Apple Capabilities
Naftiko 0.5 capability definitions for Apple - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
AI Document Summarization for Engineering Specs
▼
ai engineering confluence openai slack
Submits an engineering specification document stored in Confluence to OpenAI for summarization and posts the structured summary to the relevant Slack channel.
naftiko: "0.5"
info:
label: "AI Document Summarization for Engineering Specs"
description: "Submits an engineering specification document stored in Confluence to OpenAI for summarization and posts the structured summary to the relevant Slack channel."
tags:
- ai
- engineering
- confluence
- openai
- slack
capability:
exposes:
- type: mcp
namespace: ai-engineering
port: 8080
tools:
- name: summarize-engineering-spec
description: "Given a Confluence page ID and Slack channel, retrieve the engineering spec, submit to OpenAI for a structured summary, and post the summary to Slack."
inputParameters:
- name: confluence_page_id
in: body
type: string
description: "The Confluence page ID of the engineering specification."
- name: slack_channel
in: body
type: string
description: "The Slack channel to post the summary to."
steps:
- name: get-confluence-page
type: call
call: "confluence.get-page"
with:
page_id: "{{confluence_page_id}}"
- name: generate-summary
type: call
call: "openai.create-completion"
with:
model: "gpt-4o"
prompt: "Summarize this engineering specification with sections: Overview, Key Requirements, Architecture Decisions, Open Questions: {{get-confluence-page.body}}"
- name: post-summary
type: call
call: "slack-ai.post-message"
with:
channel: "{{slack_channel}}"
text: "Engineering Spec Summary ({{confluence_page_id}}): {{generate-summary.text}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://apple.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: pages
path: "/content/{{page_id}}"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: create-completion
method: POST
- type: http
namespace: slack-ai
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Clip Performance Analysis
▼
app-store analytics snowflake app-clips
Analyzes App Clip performance by fetching launch metrics from App Store Connect, querying analytics in Snowflake, and posting a weekly digest to the product team.
naftiko: "0.5"
info:
label: "App Clip Performance Analysis"
description: "Analyzes App Clip performance by fetching launch metrics from App Store Connect, querying analytics in Snowflake, and posting a weekly digest to the product team."
tags:
- app-store
- analytics
- snowflake
- app-clips
capability:
exposes:
- type: mcp
namespace: app-clip-perf
port: 8080
tools:
- name: analyze-app-clip-performance
description: "Analyze App Clip launch metrics, run analytics queries, and share a performance digest with the product team."
inputParameters:
- name: app_clip_id
in: body
type: string
description: "The App Clip identifier."
- name: period
in: body
type: string
description: "Analysis period, e.g. last_7d, last_30d."
steps:
- name: fetch-metrics
type: call
call: "appstoreconnect.get-app-clip-metrics"
with:
app_clip_id: "{{app_clip_id}}"
period: "{{period}}"
- name: run-analytics
type: call
call: "snowflake.execute-query"
with:
query: "SELECT avg(launch_time_ms), count(*), sum(conversions) FROM app_clip_events WHERE clip_id='{{app_clip_id}}' AND event_date >= dateadd(day, -7, current_date())"
warehouse: "ANALYTICS_WH"
- name: generate-digest
type: call
call: "openai.analyze-text"
with:
text: "Invocations: {{fetch-metrics.total_invocations}}, Avg launch: {{run-analytics.avg_launch_time_ms}}ms, Conversions: {{run-analytics.total_conversions}}"
instruction: "Summarize App Clip performance. Highlight trends and recommendations."
- name: post-digest
type: call
call: "slack.post-message"
with:
channel: "#app-clips-product"
text: "App Clip {{app_clip_id}} {{period}} digest:\n{{generate-digest.summary}}"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: app-clip-metrics
path: "/appClips/{{app_clip_id}}/metrics"
inputParameters:
- name: app_clip_id
in: path
operations:
- name: get-app-clip-metrics
method: GET
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Store App Metadata Lookup
▼
app-store developer-tools metadata
Retrieves metadata for an app listed on the App Store by its bundle ID, including name, version, rating, and category.
naftiko: "0.5"
info:
label: "App Store App Metadata Lookup"
description: "Retrieves metadata for an app listed on the App Store by its bundle ID, including name, version, rating, and category."
tags:
- app-store
- developer-tools
- metadata
capability:
exposes:
- type: mcp
namespace: appstore-metadata
port: 8080
tools:
- name: get-app-metadata
description: "Look up App Store app metadata by bundle ID. Returns app name, current version, average rating, and primary category."
inputParameters:
- name: bundle_id
in: body
type: string
description: "The iOS app bundle identifier, e.g. com.apple.Keynote."
call: "appstoreconnect.get-app"
with:
bundle_id: "{{bundle_id}}"
outputParameters:
- name: app_name
type: string
mapping: "$.data.attributes.name"
- name: version
type: string
mapping: "$.data.attributes.version"
- name: rating
type: number
mapping: "$.data.attributes.averageUserRating"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: apps
path: "/apps?filter[bundleId]={{bundle_id}}"
inputParameters:
- name: bundle_id
in: query
operations:
- name: get-app
method: GET
App Store In-App Purchase Reconciliation
▼
app-store finance billing reconciliation
Reconciles in-app purchase records by fetching App Store Server receipts, comparing with internal billing, flagging discrepancies, and notifying finance.
naftiko: "0.5"
info:
label: "App Store In-App Purchase Reconciliation"
description: "Reconciles in-app purchase records by fetching App Store Server receipts, comparing with internal billing, flagging discrepancies, and notifying finance."
tags:
- app-store
- finance
- billing
- reconciliation
capability:
exposes:
- type: mcp
namespace: iap-reconciliation
port: 8080
tools:
- name: reconcile-iap
description: "Reconcile in-app purchases: fetch receipts, compare with billing, flag discrepancies, and notify finance."
inputParameters:
- name: app_id
in: body
type: string
description: "The app identifier."
