonaws.com/2015-03-31"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_lambda_token"
placement: header
resources:
- name: function-code
path: "/functions/{function_name}/code"
inputParameters:
- name: function_name
in: path
operations:
- name: update-function-code
method: PUT
- name: invocation
path: "/functions/{function_name}/invocations"
inputParameters:
- name: function_name
in: path
- name: payload
in: body
operations:
- name: invoke-function
method: POST
- namespace: slack-dep
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Lambda Function List
▼
cloud serverless aws lambda
Lists all Lambda functions in a given AWS region and returns their names, runtimes, and memory configurations.
naftiko: "0.5"
info:
label: "Lambda Function List"
description: "Lists all Lambda functions in a given AWS region and returns their names, runtimes, and memory configurations."
tags:
- cloud
- serverless
- aws
- lambda
capability:
exposes:
- type: mcp
namespace: lambda-list
port: 8080
tools:
- name: list-functions
description: "List all Lambda functions in the specified AWS region. Returns function names, runtimes, and memory sizes."
inputParameters:
- name: region
in: body
type: string
description: "The AWS region to list Lambda functions for, e.g. us-west-2."
call: "lambda-api.list-functions"
with:
region: "{{region}}"
outputParameters:
- name: functions
type: array
mapping: "$.Functions"
consumes:
- namespace: lambda-api
type: http
baseUri: "https://lambda.us-east-1.amazonaws.com/2015-03-31"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_lambda_token"
placement: header
resources:
- name: functions
path: "/functions"
inputParameters:
- name: region
in: query
operations:
- name: list-functions
method: GET
Last Mile Delivery Route Optimizer
▼
logistics delivery routing aws location-service
Optimizes last-mile delivery routes for Amazon logistics drivers by fetching pending deliveries, calculating optimal routes via Amazon Location Service, and updating driver assignments.
naftiko: "0.5"
info:
label: "Last Mile Delivery Route Optimizer"
description: "Optimizes last-mile delivery routes for Amazon logistics drivers by fetching pending deliveries, calculating optimal routes via Amazon Location Service, and updating driver assignments."
tags:
- logistics
- delivery
- routing
- aws
- location-service
capability:
exposes:
- type: mcp
namespace: route-optimizer
port: 8080
tools:
- name: optimize-route
description: "Fetch pending deliveries for a driver, calculate the optimal route, and update driver assignments."
inputParameters:
- name: driver_id
in: body
type: string
description: "The delivery driver ID."
- name: warehouse_id
in: body
type: string
description: "The origin warehouse ID."
steps:
- name: get-pending-deliveries
type: call
call: "logistics-route.get-driver-deliveries"
with:
driver_id: "{{driver_id}}"
warehouse_id: "{{warehouse_id}}"
- name: calculate-route
type: call
call: "location-api.calculate-route-matrix"
with:
departure_position: "{{get-pending-deliveries.warehouse_coords}}"
destination_positions: "{{get-pending-deliveries.delivery_coords}}"
- name: update-assignments
type: call
call: "logistics-route.update-route-plan"
with:
driver_id: "{{driver_id}}"
optimized_order: "{{calculate-route.optimized_sequence}}"
estimated_duration: "{{calculate-route.total_duration}}"
consumes:
- namespace: logistics-route
type: http
baseUri: "https://api.amazon.com/logistics/v1"
authentication:
type: bearer
token: "$secrets.amazon_logistics_token"
resources:
- name: driver-deliveries
path: "/drivers/{driver_id}/deliveries"
inputParameters:
- name: driver_id
in: path
- name: warehouse_id
in: query
operations:
- name: get-driver-deliveries
method: GET
- name: route-plan
path: "/drivers/{driver_id}/route-plan"
inputParameters:
- name: driver_id
in: path
operations:
- name: update-route-plan
method: PUT
- namespace: location-api
type: http
baseUri: "https://routes.geo.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_location_token"
placement: header
resources:
- name: route-matrix
path: "/routes/v0/calculators/AmazonLogistics/calculate/route-matrix"
operations:
- name: calculate-route-matrix
method: POST
LinkedIn Job Posting Publisher
▼
hr recruiting workday linkedin jira
Fetches an open Workday job requisition and publishes it as a LinkedIn job posting, then creates a Jira recruiting task to track the open role.
naftiko: "0.5"
info:
label: "LinkedIn Job Posting Publisher"
description: "Fetches an open Workday job requisition and publishes it as a LinkedIn job posting, then creates a Jira recruiting task to track the open role."
tags:
- hr
- recruiting
- workday
- linkedin
- jira
capability:
exposes:
- type: mcp
namespace: recruiting-ops
port: 8080
tools:
- name: publish-job-to-linkedin
description: "Given a Workday job requisition ID, fetch role details from Workday, publish the posting to LinkedIn, and create a Jira recruiting task to track candidate pipeline."
inputParameters:
- name: requisition_id
in: body
type: string
description: "The Workday job requisition ID to publish, e.g. JR-00542."
- name: linkedin_organization_id
in: body
type: string
description: "The LinkedIn organization URN ID to post the job under."
steps:
- name: get-requisition
type: call
call: "workday-rec.get-requisition"
with:
requisition_id: "{{requisition_id}}"
- name: create-linkedin-post
type: call
call: "linkedin.create-job-posting"
with:
organization_id: "{{linkedin_organization_id}}"
title: "{{get-requisition.job_title}}"
description: "{{get-requisition.job_description}}"
location: "{{get-requisition.location}}"
- name: create-recruiting-task
type: call
call: "jira-rec.create-issue"
with:
project_key: "RECRUIT"
issuetype: "Task"
summary: "Open Role: {{get-requisition.job_title}} ({{requisition_id}})"
description: "LinkedIn posting ID: {{create-linkedin-post.posting_id}}"
consumes:
- namespace: workday-rec
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: requisition
path: "/jobRequisitions/{requisition_id}"
inputParameters:
- name: requisition_id
in: path
operations:
- name: get-requisition
method: GET
- namespace: linkedin
type: http
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-posting
path: "/jobs"
operations:
- name: create-job-posting
method: POST
- namespace: jira-rec
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
Marketplace Return Processor
▼
ecommerce marketplace returns seller-central ses
Processes a customer return request from the Selling Partner API, initiates a refund, and notifies the seller via email through SES.
naftiko: "0.5"
info:
label: "Marketplace Return Processor"
description: "Processes a customer return request from the Selling Partner API, initiates a refund, and notifies the seller via email through SES."
tags:
- ecommerce
- marketplace
- returns
- seller-central
- ses
capability:
exposes:
- type: mcp
namespace: return-process
port: 8080
tools:
- name: process-return
description: "Process a marketplace return request, initiate the refund, and notify the seller via email."
inputParameters:
- name: order_id
in: body
type: string
description: "The order ID for the return request."
- name: return_reason
in: body
type: string
description: "The customer-provided return reason."
- name: seller_email
in: body
type: string
description: "The seller email address for return notifications."
steps:
- name: get-order-details
type: call
call: "sp-returns.get-order"
with:
order_id: "{{order_id}}"
- name: create-refund
type: call
call: "sp-returns.create-refund"
with:
order_id: "{{order_id}}"
amount: "{{get-order-details.order_total}}"
- name: notify-seller
type: call
call: "ses-returns.send-email"
with:
to: "{{seller_email}}"
subject: "Return Processed: Order {{order_id}}"
body: "A return has been processed for order {{order_id}}. Reason: {{return_reason}}. Refund amount: ${{get-order-details.order_total}}. Refund ID: {{create-refund.refund_id}}."
consumes:
- namespace: sp-returns
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: order
path: "/orders/v0/orders/{order_id}"
inputParameters:
- name: order_id
in: path
operations:
- name: get-order
method: GET
- name: refund
path: "/orders/v0/orders/{order_id}/refund"
inputParameters:
- name: order_id
in: path
operations:
- name: create-refund
method: POST
- namespace: ses-returns
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Music Playlist Recommendation Notifier
▼
media music personalization aws personalize dynamodb sns
Generates personalized music playlist recommendations using Amazon Personalize, stores recommendations in DynamoDB, and notifies users via SNS push notification.
naftiko: "0.5"
info:
label: "Music Playlist Recommendation Notifier"
description: "Generates personalized music playlist recommendations using Amazon Personalize, stores recommendations in DynamoDB, and notifies users via SNS push notification."
tags:
- media
- music
- personalization
- aws
- personalize
- dynamodb
- sns
capability:
exposes:
- type: mcp
namespace: music-recommend
port: 8080
tools:
- name: recommend-and-notify
description: "Generate music recommendations with Personalize, store them, and push-notify the user."
inputParameters:
- name: user_id
in: body
type: string
description: "The Amazon Music user ID."
- name: campaign_arn
in: body
type: string
description: "The Personalize campaign ARN for recommendations."
- name: sns_topic_arn
in: body
type: string
description: "SNS topic ARN for push notifications."
steps:
- name: get-recommendations
type: call
call: "personalize-api.get-recommendations"
with:
campaign_arn: "{{campaign_arn}}"
user_id: "{{user_id}}"
- name: store-recommendations
type: call
call: "dynamo-music.put-item"
with:
table_name: "music-recommendations"
user_id: "{{user_id}}"
items: "{{get-recommendations.item_list}}"
- name: notify-user
type: call
call: "sns-music.publish"
with:
topic_arn: "{{sns_topic_arn}}"
message: "New playlist recommendations are ready for you! Check your Amazon Music app."
consumes:
- namespace: personalize-api
type: http
baseUri: "https://personalize-runtime.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_personalize_token"
placement: header
resources:
- name: recommendations
path: "/recommendations"
operations:
- name: get-recommendations
method: POST
- namespace: dynamo-music
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
- namespace: sns-music
type: http
baseUri: "https://sns.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sns_token"
placement: header
resources:
- name: publish
path: "/"
operations:
- name: publish
method: POST
New Hire Onboarding Orchestrator
▼
hr onboarding workday servicenow github slack
When a new hire record is created in Workday, opens a ServiceNow onboarding ticket, provisions a GitHub org membership, and sends a Slack welcome message to the team channel.
naftiko: "0.5"
info:
label: "New Hire Onboarding Orchestrator"
description: "When a new hire record is created in Workday, opens a ServiceNow onboarding ticket, provisions a GitHub org membership, and sends a Slack welcome message to the team channel."
tags:
- hr
- onboarding
- workday
- servicenow
- github
- slack
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full onboarding sequence: fetch worker details from Workday, open a ServiceNow onboarding ticket, add the employee to the GitHub org, and send a Slack welcome message."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire, e.g. WD-100234."
- name: start_date
in: body
type: string
description: "The hire's start date in YYYY-MM-DD format."
- name: github_team_slug
in: body
type: string
description: "The GitHub team slug to add the new hire to, e.g. platform-eng."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the welcome message will be posted."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: open-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-employee.full_name}}"
assignment_group: "IT_Onboarding"
category: "hr_onboarding"
- name: add-github-member
type: call
call: "github.add-org-member"
with:
org: "amzn"
username: "{{get-employee.github_username}}"
team_slug: "{{github_team_slug}}"
- name: send-welcome
type: call
call: "slack.post-message"
with:
channel: "{{slack_channel}}"
text: "Welcome to Amazon, {{get-employee.first_name}}! Onboarding ticket: {{open-ticket.number}}"
consumes:
- namespace: workday
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker
path: "/workers/{worker_id}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- namespace: servicenow
type: http
baseUri: "https://amazon.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
operations:
- name: create-incident
method: POST
- namespace: github
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: org-member
path: "/orgs/{org}/teams/{team_slug}/memberships/{username}"
inputParameters:
- name: org
in: path
- name: team_slug
in: path
- name: username
in: path
operations:
- name: add-org-member
method: PUT
- namespace: slack
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta Access Review Report
▼
identity security okta slack access-review
Fetches all users in a specified Okta group, checks each user's last login date against a stale-access threshold, and posts an access review report to the security Slack channel.
naftiko: "0.5"
info:
label: "Okta Access Review Report"
description: "Fetches all users in a specified Okta group, checks each user's last login date against a stale-access threshold, and posts an access review report to the security Slack channel."
tags:
- identity
- security
- okta
- slack
- access-review
capability:
exposes:
- type: mcp
namespace: identity-review
port: 8080
tools:
- name: run-access-review
description: "Given an Okta group ID and a stale-threshold in days, list group members, filter for users whose last login exceeds the threshold, and post the stale-access list to Slack."
inputParameters:
- name: okta_group_id
in: body
type: string
description: "The Okta group ID to review member access for."
- name: stale_threshold_days
in: body
type: integer
description: "Number of days without login after which an account is considered stale."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the access review report."
steps:
- name: get-group-members
type: call
call: "okta-review.get-group-users"
with:
group_id: "{{okta_group_id}}"
- name: post-review-report
type: call
call: "slack-review.post-message"
with:
channel: "{{slack_channel}}"
text: "Access Review for Okta group {{okta_group_id}}: {{get-group-members.total}} members, {{get-group-members.stale_count}} accounts inactive for more than {{stale_threshold_days}} days."
consumes:
- namespace: okta-review
type: http
baseUri: "https://amazon.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: group-users
path: "/groups/{group_id}/users"
inputParameters:
- name: group_id
in: path
operations:
- name: get-group-users
method: GET
- namespace: slack-review
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta MFA Enforcement Audit
▼
security identity okta compliance slack jira
Audits all Okta users in a specified group to identify those without MFA enrolled, posts a remediation report to the security Slack channel, and creates a Jira compliance task.
naftiko: "0.5"
info:
label: "Okta MFA Enforcement Audit"
description: "Audits all Okta users in a specified group to identify those without MFA enrolled, posts a remediation report to the security Slack channel, and creates a Jira compliance task."
tags:
- security
- identity
- okta
- compliance
- slack
- jira
capability:
exposes:
- type: mcp
namespace: mfa-audit
port: 8080
tools:
- name: audit-mfa-enrollment
description: "Given an Okta group ID, list all users and check MFA enrollment status. Post a list of non-compliant users to the security Slack channel and create a Jira compliance task."
inputParameters:
- name: okta_group_id
in: body
type: string
description: "The Okta group ID to audit for MFA enrollment compliance."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the MFA compliance report."
- name: jira_project_key
in: body
type: string
description: "The Jira project key for the compliance tracking task."
steps:
- name: get-group-users
type: call
call: "okta-mfa.get-group-users"
with:
group_id: "{{okta_group_id}}"
- name: create-compliance-task
type: call
call: "jira-mfa.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Task"
summary: "MFA audit: {{get-group-users.non_mfa_count}} users without MFA in group {{okta_group_id}}"
description: "Non-compliant users: {{get-group-users.non_mfa_count}} out of {{get-group-users.total}}"
- name: post-mfa-report
type: call
call: "slack-mfa.post-message"
with:
channel: "{{slack_channel}}"
text: "MFA Audit: {{get-group-users.non_mfa_count}} / {{get-group-users.total}} users in group {{okta_group_id}} lack MFA. Jira: {{create-compliance-task.key}}"
consumes:
- namespace: okta-mfa
type: http
baseUri: "https://amazon.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: group-users
path: "/groups/{group_id}/users"
inputParameters:
- name: group_id
in: path
operations:
- name: get-group-users
method: GET
- namespace: jira-mfa
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-mfa
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Order Fulfillment Tracker
▼
ecommerce logistics fulfillment marketplace dynamodb
Retrieves order details from the Selling Partner API, checks shipment status, and updates a DynamoDB tracking table with the latest fulfillment state.
naftiko: "0.5"
info:
label: "Order Fulfillment Tracker"
description: "Retrieves order details from the Selling Partner API, checks shipment status, and updates a DynamoDB tracking table with the latest fulfillment state."
tags:
- ecommerce
- logistics
- fulfillment
- marketplace
- dynamodb
capability:
exposes:
- type: mcp
namespace: fulfillment-track
port: 8080
tools:
- name: track-order-fulfillment
description: "Track the fulfillment status of an Amazon marketplace order. Fetches order and shipment data, then updates the tracking database."
inputParameters:
- name: order_id
in: body
type: string
description: "The Amazon marketplace order ID to track."
steps:
- name: get-order
type: call
call: "sp-fulfill.get-order"
with:
order_id: "{{order_id}}"
- name: get-shipment
type: call
call: "sp-fulfill.get-shipment"
with:
order_id: "{{order_id}}"
- name: update-tracking
type: call
call: "dynamo-fulfill.put-item"
with:
table_name: "order-fulfillment-tracking"
order_id: "{{order_id}}"
order_status: "{{get-order.status}}"
shipment_status: "{{get-shipment.tracking_status}}"
consumes:
- namespace: sp-fulfill
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: order
path: "/orders/v0/orders/{order_id}"
inputParameters:
- name: order_id
in: path
operations:
- name: get-order
method: GET
- name: shipment
path: "/orders/v0/orders/{order_id}/shipment"
inputParameters:
- name: order_id
in: path
operations:
- name: get-shipment
method: GET
- namespace: dynamo-fulfill
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
PagerDuty On-Call Schedule Lookup
▼
itsm on-call pagerduty
Looks up who is currently on-call in PagerDuty for a given escalation policy and returns the on-call engineer's name and contact details.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Lookup"
description: "Looks up who is currently on-call in PagerDuty for a given escalation policy and returns the on-call engineer's name and contact details."
tags:
- itsm
- on-call
- pagerduty
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-oncall-engineer
description: "Given a PagerDuty escalation policy ID, return the name and contact details of the currently on-call engineer. Use when routing incidents or determining who to notify for a given service."
inputParameters:
- name: escalation_policy_id
in: body
type: string
description: "The PagerDuty escalation policy ID to look up the current on-call user for."
call: "pagerduty-lookup.get-oncall"
with:
escalation_policy_id: "{{escalation_policy_id}}"
outputParameters:
- name: oncall_name
type: string
mapping: "$.oncalls[0].user.summary"
- name: oncall_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- namespace: pagerduty-lookup
type: http
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: oncall
path: "/oncalls"
inputParameters:
- name: escalation_policy_id
in: query
operations:
- name: get-oncall
method: GET
Prime Delivery Delay Escalation
▼
ecommerce prime logistics customer-service servicenow ses
Detects Prime delivery delays by checking shipment tracking, creates a support ticket in ServiceNow, and sends the customer a proactive notification via SES.
naftiko: "0.5"
info:
label: "Prime Delivery Delay Escalation"
description: "Detects Prime delivery delays by checking shipment tracking, creates a support ticket in ServiceNow, and sends the customer a proactive notification via SES."
tags:
- ecommerce
- prime
- logistics
- customer-service
- servicenow
- ses
capability:
exposes:
- type: mcp
namespace: prime-delay
port: 8080
tools:
- name: escalate-delay
description: "Detect a Prime delivery delay, create a ServiceNow ticket, and proactively notify the customer via email."
inputParameters:
- name: order_id
in: body
type: string
description: "The order ID with a potential delivery delay."
- name: customer_email
in: body
type: string
description: "The customer email for proactive notification."
steps:
- name: check-shipment
type: call
call: "logistics-delay.get-shipment-tracking"
with:
order_id: "{{order_id}}"
- name: create-ticket
type: call
call: "servicenow-delay.create-incident"
with:
short_description: "Prime Delivery Delay: Order {{order_id}}"
description: "Shipment {{check-shipment.tracking_id}} delayed. Current status: {{check-shipment.status}}. Expected: {{check-shipment.expected_date}}."
- name: notify-customer
type: call
call: "ses-delay.send-email"
with:
to: "{{customer_email}}"
subject: "Update on your Amazon order {{order_id}}"
body: "We noticed a delay with your order. Current status: {{check-shipment.status}}. New estimated delivery: {{check-shipment.revised_date}}. We apologize for the inconvenience."
consumes:
- namespace: logistics-delay
type: http
baseUri: "https://api.amazon.com/logistics/v1"
authentication:
type: bearer
token: "$secrets.amazon_logistics_token"
resources:
- name: tracking
path: "/orders/{order_id}/tracking"
inputParameters:
- name: order_id
in: path
operations:
- name: get-shipment-tracking
method: GET
- namespace: servicenow-delay
type: http
baseUri: "https://amazon.service-now.com/api/now/table"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incident
path: "/incident"
operations:
- name: create-incident
method: POST
- namespace: ses-delay
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Prime Membership Status Lookup
▼
ecommerce prime customer
Checks the Prime membership status for a customer account and returns subscription tier and renewal date.
naftiko: "0.5"
info:
label: "Prime Membership Status Lookup"
description: "Checks the Prime membership status for a customer account and returns subscription tier and renewal date."
tags:
- ecommerce
- prime
- customer
capability:
exposes:
- type: mcp
namespace: prime-membership
port: 8080
tools:
- name: get-membership-status
description: "Look up the Prime membership status for a given customer ID. Returns tier, renewal date, and benefit details."
inputParameters:
- name: customer_id
in: body
type: string
description: "The Amazon customer ID to look up Prime status for."
call: "prime-api.get-membership"
with:
customer_id: "{{customer_id}}"
outputParameters:
- name: tier
type: string
mapping: "$.membership.tier"
- name: renewal_date
type: string
mapping: "$.membership.renewalDate"
consumes:
- namespace: prime-api
type: http
baseUri: "https://api.amazon.com/prime/v1"
authentication:
type: bearer
token: "$secrets.amazon_prime_token"
resources:
- name: membership
path: "/memberships/{customer_id}"
inputParameters:
- name: customer_id
in: path
operations:
- name: get-membership
method: GET
Prime Video Content Performance Report
▼
media prime-video analytics studios ses
Fetches viewership analytics for Prime Video content, generates a performance summary, and distributes it to stakeholders via email through SES.
naftiko: "0.5"
info:
label: "Prime Video Content Performance Report"
description: "Fetches viewership analytics for Prime Video content, generates a performance summary, and distributes it to stakeholders via email through SES."
tags:
- media
- prime-video
- analytics
- studios
- ses
capability:
exposes:
- type: mcp
namespace: pv-performance
port: 8080
tools:
- name: generate-content-report
description: "Generate a viewership performance report for Prime Video content and email it to stakeholders via SES."
inputParameters:
- name: content_id
in: body
type: string
description: "The Prime Video content ID (ASIN) to analyze."