- name: date
in: body
type: string
description: "The reconciliation date in YYYY-MM-DD format."
steps:
- name: fetch-receipts
type: call
call: "appstore-server.get-transactions"
with:
app_id: "{{app_id}}"
date: "{{date}}"
- name: get-billing-records
type: call
call: "billing-api.get-daily-records"
with:
app_id: "{{app_id}}"
date: "{{date}}"
- name: compare-records
type: call
call: "reconciliation-engine.compare"
with:
appstore_data: "{{fetch-receipts.transactions}}"
billing_data: "{{get-billing-records.records}}"
- name: notify-finance
type: call
call: "slack.post-message"
with:
channel: "#finance-reconciliation"
text: "IAP reconciliation for {{app_id}} on {{date}}: Matched={{compare-records.matched}}, Discrepancies={{compare-records.discrepancy_count}}, Total revenue: ${{compare-records.total_revenue}}."
consumes:
- type: http
namespace: appstore-server
baseUri: "https://api.storekit.itunes.apple.com/inApps/v1"
authentication:
type: bearer
token: "$secrets.appstore_server_token"
resources:
- name: transactions
path: "/apps/{{app_id}}/transactions?date={{date}}"
inputParameters:
- name: app_id
in: path
- name: date
in: query
operations:
- name: get-transactions
method: GET
- type: http
namespace: billing-api
baseUri: "https://billing.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.billing_api_token"
resources:
- name: records
path: "/apps/{{app_id}}/records?date={{date}}"
inputParameters:
- name: app_id
in: path
- name: date
in: query
operations:
- name: get-daily-records
method: GET
- type: http
namespace: reconciliation-engine
baseUri: "https://reconciliation.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.reconciliation_token"
resources:
- name: comparisons
path: "/compare"
operations:
- name: compare
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Store Release Readiness Check
▼
app-store ci-cd quality-assurance testflight
Validates app release readiness by checking Xcode Cloud build status, TestFlight crash rate, and App Store review guidelines compliance before submission.
naftiko: "0.5"
info:
label: "App Store Release Readiness Check"
description: "Validates app release readiness by checking Xcode Cloud build status, TestFlight crash rate, and App Store review guidelines compliance before submission."
tags:
- app-store
- ci-cd
- quality-assurance
- testflight
capability:
exposes:
- type: mcp
namespace: release-readiness
port: 8080
tools:
- name: check-release-readiness
description: "Given an app ID and build number, verify CI build passed, TestFlight crash rate is acceptable, and compliance checks pass."
inputParameters:
- name: app_id
in: body
type: string
description: "The App Store Connect app identifier."
- name: build_number
in: body
type: string
description: "The build version number to check."
steps:
- name: check-build
type: call
call: "appstoreconnect.get-build"
with:
app_id: "{{app_id}}"
build_number: "{{build_number}}"
- name: get-crash-rate
type: call
call: "appstoreconnect.get-crash-metrics"
with:
app_id: "{{app_id}}"
build_number: "{{build_number}}"
- name: run-compliance-check
type: call
call: "compliance-api.check-guidelines"
with:
app_id: "{{app_id}}"
build_id: "{{check-build.build_id}}"
- name: post-summary
type: call
call: "slack.post-message"
with:
channel: "#release-management"
text: "Release readiness for {{app_id}} build {{build_number}}: Build status={{check-build.status}}, Crash rate={{get-crash-rate.crash_rate_percent}}%, Compliance={{run-compliance-check.result}}"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: builds
path: "/apps/{{app_id}}/builds?filter[version]={{build_number}}"
inputParameters:
- name: app_id
in: path
- name: build_number
in: query
operations:
- name: get-build
method: GET
- name: crash-metrics
path: "/apps/{{app_id}}/builds/{{build_number}}/diagnosticSignatures"
inputParameters:
- name: app_id
in: path
- name: build_number
in: path
operations:
- name: get-crash-metrics
method: GET
- type: http
namespace: compliance-api
baseUri: "https://compliance-internal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_api_token"
resources:
- name: guidelines
path: "/checks"
operations:
- name: check-guidelines
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Store Review Sentiment Triage
▼
customer-support salesforce openai ai slack
Queries Salesforce for recent customer support cases flagged as App Store reviews, submits a batch to OpenAI for sentiment classification, and posts a digest to the product Slack channel.
naftiko: "0.5"
info:
label: "App Store Review Sentiment Triage"
description: "Queries Salesforce for recent customer support cases flagged as App Store reviews, submits a batch to OpenAI for sentiment classification, and posts a digest to the product Slack channel."
tags:
- customer-support
- salesforce
- openai
- ai
- slack
capability:
exposes:
- type: mcp
namespace: review-triage
port: 8080
tools:
- name: triage-app-store-reviews
description: "Given a Salesforce queue name for App Store reviews, fetch recent cases, classify sentiment with OpenAI, and post a summary digest to the product Slack channel."
inputParameters:
- name: queue_name
in: body
type: string
description: "The Salesforce queue name containing App Store review cases."
- name: product_channel
in: body
type: string
description: "The Slack channel to post the sentiment digest to."
steps:
- name: fetch-reviews
type: call
call: "salesforce-reviews.query-cases"
with:
queue: "{{queue_name}}"
status: "New"
- name: classify-sentiment
type: call
call: "openai-reviews.create-completion"
with:
model: "gpt-4o"
prompt: "Classify the following App Store reviews by sentiment (positive, neutral, negative) and identify top themes: {{fetch-reviews.cases}}"
- name: post-digest
type: call
call: "slack-reviews.post-message"
with:
channel: "{{product_channel}}"
text: "App Store Review Digest — {{queue_name}}: {{classify-sentiment.text}}"
consumes:
- type: http
namespace: salesforce-reviews
baseUri: "https://apple.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/query"
operations:
- name: query-cases
method: GET
inputParameters:
- name: queue
in: query
- name: status
in: query
- type: http
namespace: openai-reviews
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: create-completion
method: POST
- type: http
namespace: slack-reviews
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Store Review to Jira Ticket
▼
app-store quality-assurance jira slack
When a negative App Store review is detected, analyzes sentiment with OpenAI, creates a Jira bug ticket, and notifies the product team via Slack.
naftiko: "0.5"
info:
label: "App Store Review to Jira Ticket"
description: "When a negative App Store review is detected, analyzes sentiment with OpenAI, creates a Jira bug ticket, and notifies the product team via Slack."
tags:
- app-store
- quality-assurance
- jira
- slack
capability:
exposes:
- type: mcp
namespace: review-to-jira
port: 8080
tools:
- name: escalate-negative-review
description: "Given an App Store review ID, analyze its sentiment, create a Jira ticket if negative, and alert the product team on Slack."
inputParameters:
- name: review_id
in: body
type: string
description: "The App Store review identifier."
- name: app_id
in: body
type: string
description: "The App Store app identifier."
steps:
- name: fetch-review
type: call
call: "appstoreconnect.get-review"
with:
review_id: "{{review_id}}"
app_id: "{{app_id}}"
- name: analyze-sentiment
type: call
call: "openai.analyze-text"
with:
text: "{{fetch-review.body}}"
instruction: "Classify the sentiment as positive, neutral, or negative. Return JSON with sentiment and key_issues array."
- name: create-jira-ticket
type: call
call: "jira.create-issue"
with:
project: "IOS"
summary: "Negative App Store review: {{fetch-review.title}}"
description: "Review: {{fetch-review.body}}\nSentiment: {{analyze-sentiment.sentiment}}\nIssues: {{analyze-sentiment.key_issues}}"
issue_type: "Bug"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "#app-reviews"
text: "Negative review escalated for app {{app_id}}: {{fetch-review.title}}. Jira: {{create-jira-ticket.key}}"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: reviews
path: "/apps/{{app_id}}/customerReviews/{{review_id}}"
inputParameters:
- name: app_id
in: path
- name: review_id
in: path
operations:
- name: get-review
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
App Store Sales Report Download
▼
app-store sales reporting
Downloads a daily sales report from App Store Connect for a given vendor number and date.
naftiko: "0.5"
info:
label: "App Store Sales Report Download"
description: "Downloads a daily sales report from App Store Connect for a given vendor number and date."
tags:
- app-store
- sales
- reporting
capability:
exposes:
- type: mcp
namespace: appstore-sales
port: 8080
tools:
- name: download-sales-report
description: "Download a daily App Store sales report for a vendor. Returns aggregated units, proceeds, and top-selling app."
inputParameters:
- name: vendor_number
in: body
type: string
description: "The App Store Connect vendor number."
- name: report_date
in: body
type: string
description: "The report date in YYYY-MM-DD format."
call: "appstoreconnect.get-sales-report"
with:
vendor_number: "{{vendor_number}}"
report_date: "{{report_date}}"
outputParameters:
- name: total_units
type: number
mapping: "$.summary.totalUnits"
- name: total_proceeds
type: number
mapping: "$.summary.totalProceeds"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: sales-reports
path: "/salesReports?filter[vendorNumber]={{vendor_number}}&filter[reportDate]={{report_date}}&filter[reportType]=SALES&filter[frequency]=DAILY"
inputParameters:
- name: vendor_number
in: query
- name: report_date
in: query
operations:
- name: get-sales-report
method: GET
App Store Subscription Churn Prevention
▼
app-store subscriptions retention machine-learning
Prevents subscription churn by detecting at-risk subscribers, generating personalized retention offers, and sending targeted notifications via APNs.
naftiko: "0.5"
info:
label: "App Store Subscription Churn Prevention"
description: "Prevents subscription churn by detecting at-risk subscribers, generating personalized retention offers, and sending targeted notifications via APNs."
tags:
- app-store
- subscriptions
- retention
- machine-learning
capability:
exposes:
- type: mcp
namespace: churn-prevention
port: 8080
tools:
- name: prevent-subscriber-churn
description: "Detect at-risk subscribers, generate personalized offers, and send retention notifications."
inputParameters:
- name: app_id
in: body
type: string
description: "The app identifier."
- name: subscriber_id
in: body
type: string
description: "The subscriber identifier."
steps:
- name: assess-churn-risk
type: call
call: "churn-ml.score-subscriber"
with:
app_id: "{{app_id}}"
subscriber_id: "{{subscriber_id}}"
- name: generate-offer
type: call
call: "offers-engine.create-retention-offer"
with:
subscriber_id: "{{subscriber_id}}"
churn_score: "{{assess-churn-risk.churn_probability}}"
usage_pattern: "{{assess-churn-risk.usage_pattern}}"
- name: send-notification
type: call
call: "apns.send-notification"
with:
subscriber_id: "{{subscriber_id}}"
title: "Special offer just for you"
body: "{{generate-offer.offer_message}}"
- name: log-intervention
type: call
call: "snowflake.execute-query"
with:
query: "INSERT INTO churn_interventions VALUES ('{{subscriber_id}}', '{{app_id}}', {{assess-churn-risk.churn_probability}}, '{{generate-offer.offer_id}}', current_timestamp())"
warehouse: "ANALYTICS_WH"
consumes:
- type: http
namespace: churn-ml
baseUri: "https://churn-prediction.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.churn_ml_token"
resources:
- name: scoring
path: "/subscribers/{{subscriber_id}}/score"
inputParameters:
- name: subscriber_id
in: path
operations:
- name: score-subscriber
method: GET
- type: http
namespace: offers-engine
baseUri: "https://offers.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.offers_engine_token"
resources:
- name: offers
path: "/retention-offers"
operations:
- name: create-retention-offer
method: POST
- type: http
namespace: apns
baseUri: "https://api.push.apple.com/v3"
authentication:
type: bearer
token: "$secrets.apns_auth_token"
resources:
- name: notifications
path: "/notifications"
operations:
- name: send-notification
method: POST
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: execute-query
method: POST
Apple Accessibility Compliance Audit
▼
accessibility compliance quality-assurance jira
Audits app accessibility compliance by running automated checks, comparing against WCAG guidelines, generating a report, and creating remediation tasks in Jira.
naftiko: "0.5"
info:
label: "Apple Accessibility Compliance Audit"
description: "Audits app accessibility compliance by running automated checks, comparing against WCAG guidelines, generating a report, and creating remediation tasks in Jira."
tags:
- accessibility
- compliance
- quality-assurance
- jira
capability:
exposes:
- type: mcp
namespace: a11y-audit
port: 8080
tools:
- name: audit-accessibility
description: "Run accessibility audit on an app build: scan for issues, check WCAG compliance, generate report, and create Jira tasks for failures."
inputParameters:
- name: app_id
in: body
type: string
description: "The app identifier."
- name: build_id
in: body
type: string
description: "The build identifier to audit."
steps:
- name: run-scan
type: call
call: "a11y-scanner.scan-build"
with:
app_id: "{{app_id}}"
build_id: "{{build_id}}"
- name: check-wcag
type: call
call: "a11y-scanner.check-wcag-compliance"
with:
scan_id: "{{run-scan.scan_id}}"
standard: "WCAG-2.1-AA"
- name: generate-report
type: call
call: "confluence.create-page"
with:
space_key: "A11Y"
title: "Accessibility Audit: {{app_id}} build {{build_id}}"
body: "Issues found: {{run-scan.issue_count}}. WCAG compliance: {{check-wcag.compliance_percent}}%. Critical: {{check-wcag.critical_issues}}."