- name: recipient_email
in: body
type: string
description: "The email address to send the report to."
steps:
- name: get-viewership
type: call
call: "pv-analytics.get-viewership"
with:
content_id: "{{content_id}}"
- name: get-content-metadata
type: call
call: "pv-analytics.get-content-info"
with:
content_id: "{{content_id}}"
- name: send-report
type: call
call: "ses-report.send-email"
with:
to: "{{recipient_email}}"
subject: "Performance Report: {{get-content-metadata.title}}"
body: "Title: {{get-content-metadata.title}}\nTotal Views: {{get-viewership.total_views}}\nCompletion Rate: {{get-viewership.completion_rate}}%\nAvg Watch Time: {{get-viewership.avg_watch_minutes}} min"
consumes:
- namespace: pv-analytics
type: http
baseUri: "https://api.amazonvideo.com/analytics/v1"
authentication:
type: bearer
token: "$secrets.prime_video_analytics_token"
resources:
- name: viewership
path: "/content/{content_id}/viewership"
inputParameters:
- name: content_id
in: path
operations:
- name: get-viewership
method: GET
- name: content-info
path: "/content/{content_id}"
inputParameters:
- name: content_id
in: path
operations:
- name: get-content-info
method: GET
- namespace: ses-report
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Product Catalog Search
▼
ecommerce catalog search
Searches the Amazon product catalog by keyword and returns matching product listings with prices and ratings.
naftiko: "0.5"
info:
label: "Product Catalog Search"
description: "Searches the Amazon product catalog by keyword and returns matching product listings with prices and ratings."
tags:
- ecommerce
- catalog
- search
capability:
exposes:
- type: mcp
namespace: catalog-search
port: 8080
tools:
- name: search-products
description: "Search the Amazon product catalog by keyword. Returns product titles, ASINs, prices, and ratings."
inputParameters:
- name: keywords
in: body
type: string
description: "The search keywords for product lookup."
- name: category
in: body
type: string
description: "The product category to filter by, e.g. Electronics."
call: "catalog-api.search-items"
with:
keywords: "{{keywords}}"
category: "{{category}}"
outputParameters:
- name: items
type: array
mapping: "$.SearchResult.Items"
consumes:
- namespace: catalog-api
type: http
baseUri: "https://webservices.amazon.com/paapi5"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.amazon_paapi_token"
placement: header
resources:
- name: items
path: "/searchitems"
inputParameters:
- name: keywords
in: body
- name: category
in: body
operations:
- name: search-items
method: POST
Production Deployment Rollout
▼
devops deployment github datadog slack
Orchestrates a production deployment by triggering a GitHub Actions workflow, creating a Datadog deployment marker, and posting a status notification to the Slack deployments channel.
naftiko: "0.5"
info:
label: "Production Deployment Rollout"
description: "Orchestrates a production deployment by triggering a GitHub Actions workflow, creating a Datadog deployment marker, and posting a status notification to the Slack deployments channel."
tags:
- devops
- deployment
- github
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: devops-deploy
port: 8080
tools:
- name: trigger-production-deploy
description: "Given a service name, version tag, and target environment, trigger a GitHub Actions deployment workflow, register a Datadog deployment marker, and notify the Slack deployments channel."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository in owner/repo format to deploy from."
- name: version_tag
in: body
type: string
description: "The git tag or commit SHA to deploy, e.g. v2.4.1."
- name: environment
in: body
type: string
description: "The target deployment environment: production, staging, or canary."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to post deployment status to."
steps:
- name: trigger-workflow
type: call
call: "github-deploy.trigger-workflow"
with:
repo: "{{repo}}"
ref: "{{version_tag}}"
workflow_id: "deploy.yml"
inputs: "{\"environment\":\"{{environment}}\"}"
- name: mark-deployment
type: call
call: "datadog-deploy.create-event"
with:
title: "Deployment: {{repo}} {{version_tag}} to {{environment}}"
text: "Workflow run triggered via Naftiko."
alert_type: "info"
- name: notify-channel
type: call
call: "slack-deploy.post-message"
with:
channel: "{{slack_channel}}"
text: "Deployment started: {{repo}} @ {{version_tag}} to {{environment}}."
consumes:
- namespace: github-deploy
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-dispatch
path: "/repos/{repo}/actions/workflows/{workflow_id}/dispatches"
inputParameters:
- name: repo
in: path
- name: workflow_id
in: path
operations:
- name: trigger-workflow
method: POST
- namespace: datadog-deploy
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: event
path: "/events"
operations:
- name: create-event
method: POST
- namespace: slack-deploy
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
RDS Snapshot and Notify
▼
cloud database backup aws rds slack
Creates an on-demand RDS database snapshot, checks its completion status, and notifies the DBA team via Slack when ready.
naftiko: "0.5"
info:
label: "RDS Snapshot and Notify"
description: "Creates an on-demand RDS database snapshot, checks its completion status, and notifies the DBA team via Slack when ready."
tags:
- cloud
- database
- backup
- aws
- rds
- slack
capability:
exposes:
- type: mcp
namespace: rds-backup
port: 8080
tools:
- name: snapshot-and-notify
description: "Create an RDS snapshot, verify its status, and notify the DBA team when complete."
inputParameters:
- name: db_instance_id
in: body
type: string
description: "The RDS database instance identifier."
- name: snapshot_id
in: body
type: string
description: "The desired snapshot identifier."
- name: slack_channel
in: body
type: string
description: "Slack channel for DBA notifications."
steps:
- name: create-snapshot
type: call
call: "rds-api.create-db-snapshot"
with:
db_instance_id: "{{db_instance_id}}"
snapshot_id: "{{snapshot_id}}"
- name: check-status
type: call
call: "rds-api.describe-db-snapshot"
with:
snapshot_id: "{{snapshot_id}}"
- name: notify-team
type: call
call: "slack-rds.post-message"
with:
channel: "{{slack_channel}}"
text: "RDS Snapshot {{snapshot_id}} for {{db_instance_id}}: Status {{check-status.status}}. Created at {{check-status.created_at}}."
consumes:
- namespace: rds-api
type: http
baseUri: "https://rds.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_rds_token"
placement: header
resources:
- name: snapshot
path: "/"
operations:
- name: create-db-snapshot
method: POST
- name: describe-db-snapshot
method: GET
- namespace: slack-rds
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Redshift Cluster Status
▼
cloud data-warehouse aws redshift
Returns the current status, node count, and storage utilization for an Amazon Redshift cluster.
naftiko: "0.5"
info:
label: "Redshift Cluster Status"
description: "Returns the current status, node count, and storage utilization for an Amazon Redshift cluster."
tags:
- cloud
- data-warehouse
- aws
- redshift
capability:
exposes:
- type: mcp
namespace: redshift-status
port: 8080
tools:
- name: describe-cluster
description: "Get the status, node count, and configuration for a Redshift cluster."
inputParameters:
- name: cluster_identifier
in: body
type: string
description: "The Redshift cluster identifier to describe."
call: "redshift-api.describe-cluster"
with:
cluster_identifier: "{{cluster_identifier}}"
outputParameters:
- name: status
type: string
mapping: "$.Clusters[0].ClusterStatus"
- name: node_count
type: number
mapping: "$.Clusters[0].NumberOfNodes"
consumes:
- namespace: redshift-api
type: http
baseUri: "https://redshift.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_redshift_token"
placement: header
resources:
- name: cluster
path: "/"
inputParameters:
- name: cluster_identifier
in: query
operations:
- name: describe-cluster
method: GET
Redshift ETL Pipeline Monitor
▼
cloud data-warehouse etl aws redshift slack
Checks Redshift query execution status, validates row counts against expected thresholds, and posts ETL health reports to a Slack channel.
naftiko: "0.5"
info:
label: "Redshift ETL Pipeline Monitor"
description: "Checks Redshift query execution status, validates row counts against expected thresholds, and posts ETL health reports to a Slack channel."
tags:
- cloud
- data-warehouse
- etl
- aws
- redshift
- slack
capability:
exposes:
- type: mcp
namespace: redshift-etl
port: 8080
tools:
- name: monitor-etl-pipeline
description: "Check the status of a Redshift ETL query, validate output row counts, and report pipeline health to Slack."
inputParameters:
- name: query_id
in: body
type: string
description: "The Redshift query execution ID to monitor."
- name: expected_row_count
in: body
type: number
description: "The minimum expected row count for validation."
- name: slack_channel
in: body
type: string
description: "The Slack channel for ETL health reports."
steps:
- name: get-query-status
type: call
call: "redshift-etl-api.describe-statement"
with:
query_id: "{{query_id}}"
- name: get-row-count
type: call
call: "redshift-etl-api.get-statement-result"
with:
query_id: "{{query_id}}"
- name: post-report
type: call
call: "slack-etl.post-message"
with:
channel: "{{slack_channel}}"
text: "ETL Pipeline Report: Query {{query_id}} status: {{get-query-status.status}}. Rows loaded: {{get-row-count.total_rows}} (expected: {{expected_row_count}})."
consumes:
- namespace: redshift-etl-api
type: http
baseUri: "https://redshift-data.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_redshift_data_token"
placement: header
resources:
- name: statement
path: "/"
inputParameters:
- name: query_id
in: body
operations:
- name: describe-statement
method: POST
- name: get-statement-result
method: POST
- namespace: slack-etl
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Role Change Provisioning
▼
hr role-change workday okta slack identity
When an employee's role changes in Workday, updates their Okta group memberships to reflect the new role's permissions and notifies the manager via Slack.
naftiko: "0.5"
info:
label: "Role Change Provisioning"
description: "When an employee's role changes in Workday, updates their Okta group memberships to reflect the new role's permissions and notifies the manager via Slack."
tags:
- hr
- role-change
- workday
- okta
- slack
- identity
capability:
exposes:
- type: mcp
namespace: hr-role-change
port: 8080
tools:
- name: sync-role-permissions
description: "Given a Workday employee ID and new role ID, update the employee's Okta group memberships to match the new role and notify their manager in Slack."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID of the employee whose role has changed."
- name: new_okta_group_id
in: body
type: string
description: "The Okta group ID corresponding to the new role's permission set."
- name: manager_slack_id
in: body
type: string
description: "The Slack user ID of the employee's manager for notification."
steps:
- name: get-employee
type: call
call: "workday-rc.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: add-okta-group
type: call
call: "okta-rc.add-user-to-group"
with:
group_id: "{{new_okta_group_id}}"
user_id: "{{get-employee.okta_user_id}}"
- name: notify-manager
type: call
call: "slack-rc.post-message"
with:
channel: "{{manager_slack_id}}"
text: "Role update complete for {{get-employee.full_name}}. Okta permissions updated for group {{new_okta_group_id}}."
consumes:
- namespace: workday-rc
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker
path: "/workers/{worker_id}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- namespace: okta-rc
type: http
baseUri: "https://amazon.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: group-member
path: "/groups/{group_id}/users/{user_id}"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: add-user-to-group
method: PUT
- namespace: slack-rc
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Route 53 DNS Record Lookup
▼
cloud networking aws dns
Lists DNS resource record sets for a given Route 53 hosted zone and returns matching records.
naftiko: "0.5"
info:
label: "Route 53 DNS Record Lookup"
description: "Lists DNS resource record sets for a given Route 53 hosted zone and returns matching records."
tags:
- cloud
- networking
- aws
- dns
capability:
exposes:
- type: mcp
namespace: route53-dns
port: 8080
tools:
- name: list-records
description: "List all DNS records in a Route 53 hosted zone. Use to audit or verify DNS configurations."
inputParameters:
- name: hosted_zone_id
in: body
type: string
description: "The Route 53 hosted zone ID to list records for."
call: "route53-api.list-record-sets"
with:
hosted_zone_id: "{{hosted_zone_id}}"
outputParameters:
- name: records
type: array
mapping: "$.ResourceRecordSets"
consumes:
- namespace: route53-api
type: http
baseUri: "https://route53.amazonaws.com/2013-04-01"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_route53_token"
placement: header
resources:
- name: record-sets
path: "/hostedzone/{hosted_zone_id}/rrset"
inputParameters:
- name: hosted_zone_id
in: path
operations:
- name: list-record-sets
method: GET
S3 Bucket Compliance Scanner
▼
cloud security compliance aws s3 dynamodb sns
Scans S3 buckets for public access misconfigurations, logs findings to DynamoDB, and alerts the security team via SNS.
naftiko: "0.5"
info:
label: "S3 Bucket Compliance Scanner"
description: "Scans S3 buckets for public access misconfigurations, logs findings to DynamoDB, and alerts the security team via SNS."
tags:
- cloud
- security
- compliance
- aws
- s3
- dynamodb
- sns
capability:
exposes:
- type: mcp
namespace: s3-compliance
port: 8080
tools:
- name: scan-bucket-access
description: "Scan an S3 bucket for public access settings, record findings in DynamoDB, and alert via SNS if misconfigured."
inputParameters:
- name: bucket_name
in: body
type: string
description: "The S3 bucket name to scan for public access."
- name: sns_topic_arn
in: body
type: string
description: "The SNS topic ARN for security alerts."
steps:
- name: check-public-access
type: call
call: "s3-scan.get-public-access-block"
with:
bucket_name: "{{bucket_name}}"
- name: log-finding
type: call
call: "dynamo-scan.put-item"
with:
table_name: "s3-compliance-findings"
bucket_name: "{{bucket_name}}"
public_access: "{{check-public-access.public_access_block}}"
- name: send-alert
type: call
call: "sns-scan.publish"
with:
topic_arn: "{{sns_topic_arn}}"
message: "S3 Compliance Finding: {{bucket_name}} public access config: {{check-public-access.public_access_block}}"
consumes:
- namespace: s3-scan
type: http
baseUri: "https://s3.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_s3_token"
placement: header
resources:
- name: public-access
path: "/{bucket_name}?publicAccessBlock"
inputParameters:
- name: bucket_name
in: path
operations:
- name: get-public-access-block
method: GET
- namespace: dynamo-scan
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
- namespace: sns-scan
type: http
baseUri: "https://sns.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sns_token"
placement: header
resources:
- name: publish
path: "/"
operations:
- name: publish
method: POST
S3 Bucket Listing
▼
cloud storage aws s3
Lists all S3 buckets in the AWS account and returns their names, creation dates, and regions.
naftiko: "0.5"
info:
label: "S3 Bucket Listing"
description: "Lists all S3 buckets in the AWS account and returns their names, creation dates, and regions."
tags:
- cloud
- storage
- aws
- s3
capability:
exposes:
- type: mcp
namespace: s3-listing
port: 8080
tools:
- name: list-buckets
description: "List all S3 buckets in the AWS account. Returns bucket names, creation dates, and region information."
inputParameters:
- name: region
in: body
type: string
description: "The AWS region to filter buckets by, e.g. us-east-1."
call: "s3-api.list-buckets"
with:
region: "{{region}}"
outputParameters:
- name: bucket_count
type: number
mapping: "$.Buckets.length"
- name: buckets
type: array
mapping: "$.Buckets"
consumes:
- namespace: s3-api
type: http
baseUri: "https://s3.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_s3_token"
placement: header
resources:
- name: buckets
path: "/"
inputParameters:
- name: region
in: query
operations:
- name: list-buckets
method: GET
SageMaker Model Deployment Pipeline
▼
cloud machine-learning deployment aws sagemaker dynamodb
Deploys a SageMaker model to an endpoint, runs a validation inference, and records the deployment in DynamoDB for tracking.
naftiko: "0.5"
info:
label: "SageMaker Model Deployment Pipeline"
description: "Deploys a SageMaker model to an endpoint, runs a validation inference, and records the deployment in DynamoDB for tracking."
tags:
- cloud
- machine-learning
- deployment
- aws
- sagemaker
- dynamodb
capability:
exposes:
- type: mcp
namespace: sagemaker-deploy
port: 8080
tools:
- name: deploy-model
description: "Deploy a SageMaker model to an endpoint, validate with a test inference, and log the deployment."
inputParameters:
- name: model_name
in: body
type: string
description: "The SageMaker model name to deploy."
- name: endpoint_name
in: body
type: string
description: "The target SageMaker endpoint name."
- name: instance_type
in: body
type: string
description: "The instance type for the endpoint, e.g. ml.m5.large."
steps:
- name: create-endpoint-config
type: call
call: "sagemaker-api.create-endpoint-config"
with:
model_name: "{{model_name}}"
endpoint_name: "{{endpoint_name}}"
instance_type: "{{instance_type}}"
- name: update-endpoint
type: call
call: "sagemaker-api.update-endpoint"
with:
endpoint_name: "{{endpoint_name}}"
config_name: "{{create-endpoint-config.config_name}}"
- name: log-deployment
type: call
call: "dynamo-ml.put-item"
with:
table_name: "ml-deployments"
model_name: "{{model_name}}"
endpoint_name: "{{endpoint_name}}"
status: "{{update-endpoint.status}}"
consumes:
- namespace: sagemaker-api
type: http
baseUri: "https://api.sagemaker.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sagemaker_token"
placement: header
resources:
- name: endpoint-config
path: "/"
operations:
- name: create-endpoint-config
method: POST
- name: endpoint
path: "/"
operations:
- name: update-endpoint
method: POST
- namespace: dynamo-ml
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
Salesforce Case Escalation to ServiceNow
▼
customer-support crm salesforce servicenow pagerduty escalation
When a Salesforce support case is escalated to priority 1, creates a linked ServiceNow incident and pages the on-call support engineer via PagerDuty.
naftiko: "0.5"
info:
label: "Salesforce Case Escalation to ServiceNow"
description: "When a Salesforce support case is escalated to priority 1, creates a linked ServiceNow incident and pages the on-call support engineer via PagerDuty."
tags:
- customer-support
- crm
- salesforce
- servicenow
- pagerduty
- escalation
capability:
exposes:
- type: mcp
namespace: support-escalation
port: 8080
tools:
- name: escalate-case-to-p1
description: "Given a Salesforce case ID and PagerDuty service key, fetch the case details, open a linked ServiceNow incident, and page the on-call support engineer."
inputParameters:
- name: case_id
in: body
type: string
description: "The Salesforce case ID to escalate, e.g. 5005g00000ABC."
- name: pagerduty_service_key
in: body
type: string
description: "The PagerDuty service integration key for routing the escalation page."
steps:
- name: get-case
type: call
call: "salesforce-esc.get-case"
with:
case_id: "{{case_id}}"
- name: create-incident
type: call
call: "servicenow-esc.create-incident"
with:
short_description: "P1 Escalation: {{get-case.subject}}"
description: "Salesforce Case: {{case_id}}\nAccount: {{get-case.account_name}}\nDescription: {{get-case.description}}"
urgency: "1"
impact: "1"
- name: page-oncall
type: call
call: "pagerduty-esc.create-incident"
with:
service_key: "{{pagerduty_service_key}}"
description: "P1 support escalation: {{get-case.subject}}"
incident_key: "sf-{{case_id}}"
consumes:
- namespace: salesforce-esc
type: http
baseUri: "https://amazon.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: case
path: "/sobjects/Case/{case_id}"
inputParameters:
- name: case_id
in: path
operations:
- name: get-case
method: GET
- namespace: servicenow-esc
type: http
baseUri: "https://amazon.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
operations:
- name: create-incident
method: POST
- namespace: pagerduty-esc
type: http
baseUri: "https://events.pagerduty.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident
path: "/enqueue"
operations:
- name: create-incident
method: POST
Salesforce Customer Health Score Update
▼
crm customer-success salesforce datadog health-score
Queries Datadog for a customer's service usage metrics, calculates a health score, and updates the corresponding Salesforce account record with the latest health indicator.
naftiko: "0.5"
info:
label: "Salesforce Customer Health Score Update"
description: "Queries Datadog for a customer's service usage metrics, calculates a health score, and updates the corresponding Salesforce account record with the latest health indicator."
tags:
- crm
- customer-success
- salesforce
- datadog
- health-score
capability:
exposes:
- type: mcp
namespace: cs-ops
port: 8080
tools:
- name: update-customer-health-score
description: "Given a Salesforce account ID and the customer's Datadog service tag, fetch usage and error metrics from Datadog and update the Salesforce account's health score field."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID for the customer to update, e.g. 0015g00001XYZ."
- name: datadog_service_tag
in: body
type: string
description: "The Datadog service tag used to identify the customer's usage metrics."
steps:
- name: get-metrics
type: call
call: "datadog-cs.query-metrics"
with:
query: "avg:trace.web.request.hits{service:{{datadog_service_tag}}}.rollup(sum, 86400)"
- name: update-account
type: call
call: "salesforce-cs.update-account"
with:
account_id: "{{account_id}}"
health_score: "{{get-metrics.value}}"
consumes:
- namespace: datadog-cs
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- namespace: salesforce-cs
type: http
baseUri: "https://amazon.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: account
path: "/sobjects/Account/{account_id}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
Salesforce Lead Enrichment
▼
sales crm lead-enrichment salesforce zoominfo
Enriches an inbound Salesforce lead with ZoomInfo company and contact data, updates the lead record, and assigns it to the appropriate Salesforce queue.
naftiko: "0.5"
info:
label: "Salesforce Lead Enrichment"
description: "Enriches an inbound Salesforce lead with ZoomInfo company and contact data, updates the lead record, and assigns it to the appropriate Salesforce queue."
tags:
- sales
- crm
- lead-enrichment
- salesforce
- zoominfo
capability:
exposes:
- type: mcp
namespace: sales-enrichment
port: 8080
tools:
- name: enrich-lead
description: "Given a Salesforce lead ID, look up the contact in ZoomInfo, update the Salesforce lead record with enriched firmographic data, and assign it to the correct sales queue."
inputParameters:
- name: lead_id
in: body
type: string
description: "The Salesforce lead ID to enrich, e.g. 00Q5g00001ABC."
- name: queue_id
in: body
type: string
description: "The Salesforce queue ID to assign the enriched lead to."
steps:
- name: get-lead
type: call
call: "salesforce-enrich.get-lead"
with:
lead_id: "{{lead_id}}"
- name: lookup-zoominfo
type: call
call: "zoominfo.search-contact"
with:
email: "{{get-lead.email}}"
company_name: "{{get-lead.company}}"
- name: update-lead
type: call
call: "salesforce-enrich.update-lead"
with:
lead_id: "{{lead_id}}"
annual_revenue: "{{lookup-zoominfo.revenue}}"
employee_count: "{{lookup-zoominfo.employee_count}}"
industry: "{{lookup-zoominfo.industry}}"
owner_id: "{{queue_id}}"
consumes:
- namespace: salesforce-enrich
type: http
baseUri: "https://amazon.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: lead
path: "/sobjects/Lead/{lead_id}"
inputParameters:
- name: lead_id
in: path
operations:
- name: get-lead
method: GET
- name: update-lead
method: PATCH
- namespace: zoominfo
type: http
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: contact
path: "/contact"
operations:
- name: search-contact
method: POST
Salesforce Opportunity Sync to Jira
▼
sales crm salesforce jira slack opportunity
When a Salesforce opportunity moves to Closed Won, creates a Jira epic for the delivery team and posts a handoff notification to the sales Slack channel.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Sync to Jira"
description: "When a Salesforce opportunity moves to Closed Won, creates a Jira epic for the delivery team and posts a handoff notification to the sales Slack channel."
tags:
- sales
- crm
- salesforce
- jira
- slack
- opportunity
capability:
exposes:
- type: mcp
namespace: sales-ops
port: 8080
tools:
- name: sync-opportunity-to-delivery
description: "Given a Salesforce opportunity ID, fetch opportunity details, create a Jira epic for the delivery team, and post a handoff message in Slack. Invoke when an opportunity is marked Closed Won."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce opportunity ID for the closed-won deal, e.g. 0065g00000XYZ."