- name: create-remediation-tasks
type: call
call: "jira.create-issue"
with:
project: "A11Y"
summary: "Accessibility issues in {{app_id}} build {{build_id}}"
description: "{{run-scan.issue_count}} issues found. WCAG compliance: {{check-wcag.compliance_percent}}%. Report: {{generate-report.url}}"
issue_type: "Task"
consumes:
- type: http
namespace: a11y-scanner
baseUri: "https://a11y-tools.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.a11y_scanner_token"
resources:
- name: scans
path: "/scans"
operations:
- name: scan-build
method: POST
- name: compliance
path: "/scans/{{scan_id}}/wcag"
inputParameters:
- name: scan_id
in: path
operations:
- name: check-wcag-compliance
method: GET
- type: http
namespace: confluence
baseUri: "https://apple-eng.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Apple AR Content Review Pipeline
▼
ar-vr content-review quality-assurance developer-tools
Reviews AR content submissions by validating USDZ assets, running performance benchmarks, checking content guidelines, and routing for editorial approval.
naftiko: "0.5"
info:
label: "Apple AR Content Review Pipeline"
description: "Reviews AR content submissions by validating USDZ assets, running performance benchmarks, checking content guidelines, and routing for editorial approval."
tags:
- ar-vr
- content-review
- quality-assurance
- developer-tools
capability:
exposes:
- type: mcp
namespace: ar-review
port: 8080
tools:
- name: review-ar-content
description: "Review AR content: validate USDZ, run performance benchmark, check guidelines, and route for approval."
inputParameters:
- name: submission_id
in: body
type: string
description: "The AR content submission identifier."
steps:
- name: validate-usdz
type: call
call: "ar-tools.validate-asset"
with:
submission_id: "{{submission_id}}"
- name: run-benchmark
type: call
call: "ar-tools.benchmark-performance"
with:
asset_url: "{{validate-usdz.asset_url}}"
target_device: "iPhone"
- name: check-guidelines
type: call
call: "content-review.check-ar-guidelines"
with:
submission_id: "{{submission_id}}"
asset_metadata: "{{validate-usdz.metadata}}"
- name: route-for-approval
type: call
call: "jira.create-issue"
with:
project: "AR"
summary: "AR content review: {{submission_id}}"
description: "USDZ valid: {{validate-usdz.is_valid}}. Benchmark FPS: {{run-benchmark.avg_fps}}. Guidelines: {{check-guidelines.status}}."
issue_type: "Task"
consumes:
- type: http
namespace: ar-tools
baseUri: "https://ar-tools.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.ar_tools_token"
resources:
- name: validation
path: "/submissions/{{submission_id}}/validate"
inputParameters:
- name: submission_id
in: path
operations:
- name: validate-asset
method: POST
- name: benchmarks
path: "/benchmarks"
operations:
- name: benchmark-performance
method: POST
- type: http
namespace: content-review
baseUri: "https://content-review.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.content_review_token"
resources:
- name: guidelines
path: "/ar/guidelines-check"
operations:
- name: check-ar-guidelines
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Apple Books Publisher Content Review
▼
media apple-books content-review publishing
Reviews publisher content submissions for Apple Books by validating EPUB format, checking DRM compliance, scanning for prohibited content, and routing for editorial approval.
naftiko: "0.5"
info:
label: "Apple Books Publisher Content Review"
description: "Reviews publisher content submissions for Apple Books by validating EPUB format, checking DRM compliance, scanning for prohibited content, and routing for editorial approval."
tags:
- media
- apple-books
- content-review
- publishing
capability:
exposes:
- type: mcp
namespace: books-review
port: 8080
tools:
- name: review-book-submission
description: "Review an Apple Books submission: validate EPUB, check DRM, scan content, and route for editorial approval."
inputParameters:
- name: submission_id
in: body
type: string
description: "The book submission identifier."
- name: publisher_id
in: body
type: string
description: "The publisher identifier."
steps:
- name: validate-epub
type: call
call: "books-pipeline.validate-format"
with:
submission_id: "{{submission_id}}"
- name: check-drm
type: call
call: "books-pipeline.check-drm-compliance"
with:
submission_id: "{{submission_id}}"
publisher_id: "{{publisher_id}}"
- name: scan-content
type: call
call: "content-safety.scan-text"
with:
content_ref: "{{validate-epub.content_ref}}"
- name: route-for-approval
type: call
call: "jira.create-issue"
with:
project: "BOOKS"
summary: "Book review: {{validate-epub.title}} by {{validate-epub.author}}"
description: "EPUB valid: {{validate-epub.is_valid}}. DRM: {{check-drm.status}}. Content scan: {{scan-content.result}}."
issue_type: "Task"
consumes:
- type: http
namespace: books-pipeline
baseUri: "https://books-pipeline.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.books_pipeline_token"
resources:
- name: validation
path: "/submissions/{{submission_id}}/validate"
inputParameters:
- name: submission_id
in: path
operations:
- name: validate-format
method: POST
- name: drm
path: "/submissions/{{submission_id}}/drm-check"
inputParameters:
- name: submission_id
in: path
operations:
- name: check-drm-compliance
method: POST
- type: http
namespace: content-safety
baseUri: "https://content-safety.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.content_safety_token"
resources:
- name: scanning
path: "/scan"
operations:
- name: scan-text
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Apple Business Essentials Device Wipe
▼
device-management security mdm operations
Remotely wipes a lost or stolen device through Apple Business Essentials by verifying ownership, issuing the wipe command, logging the action, and notifying IT.
naftiko: "0.5"
info:
label: "Apple Business Essentials Device Wipe"
description: "Remotely wipes a lost or stolen device through Apple Business Essentials by verifying ownership, issuing the wipe command, logging the action, and notifying IT."
tags:
- device-management
- security
- mdm
- operations
capability:
exposes:
- type: mcp
namespace: abe-device-wipe
port: 8080
tools:
- name: wipe-lost-device
description: "Remotely wipe a lost device: verify ownership, issue wipe command, log the action, and notify IT."
inputParameters:
- name: device_serial
in: body
type: string
description: "The device serial number."
- name: requester_email
in: body
type: string
description: "The email of the person requesting the wipe."
steps:
- name: verify-ownership
type: call
call: "abm.get-device"
with:
serial_number: "{{device_serial}}"
- name: issue-wipe
type: call
call: "mdm-api.send-wipe-command"
with:
device_serial: "{{device_serial}}"
authorized_by: "{{requester_email}}"
- name: log-action
type: call
call: "splunk.log-event"
with:
index: "device-management"
event: "remote_wipe"
device_serial: "{{device_serial}}"
requester: "{{requester_email}}"
wipe_command_id: "{{issue-wipe.command_id}}"
- name: notify-it
type: call
call: "slack.post-message"
with:
channel: "#it-device-management"
text: "Remote wipe issued for {{device_serial}} ({{verify-ownership.model}}). Requested by {{requester_email}}. Command: {{issue-wipe.command_id}}."
consumes:
- type: http
namespace: abm
baseUri: "https://business.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.abm_api_token"
resources:
- name: devices
path: "/devices/{{serial_number}}"
inputParameters:
- name: serial_number
in: path
operations:
- name: get-device
method: GET
- type: http
namespace: mdm-api
baseUri: "https://mdm.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.mdm_api_token"
resources:
- name: commands
path: "/devices/{{device_serial}}/commands/wipe"
inputParameters:
- name: device_serial
in: path
operations:
- name: send-wipe-command
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.apple.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: events
path: "/collector/event"
operations:
- name: log-event
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Business Manager Device Lookup
▼
device-management mdm apple-business-manager
Looks up a device in Apple Business Manager by serial number, returning enrollment status, model, and assigned MDM server.
naftiko: "0.5"
info:
label: "Apple Business Manager Device Lookup"
description: "Looks up a device in Apple Business Manager by serial number, returning enrollment status, model, and assigned MDM server."
tags:
- device-management
- mdm
- apple-business-manager
capability:
exposes:
- type: mcp
namespace: abm-devices
port: 8080
tools:
- name: get-device
description: "Look up a device in Apple Business Manager by serial number. Returns enrollment status, device model, and MDM server assignment."
inputParameters:
- name: serial_number
in: body
type: string
description: "The device serial number."
call: "abm.get-device"
with:
serial_number: "{{serial_number}}"
outputParameters:
- name: model
type: string
mapping: "$.device.model"
- name: enrollment_status
type: string
mapping: "$.device.enrollmentStatus"
- name: mdm_server
type: string
mapping: "$.device.assignedMdmServer"
consumes:
- type: http
namespace: abm
baseUri: "https://business.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.abm_api_token"
resources:
- name: devices
path: "/devices/{{serial_number}}"
inputParameters:
- name: serial_number
in: path
operations:
- name: get-device
method: GET
Apple Campus Visitor Management
▼
facilities security visitor-management operations
Manages campus visitor registration by pre-screening, generating a temporary badge, notifying the host, and logging the visit for security.
naftiko: "0.5"
info:
label: "Apple Campus Visitor Management"
description: "Manages campus visitor registration by pre-screening, generating a temporary badge, notifying the host, and logging the visit for security."
tags:
- facilities
- security
- visitor-management
- operations
capability:
exposes:
- type: mcp
namespace: visitor-management
port: 8080
tools:
- name: register-visitor
description: "Register a campus visitor: pre-screen, generate temp badge, notify host, and log for security."
inputParameters:
- name: visitor_name
in: body
type: string
description: "The visitor full name."
- name: visitor_email
in: body
type: string
description: "The visitor email."
- name: host_email
in: body
type: string
description: "The Apple employee host email."
- name: visit_date
in: body
type: string
description: "The visit date in ISO 8601 format."
steps:
- name: pre-screen
type: call
call: "security-api.pre-screen-visitor"
with:
visitor_name: "{{visitor_name}}"
visitor_email: "{{visitor_email}}"
- name: generate-badge
type: call
call: "badge-system.create-temp-badge"
with:
visitor_name: "{{visitor_name}}"
visit_date: "{{visit_date}}"
clearance: "{{pre-screen.clearance_level}}"
- name: notify-host
type: call
call: "slack.post-message"
with:
channel: "{{host_email}}"
text: "Your visitor {{visitor_name}} is registered for {{visit_date}}. Badge: {{generate-badge.badge_id}}. Please meet at reception."
- name: log-visit
type: call
call: "splunk.log-event"
with:
index: "campus-security"
event: "visitor_registration"
visitor: "{{visitor_name}}"
host: "{{host_email}}"
badge_id: "{{generate-badge.badge_id}}"
consumes:
- type: http
namespace: security-api
baseUri: "https://campus-security.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.campus_security_token"
resources:
- name: screening
path: "/visitors/pre-screen"
operations:
- name: pre-screen-visitor
method: POST
- type: http
namespace: badge-system
baseUri: "https://badge-system.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.badge_system_token"
resources:
- name: badges
path: "/badges/temporary"
operations:
- name: create-temp-badge
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.apple.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: events
path: "/collector/event"
operations:
- name: log-event
method: POST
Apple Card Dispute Processing
▼
fintech apple-card dispute servicenow
Processes Apple Card transaction disputes by fetching transaction details, submitting a dispute to Goldman Sachs, creating a case in ServiceNow, and notifying the cardholder.
naftiko: "0.5"
info:
label: "Apple Card Dispute Processing"
description: "Processes Apple Card transaction disputes by fetching transaction details, submitting a dispute to Goldman Sachs, creating a case in ServiceNow, and notifying the cardholder."
tags:
- fintech
- apple-card
- dispute
- servicenow
capability:
exposes:
- type: mcp
namespace: card-disputes
port: 8080
tools:
- name: process-dispute
description: "Process an Apple Card dispute: fetch transaction, submit to bank, create support case, and notify cardholder."
inputParameters:
- name: transaction_id
in: body
type: string
description: "The Apple Card transaction identifier."
- name: dispute_reason
in: body
type: string
description: "The dispute reason code."