- name: jira_project_key
in: body
type: string
description: "The Jira project key where the delivery epic should be created."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to post the sales-to-delivery handoff message."
steps:
- name: get-opportunity
type: call
call: "salesforce.get-opportunity"
with:
opportunity_id: "{{opportunity_id}}"
- name: create-epic
type: call
call: "jira-sales.create-issue"
with:
project_key: "{{jira_project_key}}"
issuetype: "Epic"
summary: "Delivery: {{get-opportunity.name}}"
description: "Account: {{get-opportunity.account_name}}\nValue: {{get-opportunity.amount}}\nClose Date: {{get-opportunity.close_date}}"
- name: post-handoff
type: call
call: "slack-sales.post-message"
with:
channel: "{{slack_channel}}"
text: "Closed Won: {{get-opportunity.name}} ({{get-opportunity.amount}}). Delivery epic created: {{create-epic.key}}"
consumes:
- namespace: salesforce
type: http
baseUri: "https://amazon.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunity
path: "/sobjects/Opportunity/{opportunity_id}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- namespace: jira-sales
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-sales
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Renewal Opportunity Creator
▼
sales crm salesforce renewal
When a Salesforce subscription account is within 90 days of renewal, automatically creates a renewal opportunity, sets the close date, and assigns it to the account owner.
naftiko: "0.5"
info:
label: "Salesforce Renewal Opportunity Creator"
description: "When a Salesforce subscription account is within 90 days of renewal, automatically creates a renewal opportunity, sets the close date, and assigns it to the account owner."
tags:
- sales
- crm
- salesforce
- renewal
capability:
exposes:
- type: mcp
namespace: sales-renewal
port: 8080
tools:
- name: create-renewal-opportunity
description: "Given a Salesforce account ID and contract end date, create a renewal opportunity record on the account with a 90-day close target and assign it to the account owner."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID of the customer approaching renewal."
- name: contract_end_date
in: body
type: string
description: "The contract end date in YYYY-MM-DD format used to set the renewal opportunity close date."
- name: renewal_amount
in: body
type: number
description: "The expected renewal contract value in USD."
steps:
- name: get-account
type: call
call: "salesforce-renewal.get-account"
with:
account_id: "{{account_id}}"
- name: create-opportunity
type: call
call: "salesforce-renewal.create-opportunity"
with:
account_id: "{{account_id}}"
name: "Renewal: {{get-account.name}}"
close_date: "{{contract_end_date}}"
stage_name: "Renewal"
amount: "{{renewal_amount}}"
owner_id: "{{get-account.owner_id}}"
consumes:
- namespace: salesforce-renewal
type: http
baseUri: "https://amazon.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: account
path: "/sobjects/Account/{account_id}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- name: opportunity
path: "/sobjects/Opportunity"
operations:
- name: create-opportunity
method: POST
Secrets Manager Secret Retrieve
▼
cloud security aws secrets-manager
Retrieves the current value of a secret stored in AWS Secrets Manager by secret name or ARN.
naftiko: "0.5"
info:
label: "Secrets Manager Secret Retrieve"
description: "Retrieves the current value of a secret stored in AWS Secrets Manager by secret name or ARN."
tags:
- cloud
- security
- aws
- secrets-manager
capability:
exposes:
- type: mcp
namespace: secrets-mgr
port: 8080
tools:
- name: get-secret-value
description: "Retrieve the current value of a secret from AWS Secrets Manager. Returns the secret string or binary."
inputParameters:
- name: secret_id
in: body
type: string
description: "The secret name or ARN to retrieve."
call: "secrets-api.get-secret-value"
with:
secret_id: "{{secret_id}}"
outputParameters:
- name: secret_string
type: string
mapping: "$.SecretString"
consumes:
- namespace: secrets-api
type: http
baseUri: "https://secretsmanager.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_secrets_token"
placement: header
resources:
- name: secret
path: "/"
inputParameters:
- name: secret_id
in: body
operations:
- name: get-secret-value
method: POST
Seller Central Order Lookup
▼
ecommerce marketplace seller-central
Retrieves order details from Amazon Seller Central by order ID for marketplace seller operations.
naftiko: "0.5"
info:
label: "Seller Central Order Lookup"
description: "Retrieves order details from Amazon Seller Central by order ID for marketplace seller operations."
tags:
- ecommerce
- marketplace
- seller-central
capability:
exposes:
- type: mcp
namespace: seller-orders
port: 8080
tools:
- name: get-order
description: "Look up a specific order from Amazon Seller Central by order ID. Returns buyer info, items, and status."
inputParameters:
- name: order_id
in: body
type: string
description: "The Amazon Marketplace order ID to retrieve."
call: "sp-api.get-order"
with:
order_id: "{{order_id}}"
outputParameters:
- name: order_status
type: string
mapping: "$.payload.OrderStatus"
- name: order_total
type: number
mapping: "$.payload.OrderTotal.Amount"
consumes:
- namespace: sp-api
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: order
path: "/orders/v0/orders/{order_id}"
inputParameters:
- name: order_id
in: path
operations:
- name: get-order
method: GET
Seller Product Listing Optimizer
▼
ecommerce marketplace seo seller-central slack
Analyzes a product listing on Amazon Marketplace for SEO quality, fetches competitor pricing, and suggests optimized title and keywords to a Slack channel.
naftiko: "0.5"
info:
label: "Seller Product Listing Optimizer"
description: "Analyzes a product listing on Amazon Marketplace for SEO quality, fetches competitor pricing, and suggests optimized title and keywords to a Slack channel."
tags:
- ecommerce
- marketplace
- seo
- seller-central
- slack
capability:
exposes:
- type: mcp
namespace: listing-optimizer
port: 8080
tools:
- name: optimize-listing
description: "Analyze a marketplace product listing, compare with competitor pricing, and post optimization suggestions to Slack."
inputParameters:
- name: asin
in: body
type: string
description: "The ASIN of the product listing to optimize."
- name: slack_channel
in: body
type: string
description: "The Slack channel to post optimization suggestions."
steps:
- name: get-listing
type: call
call: "sp-listing.get-listing"
with:
asin: "{{asin}}"
- name: get-competitive-pricing
type: call
call: "sp-listing.get-competitive-pricing"
with:
asin: "{{asin}}"
- name: post-suggestions
type: call
call: "slack-listing.post-message"
with:
channel: "{{slack_channel}}"
text: "Listing Optimization for ASIN {{asin}}:\nCurrent title: {{get-listing.title}}\nYour price: {{get-listing.price}}\nLowest competitor: {{get-competitive-pricing.lowest_price}}\nSuggestion: Review keywords and consider competitive repricing."
consumes:
- namespace: sp-listing
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: listing
path: "/listings/2021-08-01/items/ATVPDKIKX0DER/{asin}"
inputParameters:
- name: asin
in: path
operations:
- name: get-listing
method: GET
- name: competitive-pricing
path: "/products/pricing/v0/competitivePrice"
inputParameters:
- name: asin
in: query
operations:
- name: get-competitive-pricing
method: GET
- namespace: slack-listing
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ServiceNow Change Request Approval Gate
▼
itsm change-management servicenow datadog approval
Fetches a pending ServiceNow change request, checks Datadog service health for the affected service, and automatically approves or escalates the change based on current system stability.
naftiko: "0.5"
info:
label: "ServiceNow Change Request Approval Gate"
description: "Fetches a pending ServiceNow change request, checks Datadog service health for the affected service, and automatically approves or escalates the change based on current system stability."
tags:
- itsm
- change-management
- servicenow
- datadog
- approval
capability:
exposes:
- type: mcp
namespace: itsm-change
port: 8080
tools:
- name: evaluate-change-request
description: "Given a ServiceNow change request number and Datadog service name, check current service health metrics and either approve the change or escalate it with a health report attached."
inputParameters:
- name: change_number
in: body
type: string
description: "The ServiceNow change request number, e.g. CHG0012345."
- name: service_name
in: body
type: string
description: "The Datadog service name to check health for before approving the change."
steps:
- name: get-change
type: call
call: "servicenow-chg.get-change"
with:
number: "{{change_number}}"
- name: check-health
type: call
call: "datadog-chg.query-metrics"
with:
query: "avg:trace.web.request.errors{service:{{service_name}}}.rollup(avg, 300)"
- name: update-change
type: call
call: "servicenow-chg.update-change"
with:
sys_id: "{{get-change.sys_id}}"
work_notes: "Automated health check: error rate = {{check-health.value}}. Change proceed status updated."
consumes:
- namespace: servicenow-chg
type: http
baseUri: "https://amazon.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: change
path: "/table/change_request"
inputParameters:
- name: number
in: query
operations:
- name: get-change
method: GET
- name: update-change
method: PATCH
- namespace: datadog-chg
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
SES Bounce Rate Monitor
▼
cloud email monitoring aws ses cloudwatch sns
Checks SES account sending statistics for bounce and complaint rates, logs metrics to CloudWatch, and alerts via SNS if rates exceed thresholds.
naftiko: "0.5"
info:
label: "SES Bounce Rate Monitor"
description: "Checks SES account sending statistics for bounce and complaint rates, logs metrics to CloudWatch, and alerts via SNS if rates exceed thresholds."
tags:
- cloud
- email
- monitoring
- aws
- ses
- cloudwatch
- sns
capability:
exposes:
- type: mcp
namespace: ses-monitor
port: 8080
tools:
- name: monitor-bounce-rate
description: "Check SES bounce and complaint rates, log to CloudWatch, and alert via SNS if thresholds are exceeded."
inputParameters:
- name: bounce_threshold
in: body
type: number
description: "Maximum acceptable bounce rate percentage."
- name: sns_topic_arn
in: body
type: string
description: "SNS topic ARN for email health alerts."
steps:
- name: get-send-stats
type: call
call: "ses-stats.get-account-stats"
with: {}
- name: log-metrics
type: call
call: "cw-ses.put-metric-data"
with:
namespace: "Custom/SESHealth"
metric_name: "BounceRate"
value: "{{get-send-stats.bounce_rate}}"
- name: send-alert
type: call
call: "sns-ses.publish"
with:
topic_arn: "{{sns_topic_arn}}"
message: "SES Bounce Rate Alert: Current rate {{get-send-stats.bounce_rate}}% exceeds threshold {{bounce_threshold}}%."
consumes:
- namespace: ses-stats
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: account
path: "/email/account"
operations:
- name: get-account-stats
method: GET
- namespace: cw-ses
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: put-metric-data
method: POST
- namespace: sns-ses
type: http
baseUri: "https://sns.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sns_token"
placement: header
resources:
- name: publish
path: "/"
operations:
- name: publish
method: POST
Snowflake Data Pipeline Health Monitor
▼
data analytics monitoring snowflake jira slack
Queries Snowflake task history to detect failed or long-running data pipeline tasks, creates a Jira data-engineering ticket, and posts an alert to the data-platform Slack channel.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Health Monitor"
description: "Queries Snowflake task history to detect failed or long-running data pipeline tasks, creates a Jira data-engineering ticket, and posts an alert to the data-platform Slack channel."
tags:
- data
- analytics
- monitoring
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: monitor-pipeline-health
description: "Given a Snowflake database and schema, query task execution history for failures or SLA breaches, open a Jira ticket for investigation, and alert the data-platform Slack channel."
inputParameters:
- name: snowflake_database
in: body
type: string
description: "The Snowflake database name to check task history for, e.g. ANALYTICS_PROD."