- name: cardholder_email
in: body
type: string
description: "The cardholder email address."
steps:
- name: get-transaction
type: call
call: "apple-card-api.get-transaction"
with:
transaction_id: "{{transaction_id}}"
- name: submit-dispute
type: call
call: "apple-card-api.create-dispute"
with:
transaction_id: "{{transaction_id}}"
reason: "{{dispute_reason}}"
amount: "{{get-transaction.amount}}"
- name: create-case
type: call
call: "servicenow.create-incident"
with:
short_description: "Apple Card dispute: {{transaction_id}}"
description: "Amount: ${{get-transaction.amount}}. Merchant: {{get-transaction.merchant_name}}. Reason: {{dispute_reason}}. Bank ref: {{submit-dispute.dispute_id}}."
category: "financial_disputes"
- name: notify-cardholder
type: call
call: "ses.send-email"
with:
to: "{{cardholder_email}}"
subject: "Your Apple Card Dispute Has Been Filed"
body: "Dispute for ${{get-transaction.amount}} at {{get-transaction.merchant_name}} has been submitted. Reference: {{submit-dispute.dispute_id}}. Case: {{create-case.number}}."
consumes:
- type: http
namespace: apple-card-api
baseUri: "https://card-services.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.apple_card_token"
resources:
- name: transactions
path: "/transactions/{{transaction_id}}"
inputParameters:
- name: transaction_id
in: path
operations:
- name: get-transaction
method: GET
- name: disputes
path: "/disputes"
operations:
- name: create-dispute
method: POST
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Apple Corporate Travel Booking Workflow
▼
travel sap-concur operations workforce-management
Automates corporate travel booking by checking policy compliance in SAP Concur, booking flights, creating a calendar event, and notifying the traveler and manager.
naftiko: "0.5"
info:
label: "Apple Corporate Travel Booking Workflow"
description: "Automates corporate travel booking by checking policy compliance in SAP Concur, booking flights, creating a calendar event, and notifying the traveler and manager."
tags:
- travel
- sap-concur
- operations
- workforce-management
capability:
exposes:
- type: mcp
namespace: corporate-travel
port: 8080
tools:
- name: book-corporate-travel
description: "Book corporate travel: check policy, book flights, create calendar event, and notify traveler and manager."
inputParameters:
- name: employee_email
in: body
type: string
description: "The traveling employee email."
- name: destination
in: body
type: string
description: "The travel destination city."
- name: travel_date
in: body
type: string
description: "The travel date in ISO 8601 format."
- name: purpose
in: body
type: string
description: "The business purpose of travel."
steps:
- name: check-policy
type: call
call: "concur.check-travel-policy"
with:
employee_email: "{{employee_email}}"
destination: "{{destination}}"
travel_date: "{{travel_date}}"
- name: book-flight
type: call
call: "concur.book-flight"
with:
employee_email: "{{employee_email}}"
destination: "{{destination}}"
date: "{{travel_date}}"
budget: "{{check-policy.approved_budget}}"
- name: create-calendar-event
type: call
call: "google-calendar.create-event"
with:
attendee: "{{employee_email}}"
title: "Business Travel: {{destination}}"
date: "{{travel_date}}"
description: "Flight: {{book-flight.flight_number}}. Confirmation: {{book-flight.confirmation_code}}."
- name: notify-manager
type: call
call: "slack.post-message"
with:
channel: "#travel-approvals"
text: "Travel booked for {{employee_email}} to {{destination}} on {{travel_date}}. Flight: {{book-flight.flight_number}}. Purpose: {{purpose}}."
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_api_token"
resources:
- name: travel-policy
path: "/travelrequest/policy"
operations:
- name: check-travel-policy
method: POST
- name: flights
path: "/travelrequest/bookings"
operations:
- name: book-flight
method: POST
- type: http
namespace: google-calendar
baseUri: "https://www.googleapis.com/calendar/v3"
authentication:
type: bearer
token: "$secrets.google_calendar_token"
resources:
- name: events
path: "/calendars/primary/events"
operations:
- name: create-event
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Datacenter Capacity Planning
▼
infrastructure capacity-planning datadog snowflake
Plans datacenter capacity by querying current utilization from Datadog, forecasting growth with Snowflake, and generating provisioning recommendations for infrastructure teams.
naftiko: "0.5"
info:
label: "Apple Datacenter Capacity Planning"
description: "Plans datacenter capacity by querying current utilization from Datadog, forecasting growth with Snowflake, and generating provisioning recommendations for infrastructure teams."
tags:
- infrastructure
- capacity-planning
- datadog
- snowflake
capability:
exposes:
- type: mcp
namespace: capacity-planning
port: 8080
tools:
- name: plan-datacenter-capacity
description: "Plan datacenter capacity: query utilization, forecast growth, generate recommendations, and notify infrastructure team."
inputParameters:
- name: datacenter_id
in: body
type: string
description: "The datacenter identifier."
- name: forecast_months
in: body
type: number
description: "Number of months to forecast, e.g. 3, 6, 12."
steps:
- name: get-current-utilization
type: call
call: "datadog.query-metrics"
with:
query: "avg:datacenter.cpu.utilization{dc:{{datacenter_id}}},avg:datacenter.storage.utilization{dc:{{datacenter_id}}}"
time_range: "last_30d"
- name: forecast-growth
type: call
call: "snowflake.execute-query"
with:
query: "CALL infrastructure.forecast_capacity('{{datacenter_id}}', {{forecast_months}})"
warehouse: "INFRA_WH"
- name: generate-recommendations
type: call
call: "openai.analyze-text"
with:
text: "Current CPU: {{get-current-utilization.cpu_avg}}%, Storage: {{get-current-utilization.storage_avg}}%. Forecast: CPU={{forecast-growth.projected_cpu}}%, Storage={{forecast-growth.projected_storage}}% in {{forecast_months}} months."
instruction: "Generate datacenter capacity recommendations. Include server count, storage expansion, and timeline. Return JSON."
- name: post-report
type: call
call: "slack.post-message"
with:
channel: "#infrastructure-planning"
text: "Capacity plan for {{datacenter_id}} ({{forecast_months}}mo forecast): Current CPU={{get-current-utilization.cpu_avg}}%, Projected={{forecast-growth.projected_cpu}}%. Recommendation: {{generate-recommendations.summary}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
operations:
- name: query-metrics
method: GET
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Design System Component Release
▼
design developer-tools documentation ui
Releases a new design system component by validating against HIG, publishing to the component library, updating documentation, and notifying design and engineering teams.
naftiko: "0.5"
info:
label: "Apple Design System Component Release"
description: "Releases a new design system component by validating against HIG, publishing to the component library, updating documentation, and notifying design and engineering teams."
tags:
- design
- developer-tools
- documentation
- ui
capability:
exposes:
- type: mcp
namespace: design-system
port: 8080
tools:
- name: release-component
description: "Release a design system component: validate HIG compliance, publish to library, update docs, and notify teams."
inputParameters:
- name: component_name
in: body
type: string
description: "The component name, e.g. ActionButton, NavigationBar."
- name: version
in: body
type: string
description: "The component version."
steps:
- name: validate-hig
type: call
call: "hig-validator.check-compliance"
with:
component_name: "{{component_name}}"
version: "{{version}}"
- name: publish-to-library
type: call
call: "component-library.publish"
with:
component_name: "{{component_name}}"
version: "{{version}}"
hig_status: "{{validate-hig.status}}"
- name: update-docs
type: call
call: "confluence.create-page"
with:
space_key: "DESIGN"
title: "{{component_name}} v{{version}} Release Notes"
body: "Component {{component_name}} v{{version}} released. HIG compliance: {{validate-hig.status}}. Library ID: {{publish-to-library.component_id}}."