- name: snowflake_schema
in: body
type: string
description: "The Snowflake schema containing the monitored tasks."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the data-platform alert."
steps:
- name: check-tasks
type: call
call: "snowflake.query-task-history"
with:
database: "{{snowflake_database}}"
schema: "{{snowflake_schema}}"
- name: create-ticket
type: call
call: "jira-data.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Pipeline health issue detected in {{snowflake_database}}.{{snowflake_schema}}"
description: "Failed tasks: {{check-tasks.failed_count}}. Last failure: {{check-tasks.last_failed_task}}"
- name: post-alert
type: call
call: "slack-data.post-message"
with:
channel: "{{slack_channel}}"
text: "Data Pipeline Alert: {{check-tasks.failed_count}} failed tasks in {{snowflake_database}}. Jira: {{create-ticket.key}}"
consumes:
- namespace: snowflake
type: http
baseUri: "https://amazon.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/{database}/schemas/{schema}/tasks"
inputParameters:
- name: database
in: path
- name: schema
in: path
operations:
- name: query-task-history
method: GET
- namespace: jira-data
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-data
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Data Quality Gate
▼
data analytics data-quality snowflake jira slack
Runs a data quality check query against a Snowflake table, and if null counts or row anomalies exceed acceptable thresholds, creates a Jira data-quality ticket and alerts the data-platform Slack channel.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Gate"
description: "Runs a data quality check query against a Snowflake table, and if null counts or row anomalies exceed acceptable thresholds, creates a Jira data-quality ticket and alerts the data-platform Slack channel."
tags:
- data
- analytics
- data-quality
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: dq-ops
port: 8080
tools:
- name: run-data-quality-check
description: "Given a Snowflake table fully qualified name and a null threshold percentage, run a data quality query. If null rate exceeds the threshold, create a Jira DQ ticket and post a Slack alert."
inputParameters:
- name: table_fqn
in: body
type: string
description: "The fully qualified Snowflake table name to check, e.g. ANALYTICS_PROD.SALES.ORDERS."
- name: null_threshold_pct
in: body
type: number
description: "Maximum allowable null percentage in the critical columns (0–100)."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to notify when a data quality issue is found."
steps:
- name: run-dq-query
type: call
call: "snowflake-dq.run-statement"
with:
statement: "SELECT COUNT_IF(order_id IS NULL) / COUNT(*) * 100 AS null_pct FROM {{table_fqn}}"
- name: create-dq-ticket
type: call
call: "jira-dq.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Data quality issue: {{table_fqn}} null rate = {{run-dq-query.null_pct}}%"
description: "Table: {{table_fqn}}\nNull rate: {{run-dq-query.null_pct}}%\nThreshold: {{null_threshold_pct}}%"
- name: post-dq-alert
type: call
call: "slack-dq.post-message"
with:
channel: "{{slack_channel}}"
text: "Data Quality Alert: {{table_fqn}} null rate = {{run-dq-query.null_pct}}% (max {{null_threshold_pct}}%). Jira: {{create-dq-ticket.key}}"
consumes:
- namespace: snowflake-dq
type: http
baseUri: "https://amazon.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statement
path: "/statements"
operations:
- name: run-statement
method: POST
- namespace: jira-dq
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-dq
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Query Performance Digest
▼
data analytics reporting snowflake slack
Queries Snowflake for long-running or expensive queries over the past 24 hours and publishes a performance digest to the data-platform Slack channel.
naftiko: "0.5"
info:
label: "Snowflake Query Performance Digest"
description: "Queries Snowflake for long-running or expensive queries over the past 24 hours and publishes a performance digest to the data-platform Slack channel."
tags:
- data
- analytics
- reporting
- snowflake
- slack
capability:
exposes:
- type: mcp
namespace: data-reporting
port: 8080
tools:
- name: digest-query-performance
description: "Query the Snowflake QUERY_HISTORY view for the top expensive queries in the last 24 hours and post a performance digest to Slack. Invoke for daily data-platform health review."
inputParameters:
- name: warehouse_name
in: body
type: string
description: "The Snowflake virtual warehouse name to analyze, e.g. COMPUTE_WH."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the performance digest will be posted."
steps:
- name: get-query-history
type: call
call: "snowflake-perf.get-query-history"
with:
warehouse_name: "{{warehouse_name}}"
- name: post-digest
type: call
call: "slack-perf.post-message"
with:
channel: "{{slack_channel}}"
text: "Snowflake Query Digest (24h) for {{warehouse_name}}: {{get-query-history.total_queries}} queries, avg execution: {{get-query-history.avg_execution_ms}}ms, credits used: {{get-query-history.credits_used}}."
consumes:
- namespace: snowflake-perf
type: http
baseUri: "https://amazon.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: query-history
path: "/queries/history"
inputParameters:
- name: warehouse_name
in: query
operations:
- name: get-query-history
method: GET
- namespace: slack-perf
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
SNS Topic List
▼
cloud messaging aws sns
Lists all SNS topics in the AWS account and returns their ARNs for notification management.
naftiko: "0.5"
info:
label: "SNS Topic List"
description: "Lists all SNS topics in the AWS account and returns their ARNs for notification management."
tags:
- cloud
- messaging
- aws
- sns
capability:
exposes:
- type: mcp
namespace: sns-topics
port: 8080
tools:
- name: list-topics
description: "List all SNS topics in the AWS account. Returns topic ARNs for use in notification workflows."
inputParameters:
- name: next_token
in: body
type: string
description: "Pagination token for listing topics. Pass empty string for first page."
call: "sns-api.list-topics"
with:
next_token: "{{next_token}}"
outputParameters:
- name: topics
type: array
mapping: "$.Topics"
consumes:
- namespace: sns-api
type: http
baseUri: "https://sns.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sns_token"
placement: header
resources:
- name: topics
path: "/"
inputParameters:
- name: next_token
in: query
operations:
- name: list-topics
method: GET
SQS Queue Depth Check
▼
cloud messaging aws sqs
Retrieves the approximate number of messages in an SQS queue to monitor backlog health.
naftiko: "0.5"
info:
label: "SQS Queue Depth Check"
description: "Retrieves the approximate number of messages in an SQS queue to monitor backlog health."
tags:
- cloud
- messaging
- aws
- sqs
capability:
exposes:
- type: mcp
namespace: sqs-depth
port: 8080
tools:
- name: get-queue-attributes
description: "Get the approximate message count and other attributes for an SQS queue. Use to monitor queue backlog."
inputParameters:
- name: queue_url
in: body
type: string
description: "The full SQS queue URL to check."
call: "sqs-api.get-queue-attributes"
with:
queue_url: "{{queue_url}}"
outputParameters:
- name: message_count
type: number
mapping: "$.Attributes.ApproximateNumberOfMessages"
consumes:
- namespace: sqs-api
type: http
baseUri: "https://sqs.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sqs_token"
placement: header
resources:
- name: queue
path: "/"
inputParameters:
- name: queue_url
in: body
operations:
- name: get-queue-attributes
method: POST
Step Functions Workflow Status Reporter
▼
cloud orchestration aws step-functions slack
Fetches the execution history of an AWS Step Functions workflow, summarizes success and failure states, and posts the report to Slack.
naftiko: "0.5"
info:
label: "Step Functions Workflow Status Reporter"
description: "Fetches the execution history of an AWS Step Functions workflow, summarizes success and failure states, and posts the report to Slack."
tags:
- cloud
- orchestration
- aws
- step-functions
- slack
capability:
exposes:
- type: mcp
namespace: sfn-reporter
port: 8080
tools:
- name: report-execution-status
description: "Get the execution history for a Step Functions workflow and post a status summary to Slack."
inputParameters:
- name: execution_arn
in: body
type: string
description: "The Step Functions execution ARN to report on."
- name: slack_channel
in: body
type: string
description: "The Slack channel for the status report."
steps:
- name: get-execution
type: call
call: "sfn-api.describe-execution"
with:
execution_arn: "{{execution_arn}}"
- name: get-history
type: call
call: "sfn-api.get-execution-history"
with:
execution_arn: "{{execution_arn}}"
- name: post-report
type: call
call: "slack-sfn.post-message"
with:
channel: "{{slack_channel}}"
text: "Step Functions Report: Execution {{execution_arn}} status: {{get-execution.status}}. Total events: {{get-history.event_count}}."
consumes:
- namespace: sfn-api
type: http
baseUri: "https://states.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_stepfunctions_token"
placement: header
resources:
- name: execution
path: "/"
inputParameters:
- name: execution_arn
in: body
operations:
- name: describe-execution
method: POST
- name: get-execution-history
method: POST
- namespace: slack-sfn
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Terraform Infrastructure Drift Detector
▼
cloud infrastructure terraform jira slack drift-detection
Triggers a Terraform Cloud plan run on a workspace to detect infrastructure drift, posts the plan summary to a Slack channel, and creates a Jira task if drift is found.
naftiko: "0.5"
info:
label: "Terraform Infrastructure Drift Detector"
description: "Triggers a Terraform Cloud plan run on a workspace to detect infrastructure drift, posts the plan summary to a Slack channel, and creates a Jira task if drift is found."
tags:
- cloud
- infrastructure
- terraform
- jira
- slack
- drift-detection
capability:
exposes:
- type: mcp
namespace: infra-ops
port: 8080
tools:
- name: detect-infra-drift
description: "Given a Terraform Cloud organization and workspace name, trigger a speculative plan run to detect infrastructure drift, and if drift is found, create a Jira task and alert Slack."
inputParameters:
- name: terraform_org
in: body
type: string
description: "The Terraform Cloud organization name, e.g. amazon-infra."
- name: workspace_name
in: body
type: string
description: "The Terraform workspace name to run the drift-detection plan on."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for the drift-detection alert."
steps:
- name: trigger-plan
type: call
call: "terraform.create-run"
with:
organization: "{{terraform_org}}"
workspace_name: "{{workspace_name}}"
plan_only: "true"
- name: create-drift-ticket
type: call
call: "jira-infra.create-issue"
with:
project_key: "INFRA"
issuetype: "Task"
summary: "Infrastructure drift detected in {{workspace_name}}"
description: "Terraform plan run ID: {{trigger-plan.run_id}}. Review and apply changes."
- name: notify-infra-team
type: call
call: "slack-infra.post-message"
with:
channel: "{{slack_channel}}"
text: "Infra Drift Detected: workspace {{workspace_name}} | Terraform run: {{trigger-plan.run_id}} | Jira: {{create-drift-ticket.key}}"
consumes:
- namespace: terraform
type: http
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: run
path: "/runs"
operations:
- name: create-run
method: POST
- namespace: jira-infra
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-infra
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Translate Product Listing Localizer
▼
ecommerce localization aws translate marketplace dynamodb
Translates Amazon product listing content using Amazon Translate, updates the listing for the target marketplace, and logs the translation to DynamoDB.
naftiko: "0.5"
info:
label: "Translate Product Listing Localizer"
description: "Translates Amazon product listing content using Amazon Translate, updates the listing for the target marketplace, and logs the translation to DynamoDB."
tags:
- ecommerce
- localization
- aws
- translate
- marketplace
- dynamodb
capability:
exposes:
- type: mcp
namespace: listing-translate
port: 8080
tools:
- name: localize-listing
description: "Translate a product listing to a target language, update the marketplace listing, and log the translation."
inputParameters:
- name: asin
in: body
type: string
description: "The ASIN of the product to translate."