- name: notify-teams
type: call
call: "slack.post-message"
with:
channel: "#design-engineering"
text: "Design system component {{component_name}} v{{version}} released. HIG: {{validate-hig.status}}. Docs: {{update-docs.url}}."
consumes:
- type: http
namespace: hig-validator
baseUri: "https://hig-tools.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.hig_validator_token"
resources:
- name: compliance
path: "/components/{{component_name}}/check"
inputParameters:
- name: component_name
in: path
operations:
- name: check-compliance
method: POST
- type: http
namespace: component-library
baseUri: "https://component-library.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.component_library_token"
resources:
- name: components
path: "/components"
operations:
- name: publish
method: POST
- type: http
namespace: confluence
baseUri: "https://apple-eng.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Developer API Key Rotation
▼
developer-tools security secrets-management terraform
Rotates API keys for App Store Connect integrations by generating a new key, updating secrets in Vault, deploying via Terraform, and notifying DevOps.
naftiko: "0.5"
info:
label: "Apple Developer API Key Rotation"
description: "Rotates API keys for App Store Connect integrations by generating a new key, updating secrets in Vault, deploying via Terraform, and notifying DevOps."
tags:
- developer-tools
- security
- secrets-management
- terraform
capability:
exposes:
- type: mcp
namespace: api-key-rotation
port: 8080
tools:
- name: rotate-api-key
description: "Rotate an App Store Connect API key: generate new key, store in Vault, deploy config update, and notify DevOps."
inputParameters:
- name: key_id
in: body
type: string
description: "The existing API key identifier to rotate."
- name: issuer_id
in: body
type: string
description: "The App Store Connect issuer ID."
steps:
- name: generate-new-key
type: call
call: "appstoreconnect.create-api-key"
with:
issuer_id: "{{issuer_id}}"
roles: "ADMIN"
- name: store-in-vault
type: call
call: "vault.write-secret"
with:
path: "secret/appstoreconnect/{{issuer_id}}"
key: "api_key"
value: "{{generate-new-key.private_key}}"
- name: deploy-config
type: call
call: "terraform.trigger-run"
with:
workspace: "api-key-configs"
message: "Rotated API key {{key_id}} for issuer {{issuer_id}}"
- name: revoke-old-key
type: call
call: "appstoreconnect.revoke-api-key"
with:
key_id: "{{key_id}}"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: api-keys
path: "/apiKeys"
operations:
- name: create-api-key
method: POST
- name: api-key-revoke
path: "/apiKeys/{{key_id}}"
inputParameters:
- name: key_id
in: path
operations:
- name: revoke-api-key
method: DELETE
- type: http
namespace: vault
baseUri: "https://vault.apple.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: secrets
path: "/{{path}}"
inputParameters:
- name: path
in: path
operations:
- name: write-secret
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: trigger-run
method: POST
Apple Developer Documentation Update Pipeline
▼
developer-tools documentation ai devrel
Updates Apple developer documentation by detecting API changes in the SDK, generating updated docs with AI, publishing to the developer portal, and notifying DevRel.
naftiko: "0.5"
info:
label: "Apple Developer Documentation Update Pipeline"
description: "Updates Apple developer documentation by detecting API changes in the SDK, generating updated docs with AI, publishing to the developer portal, and notifying DevRel."
tags:
- developer-tools
- documentation
- ai
- devrel
capability:
exposes:
- type: mcp
namespace: docs-pipeline
port: 8080
tools:
- name: update-api-docs
description: "Update developer docs: detect API changes, generate updated documentation, publish to portal, and notify DevRel."
inputParameters:
- name: framework_name
in: body
type: string
description: "The framework name, e.g. SwiftUI, UIKit, CoreML."
- name: sdk_version
in: body
type: string
description: "The SDK version with changes."
steps:
- name: detect-changes
type: call
call: "sdk-diff.compare-versions"
with:
framework: "{{framework_name}}"
version: "{{sdk_version}}"
- name: generate-docs
type: call
call: "openai.analyze-text"
with:
text: "API changes for {{framework_name}} in SDK {{sdk_version}}: {{detect-changes.diff_summary}}"
instruction: "Generate developer documentation for these API changes. Include code examples, migration notes, and deprecation warnings. Format as structured documentation."
- name: publish-to-portal
type: call
call: "developer-portal.update-docs"
with:
framework: "{{framework_name}}"
version: "{{sdk_version}}"
content: "{{generate-docs.documentation}}"
- name: notify-devrel
type: call
call: "slack.post-message"
with:
channel: "#developer-relations"
text: "Docs updated for {{framework_name}} SDK {{sdk_version}}. {{detect-changes.new_apis}} new APIs, {{detect-changes.deprecated_apis}} deprecations. Portal: {{publish-to-portal.url}}"
consumes:
- type: http
namespace: sdk-diff
baseUri: "https://sdk-tools.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.sdk_tools_token"
resources:
- name: diffs
path: "/frameworks/{{framework}}/diff"
inputParameters:
- name: framework
in: path
operations:
- name: compare-versions
method: POST
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: developer-portal
baseUri: "https://developer-portal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.developer_portal_token"
resources:
- name: docs
path: "/documentation"
operations:
- name: update-docs
method: PUT
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Developer Membership Status
▼
developer-tools membership compliance
Checks the enrollment status and expiration date of an Apple Developer Program membership by team ID.
naftiko: "0.5"
info:
label: "Apple Developer Membership Status"
description: "Checks the enrollment status and expiration date of an Apple Developer Program membership by team ID."
tags:
- developer-tools
- membership
- compliance
capability:
exposes:
- type: mcp
namespace: developer-program
port: 8080
tools:
- name: get-membership-status
description: "Check Apple Developer Program membership status by team ID. Returns enrollment type, expiration date, and renewal status."
inputParameters:
- name: team_id
in: body
type: string
description: "The Apple Developer team identifier."
call: "appstoreconnect.get-membership"
with:
team_id: "{{team_id}}"
outputParameters:
- name: program_type
type: string
mapping: "$.data.attributes.programType"
- name: expiration_date
type: string
mapping: "$.data.attributes.expirationDate"
- name: is_active
type: boolean
mapping: "$.data.attributes.isActive"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: memberships
path: "/teams/{{team_id}}/membership"
inputParameters:
- name: team_id
in: path
operations:
- name: get-membership
method: GET
Apple Environmental Compliance Tracker
▼
sustainability compliance supply-chain environmental
Tracks environmental compliance for product materials by querying supplier declarations, checking against Apple standards, and generating compliance certificates.
naftiko: "0.5"
info:
label: "Apple Environmental Compliance Tracker"
description: "Tracks environmental compliance for product materials by querying supplier declarations, checking against Apple standards, and generating compliance certificates."
tags:
- sustainability
- compliance
- supply-chain
- environmental
capability:
exposes:
- type: mcp
namespace: env-compliance
port: 8080
tools:
- name: track-material-compliance
description: "Track environmental compliance for a product material: query supplier data, check Apple standards, and generate certificate."
inputParameters:
- name: material_id
in: body
type: string
description: "The material identifier."