- name: source_language
in: body
type: string
description: "Source language code, e.g. en."
- name: target_language
in: body
type: string
description: "Target language code, e.g. de."
steps:
- name: get-listing
type: call
call: "sp-translate.get-listing"
with:
asin: "{{asin}}"
- name: translate-content
type: call
call: "translate-api.translate-text"
with:
text: "{{get-listing.title}} | {{get-listing.description}}"
source_language: "{{source_language}}"
target_language: "{{target_language}}"
- name: log-translation
type: call
call: "dynamo-translate.put-item"
with:
table_name: "listing-translations"
asin: "{{asin}}"
target_language: "{{target_language}}"
translated_text: "{{translate-content.translated_text}}"
consumes:
- namespace: sp-translate
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com"
authentication:
type: bearer
token: "$secrets.sp_api_token"
resources:
- name: listing
path: "/listings/2021-08-01/items/ATVPDKIKX0DER/{asin}"
inputParameters:
- name: asin
in: path
operations:
- name: get-listing
method: GET
- namespace: translate-api
type: http
baseUri: "https://translate.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_translate_token"
placement: header
resources:
- name: translate
path: "/"
operations:
- name: translate-text
method: POST
- namespace: dynamo-translate
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
Twitch Creator Payout Report
▼
media twitch payments analytics aws s3 ses
Generates a Twitch creator payout report by aggregating subscription and bits revenue, stores it in S3, and emails the report via SES.
naftiko: "0.5"
info:
label: "Twitch Creator Payout Report"
description: "Generates a Twitch creator payout report by aggregating subscription and bits revenue, stores it in S3, and emails the report via SES."
tags:
- media
- twitch
- payments
- analytics
- aws
- s3
- ses
capability:
exposes:
- type: mcp
namespace: twitch-payout
port: 8080
tools:
- name: generate-payout-report
description: "Aggregate Twitch creator revenue, store the report in S3, and email it to the creator."
inputParameters:
- name: broadcaster_id
in: body
type: string
description: "The Twitch broadcaster ID."
- name: period
in: body
type: string
description: "The reporting period, e.g. 2026-03."
- name: creator_email
in: body
type: string
description: "The creator email for the report."
steps:
- name: get-sub-revenue
type: call
call: "twitch-revenue.get-subscriptions"
with:
broadcaster_id: "{{broadcaster_id}}"
- name: upload-report
type: call
call: "s3-twitch.put-object"
with:
bucket: "twitch-payout-reports"
key: "{{broadcaster_id}}/{{period}}-payout.json"
body: "{\"broadcaster\": \"{{broadcaster_id}}\", \"period\": \"{{period}}\", \"sub_revenue\": {{get-sub-revenue.total}}}"
- name: email-report
type: call
call: "ses-twitch.send-email"
with:
to: "{{creator_email}}"
subject: "Twitch Payout Report - {{period}}"
body: "Your payout report for {{period}} is ready. Subscription revenue: ${{get-sub-revenue.total}}. Full report: s3://twitch-payout-reports/{{broadcaster_id}}/{{period}}-payout.json"
consumes:
- namespace: twitch-revenue
type: http
baseUri: "https://api.twitch.tv/helix"
authentication:
type: bearer
token: "$secrets.twitch_api_token"
resources:
- name: subscriptions
path: "/subscriptions"
inputParameters:
- name: broadcaster_id
in: query
operations:
- name: get-subscriptions
method: GET
- namespace: s3-twitch
type: http
baseUri: "https://s3.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_s3_token"
placement: header
resources:
- name: object
path: "/{bucket}/{key}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- namespace: ses-twitch
type: http
baseUri: "https://email.us-east-1.amazonaws.com/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_ses_token"
placement: header
resources:
- name: email
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Twitch Stream Status
▼
media streaming twitch
Checks whether a Twitch channel is currently live and returns viewer count and stream title.
naftiko: "0.5"
info:
label: "Twitch Stream Status"
description: "Checks whether a Twitch channel is currently live and returns viewer count and stream title."
tags:
- media
- streaming
- twitch
capability:
exposes:
- type: mcp
namespace: twitch-status
port: 8080
tools:
- name: get-stream-status
description: "Check if a Twitch channel is currently live. Returns stream title, viewer count, and game category."
inputParameters:
- name: user_login
in: body
type: string
description: "The Twitch channel login name to check."
call: "twitch-api.get-streams"
with:
user_login: "{{user_login}}"
outputParameters:
- name: is_live
type: boolean
mapping: "$.data.length > 0"
- name: viewer_count
type: number
mapping: "$.data[0].viewer_count"
consumes:
- namespace: twitch-api
type: http
baseUri: "https://api.twitch.tv/helix"
authentication:
type: bearer
token: "$secrets.twitch_api_token"
resources:
- name: streams
path: "/streams"
inputParameters:
- name: user_login
in: query
operations:
- name: get-streams
method: GET
Vendor Central Purchase Order Processor
▼
ecommerce marketplace vendor-central supply-chain dynamodb
Retrieves purchase orders from Amazon Vendor Central, confirms them, and logs the confirmation to DynamoDB for tracking.
naftiko: "0.5"
info:
label: "Vendor Central Purchase Order Processor"
description: "Retrieves purchase orders from Amazon Vendor Central, confirms them, and logs the confirmation to DynamoDB for tracking."
tags:
- ecommerce
- marketplace
- vendor-central
- supply-chain
- dynamodb
capability:
exposes:
- type: mcp
namespace: vendor-po
port: 8080
tools:
- name: process-purchase-order
description: "Fetch a purchase order from Vendor Central, confirm it, and log the confirmation."
inputParameters:
- name: purchase_order_number
in: body
type: string
description: "The Vendor Central purchase order number."
steps:
- name: get-po
type: call
call: "vendor-api.get-purchase-order"
with:
purchase_order_number: "{{purchase_order_number}}"
- name: confirm-po
type: call
call: "vendor-api.confirm-purchase-order"
with:
purchase_order_number: "{{purchase_order_number}}"
items: "{{get-po.items}}"
- name: log-confirmation
type: call
call: "dynamo-vendor.put-item"
with:
table_name: "vendor-po-confirmations"
po_number: "{{purchase_order_number}}"
status: "confirmed"
item_count: "{{get-po.item_count}}"
consumes:
- namespace: vendor-api
type: http
baseUri: "https://sellingpartnerapi-na.amazon.com/vendor"
authentication:
type: bearer
token: "$secrets.sp_api_vendor_token"
resources:
- name: purchase-order
path: "/orders/v1/purchaseOrders/{purchase_order_number}"
inputParameters:
- name: purchase_order_number
in: path
operations:
- name: get-purchase-order
method: GET
- name: confirmation
path: "/orders/v1/purchaseOrders/confirmation"
operations:
- name: confirm-purchase-order
method: POST
- namespace: dynamo-vendor
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
WAF Rule Update with Notification
▼
cloud security aws waf dynamodb slack
Adds an IP to an AWS WAF IP set block list, logs the change to DynamoDB for audit, and notifies the security team via Slack.
naftiko: "0.5"
info:
label: "WAF Rule Update with Notification"
description: "Adds an IP to an AWS WAF IP set block list, logs the change to DynamoDB for audit, and notifies the security team via Slack."
tags:
- cloud
- security
- aws
- waf
- dynamodb
- slack
capability:
exposes:
- type: mcp
namespace: waf-update
port: 8080
tools:
- name: block-ip-and-notify
description: "Add an IP address to a WAF block list, record the action in DynamoDB, and alert the security team."
inputParameters:
- name: ip_set_id
in: body
type: string
description: "The WAF IP set ID to update."
- name: ip_address
in: body
type: string
description: "The IP address to block in CIDR format."
- name: slack_channel
in: body
type: string
description: "Slack channel for security notifications."
steps:
- name: update-ip-set
type: call
call: "waf-api.update-ip-set"
with:
ip_set_id: "{{ip_set_id}}"
ip_address: "{{ip_address}}"
- name: log-action
type: call
call: "dynamo-waf.put-item"
with:
table_name: "waf-audit-log"
ip_address: "{{ip_address}}"
action: "BLOCK"
ip_set_id: "{{ip_set_id}}"
- name: notify-security
type: call
call: "slack-waf.post-message"
with:
channel: "{{slack_channel}}"
text: "WAF Update: IP {{ip_address}} added to block list {{ip_set_id}}. Audit record created."
consumes:
- namespace: waf-api
type: http
baseUri: "https://wafv2.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_waf_token"
placement: header
resources:
- name: ip-set
path: "/"
operations:
- name: update-ip-set
method: POST
- namespace: dynamo-waf
type: http
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_dynamodb_token"
placement: header
resources:
- name: item
path: "/"
operations:
- name: put-item
method: POST
- namespace: slack-waf
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Warehouse Robotics Health Dashboard
▼
logistics robotics monitoring warehouse cloudwatch slack
Collects health telemetry from Amazon warehouse robotics systems, aggregates metrics in CloudWatch, and posts a fleet health summary to Slack.
naftiko: "0.5"
info:
label: "Warehouse Robotics Health Dashboard"
description: "Collects health telemetry from Amazon warehouse robotics systems, aggregates metrics in CloudWatch, and posts a fleet health summary to Slack."
tags:
- logistics
- robotics
- monitoring
- warehouse
- cloudwatch
- slack
capability:
exposes:
- type: mcp
namespace: robotics-health
port: 8080
tools:
- name: report-fleet-health
description: "Collect robotics fleet health data, log to CloudWatch, and post a summary to Slack."
inputParameters:
- name: warehouse_id
in: body
type: string
description: "The Amazon fulfillment center ID."
- name: slack_channel
in: body
type: string
description: "Slack channel for robotics health reports."
steps:
- name: get-fleet-status
type: call
call: "robotics-api.get-fleet-health"
with:
warehouse_id: "{{warehouse_id}}"
- name: log-metrics
type: call
call: "cw-robotics.put-metric-data"
with:
namespace: "Custom/WarehouseRobotics"
metric_name: "ActiveRobots"
value: "{{get-fleet-status.active_count}}"
- name: post-summary
type: call
call: "slack-robotics.post-message"
with:
channel: "{{slack_channel}}"
text: "Warehouse {{warehouse_id}} Robotics: {{get-fleet-status.active_count}} active, {{get-fleet-status.idle_count}} idle, {{get-fleet-status.error_count}} in error state."
consumes:
- namespace: robotics-api
type: http
baseUri: "https://api.amazon.com/warehouse/robotics/v1"
authentication:
type: bearer
token: "$secrets.amazon_robotics_token"
resources:
- name: fleet
path: "/warehouses/{warehouse_id}/fleet/health"
inputParameters:
- name: warehouse_id
in: path
operations:
- name: get-fleet-health
method: GET
- namespace: cw-robotics
type: http
baseUri: "https://monitoring.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_cloudwatch_token"
placement: header
resources:
- name: metric
path: "/"
operations:
- name: put-metric-data
method: POST
- namespace: slack-robotics
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Weekly Engineering Metrics Digest
▼
devops reporting github jira datadog slack metrics
Aggregates GitHub PR merge rates, Jira issue cycle times, and Datadog error rates for the past week, then publishes a consolidated engineering health digest to the leadership Slack channel.
naftiko: "0.5"
info:
label: "Weekly Engineering Metrics Digest"
description: "Aggregates GitHub PR merge rates, Jira issue cycle times, and Datadog error rates for the past week, then publishes a consolidated engineering health digest to the leadership Slack channel."
tags:
- devops
- reporting
- github
- jira
- datadog
- slack
- metrics
capability:
exposes:
- type: mcp
namespace: eng-reporting
port: 8080
tools:
- name: publish-eng-metrics-digest
description: "Given a GitHub org, Jira project key, and Datadog service tag, fetch the weekly PR merge count, Jira throughput, and service error rate, then post a combined engineering digest to Slack."
inputParameters:
- name: github_org
in: body
type: string
description: "The GitHub organization to query PR merge stats for, e.g. amzn."
- name: jira_project_key
in: body
type: string
description: "The Jira project key to query issue throughput for."
- name: datadog_service
in: body
type: string
description: "The Datadog service tag to query error rate metrics for."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the weekly digest will be posted."
steps:
- name: get-pr-stats
type: call
call: "github-metrics.search-issues"
with:
q: "org:{{github_org}} is:pr is:merged merged:>-7d"
- name: get-dd-error-rate
type: call
call: "datadog-metrics.query-metrics"
with:
query: "avg:trace.web.request.errors{service:{{datadog_service}}}.rollup(avg, 604800)"
- name: post-digest
type: call
call: "slack-metrics.post-message"
with:
channel: "{{slack_channel}}"
text: "Weekly Engineering Digest | PRs merged: {{get-pr-stats.total_count}} | Datadog error rate (7d avg): {{get-dd-error-rate.value}} | Project: {{jira_project_key}}"
consumes:
- namespace: github-metrics
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: search-issues
path: "/search/issues"
inputParameters:
- name: q
in: query
operations:
- name: search-issues
method: GET
- namespace: datadog-metrics
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- namespace: slack-metrics
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Whole Foods Low Stock Replenishment
▼
grocery whole-foods inventory supply-chain slack
Monitors Whole Foods inventory for low-stock items, creates a replenishment order in the supply chain system, and notifies the store manager via Slack.
naftiko: "0.5"
info:
label: "Whole Foods Low Stock Replenishment"
description: "Monitors Whole Foods inventory for low-stock items, creates a replenishment order in the supply chain system, and notifies the store manager via Slack."
tags:
- grocery
- whole-foods
- inventory
- supply-chain
- slack
capability:
exposes:
- type: mcp
namespace: wfm-replenish
port: 8080
tools:
- name: replenish-low-stock
description: "Check inventory levels at a Whole Foods store, create replenishment orders for low-stock items, and notify the store manager."
inputParameters:
- name: store_id
in: body
type: string
description: "The Whole Foods store ID to check."
- name: threshold
in: body
type: number
description: "The minimum stock level before triggering replenishment."
- name: slack_channel
in: body
type: string
description: "The Slack channel for store manager notifications."
steps:
- name: check-inventory
type: call
call: "wfm-inv.get-low-stock-items"
with:
store_id: "{{store_id}}"
threshold: "{{threshold}}"
- name: create-replenishment
type: call
call: "wfm-supply.create-order"
with:
store_id: "{{store_id}}"
items: "{{check-inventory.low_stock_items}}"
- name: notify-manager
type: call
call: "slack-wfm.post-message"
with:
channel: "{{slack_channel}}"
text: "Low Stock Alert for Store {{store_id}}: {{check-inventory.item_count}} items below threshold. Replenishment order {{create-replenishment.order_id}} created."
consumes:
- namespace: wfm-inv
type: http
baseUri: "https://api.wholefoodsmarket.com/v2"
authentication:
type: bearer
token: "$secrets.wfm_api_token"
resources:
- name: low-stock
path: "/stores/{store_id}/inventory/low-stock"
inputParameters:
- name: store_id
in: path
- name: threshold
in: query
operations:
- name: get-low-stock-items
method: GET
- namespace: wfm-supply
type: http
baseUri: "https://api.wholefoodsmarket.com/v2"
authentication:
type: bearer
token: "$secrets.wfm_supply_token"
resources:
- name: order
path: "/supply-chain/orders"
operations:
- name: create-order
method: POST
- namespace: slack-wfm
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Whole Foods Store Inventory Check
▼
grocery whole-foods inventory retail
Checks real-time inventory levels for a product at a specific Whole Foods Market store location.
naftiko: "0.5"
info:
label: "Whole Foods Store Inventory Check"
description: "Checks real-time inventory levels for a product at a specific Whole Foods Market store location."
tags:
- grocery
- whole-foods
- inventory
- retail
capability:
exposes:
- type: mcp
namespace: wfm-inventory
port: 8080
tools:
- name: check-inventory
description: "Check the current inventory level for a product at a Whole Foods Market store."
inputParameters:
- name: store_id
in: body
type: string
description: "The Whole Foods store ID to check inventory at."
- name: product_sku
in: body
type: string
description: "The product SKU to check availability for."
call: "wfm-api.get-inventory"
with:
store_id: "{{store_id}}"
product_sku: "{{product_sku}}"
outputParameters:
- name: quantity_on_hand
type: number
mapping: "$.inventory.quantityOnHand"
- name: in_stock
type: boolean
mapping: "$.inventory.inStock"
consumes:
- namespace: wfm-api
type: http
baseUri: "https://api.wholefoodsmarket.com/v2"
authentication:
type: bearer
token: "$secrets.wfm_api_token"
resources:
- name: inventory
path: "/stores/{store_id}/inventory/{product_sku}"
inputParameters:
- name: store_id
in: path
- name: product_sku
in: path
operations:
- name: get-inventory
method: GET
Workday Absence Request Processor
▼
hr time-off workday slack jira
When an employee submits a time-off request in Workday, notifies the manager via Slack and creates a Jira task for the manager to approve or deny the request.
naftiko: "0.5"
info:
label: "Workday Absence Request Processor"
description: "When an employee submits a time-off request in Workday, notifies the manager via Slack and creates a Jira task for the manager to approve or deny the request."
tags:
- hr
- time-off
- workday
- slack
- jira
capability:
exposes:
- type: mcp
namespace: hr-absence
port: 8080
tools:
- name: process-absence-request
description: "Given a Workday time-off request ID and manager Slack user ID, fetch request details, notify the manager in Slack, and create a Jira approval task."
inputParameters:
- name: time_off_request_id
in: body
type: string
description: "The Workday time-off request ID submitted by the employee."
- name: manager_slack_id
in: body
type: string
description: "The Slack user ID of the employee's manager for the approval notification."
steps:
- name: get-request
type: call
call: "workday-abs.get-time-off-request"
with:
request_id: "{{time_off_request_id}}"
- name: notify-manager
type: call
call: "slack-abs.post-message"
with:
channel: "{{manager_slack_id}}"
text: "Time-off request pending approval: {{get-request.employee_name}} has requested {{get-request.days}} days from {{get-request.start_date}} to {{get-request.end_date}}."
- name: create-approval-task
type: call
call: "jira-abs.create-issue"
with:
project_key: "HR"
issuetype: "Task"
summary: "Approve time-off: {{get-request.employee_name}} ({{get-request.start_date}} – {{get-request.end_date}})"
description: "Workday request ID: {{time_off_request_id}}"
consumes:
- namespace: workday-abs
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: time-off-request
path: "/timeOffRequests/{request_id}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-time-off-request
method: GET
- namespace: slack-abs
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- namespace: jira-abs
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
Workday Headcount Snapshot
▼
hr reporting workday slack headcount
Fetches current headcount data from Workday by department and publishes a summary report to a Slack channel for people-ops review.
naftiko: "0.5"
info:
label: "Workday Headcount Snapshot"
description: "Fetches current headcount data from Workday by department and publishes a summary report to a Slack channel for people-ops review."
tags:
- hr
- reporting
- workday
- slack
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: digest-headcount
description: "Given a Workday organization ID, fetch a headcount summary by department and post the digest to a designated Slack channel. Invoke when a people-ops or finance team member requests a headcount report."
inputParameters:
- name: org_id
in: body
type: string
description: "The Workday organization ID to query headcount for."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID where the headcount digest will be posted."
steps:
- name: get-headcount
type: call
call: "workday-hc.get-headcount"
with:
org_id: "{{org_id}}"
- name: post-digest
type: call
call: "slack-hc.post-message"
with:
channel: "{{slack_channel}}"
text: "Headcount for org {{org_id}}: {{get-headcount.total}} total employees across {{get-headcount.department_count}} departments."
consumes:
- namespace: workday-hc
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/orgs/{org_id}/headcount"
inputParameters:
- name: org_id
in: path
operations:
- name: get-headcount
method: GET
- namespace: slack-hc
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Workday Performance Review Reminder
▼
hr performance-management workday slack jira
Queries Workday for employees with pending performance reviews, sends reminder messages to each employee and their manager via Slack, and creates tracking tasks in Jira.
naftiko: "0.5"
info:
label: "Workday Performance Review Reminder"
description: "Queries Workday for employees with pending performance reviews, sends reminder messages to each employee and their manager via Slack, and creates tracking tasks in Jira."
tags:
- hr
- performance-management
- workday
- slack
- jira
capability:
exposes:
- type: mcp
namespace: hr-perf
port: 8080
tools:
- name: send-review-reminders
description: "Given a Workday performance review cycle ID, fetch all employees with pending self-evaluations, send Slack reminders to employees and their managers, and create Jira tracking tasks for HR."
inputParameters:
- name: review_cycle_id
in: body
type: string
description: "The Workday performance review cycle ID to query pending evaluations for."
- name: hr_jira_project
in: body
type: string
description: "The Jira project key for HR tracking tasks, e.g. HROPS."
- name: hr_slack_channel
in: body
type: string
description: "The Slack channel ID for HR operations notifications."
steps:
- name: get-pending-reviews
type: call
call: "workday-perf.get-pending-reviews"
with:
review_cycle_id: "{{review_cycle_id}}"
- name: create-hr-task
type: call
call: "jira-perf.create-issue"
with:
project_key: "{{hr_jira_project}}"
issuetype: "Task"
summary: "Performance review cycle {{review_cycle_id}}: {{get-pending-reviews.pending_count}} reviews pending"
description: "Review cycle: {{review_cycle_id}}\nPending count: {{get-pending-reviews.pending_count}}"
- name: post-hr-alert
type: call
call: "slack-perf.post-message"
with:
channel: "{{hr_slack_channel}}"
text: "Performance Review Reminder: {{get-pending-reviews.pending_count}} employees have pending self-evaluations in cycle {{review_cycle_id}}. Jira task: {{create-hr-task.key}}"
consumes:
- namespace: workday-perf
type: http
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: pending-reviews
path: "/performanceManagement/{review_cycle_id}/pendingReviews"
inputParameters:
- name: review_cycle_id
in: path
operations:
- name: get-pending-reviews
method: GET
- namespace: jira-perf
type: http
baseUri: "https://amazon.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
operations:
- name: create-issue
method: POST
- namespace: slack-perf
type: http
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
operations:
- name: post-message
method: POST