- name: product_sku
in: body
type: string
description: "The product SKU the material is used in."
steps:
- name: get-supplier-declaration
type: call
call: "supplier-portal.get-material-declaration"
with:
material_id: "{{material_id}}"
- name: check-standards
type: call
call: "env-standards.validate-material"
with:
material_data: "{{get-supplier-declaration}}"
product_sku: "{{product_sku}}"
- name: generate-certificate
type: call
call: "compliance-docs.generate-cert"
with:
material_id: "{{material_id}}"
product_sku: "{{product_sku}}"
compliance_result: "{{check-standards.result}}"
- name: log-result
type: call
call: "snowflake.execute-query"
with:
query: "INSERT INTO env_compliance_log VALUES ('{{material_id}}', '{{product_sku}}', '{{check-standards.result}}', current_timestamp())"
warehouse: "COMPLIANCE_WH"
consumes:
- type: http
namespace: supplier-portal
baseUri: "https://supplier-portal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.supplier_portal_token"
resources:
- name: materials
path: "/materials/{{material_id}}/declaration"
inputParameters:
- name: material_id
in: path
operations:
- name: get-material-declaration
method: GET
- type: http
namespace: env-standards
baseUri: "https://env-standards.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.env_standards_token"
resources:
- name: validation
path: "/validate"
operations:
- name: validate-material
method: POST
- type: http
namespace: compliance-docs
baseUri: "https://compliance-docs.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_docs_token"
resources:
- name: certificates
path: "/certificates"
operations:
- name: generate-cert
method: POST
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: execute-query
method: POST
Apple Fitness+ Workout Catalog
▼
health fitness apple-fitness
Searches the Apple Fitness+ workout catalog by workout type, returning available sessions with trainer, duration, and difficulty.
naftiko: "0.5"
info:
label: "Apple Fitness+ Workout Catalog"
description: "Searches the Apple Fitness+ workout catalog by workout type, returning available sessions with trainer, duration, and difficulty."
tags:
- health
- fitness
- apple-fitness
capability:
exposes:
- type: mcp
namespace: fitness-plus
port: 8080
tools:
- name: search-workouts
description: "Search Fitness+ workouts by type. Returns matching sessions with trainer name, duration, and difficulty level."
inputParameters:
- name: workout_type
in: body
type: string
description: "The workout type, e.g. HIIT, Yoga, Cycling, Strength."
call: "fitness-api.search-workouts"
with:
workout_type: "{{workout_type}}"
outputParameters:
- name: workouts
type: array
mapping: "$.data.workouts"
- name: total_count
type: number
mapping: "$.data.totalCount"
consumes:
- type: http
namespace: fitness-api
baseUri: "https://fitness.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.fitness_api_token"
resources:
- name: workouts
path: "/workouts?type={{workout_type}}"
inputParameters:
- name: workout_type
in: query
operations:
- name: search-workouts
method: GET
Apple Health Records Export Status
▼
health data-export privacy
Checks the status of a health records export job from the Apple Health data pipeline, returning progress and record count.
naftiko: "0.5"
info:
label: "Apple Health Records Export Status"
description: "Checks the status of a health records export job from the Apple Health data pipeline, returning progress and record count."
tags:
- health
- data-export
- privacy
capability:
exposes:
- type: mcp
namespace: health-records
port: 8080
tools:
- name: get-export-status
description: "Check the status of an Apple Health records export job. Returns completion percentage, record count, and error summary."
inputParameters:
- name: export_job_id
in: body
type: string
description: "The health records export job identifier."
call: "health-data.get-export-job"
with:
export_job_id: "{{export_job_id}}"
outputParameters:
- name: status
type: string
mapping: "$.job.status"
- name: progress_percent
type: number
mapping: "$.job.progressPercent"
- name: record_count
type: number
mapping: "$.job.totalRecords"
consumes:
- type: http
namespace: health-data
baseUri: "https://health-data-internal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.health_data_token"
resources:
- name: export-jobs
path: "/exports/{{export_job_id}}"
inputParameters:
- name: export_job_id
in: path
operations:
- name: get-export-job
method: GET
Apple ID Account Lockout Remediation
▼
identity security account-management splunk
Handles Apple ID account lockouts by verifying identity, resetting the lockout flag, logging the event in Splunk, and notifying the user.
naftiko: "0.5"
info:
label: "Apple ID Account Lockout Remediation"
description: "Handles Apple ID account lockouts by verifying identity, resetting the lockout flag, logging the event in Splunk, and notifying the user."
tags:
- identity
- security
- account-management
- splunk
capability:
exposes:
- type: mcp
namespace: account-lockout
port: 8080
tools:
- name: remediate-account-lockout
description: "Given a locked Apple ID, verify identity, reset lockout, log the event, and notify the account holder."
inputParameters:
- name: apple_id
in: body
type: string
description: "The locked Apple ID email."
- name: support_ticket_id
in: body
type: string
description: "The associated support ticket ID."
steps:
- name: verify-identity
type: call
call: "identity.verify-user"
with:
apple_id: "{{apple_id}}"
- name: reset-lockout
type: call
call: "identity.reset-account-lockout"
with:
apple_id: "{{apple_id}}"
verification_token: "{{verify-identity.verification_token}}"
- name: log-event
type: call
call: "splunk.log-event"
with:
index: "security-events"
event: "account_lockout_remediation"
apple_id: "{{apple_id}}"
ticket_id: "{{support_ticket_id}}"
- name: notify-user
type: call
call: "ses.send-email"
with:
to: "{{apple_id}}"
subject: "Your Apple ID Account Has Been Unlocked"
body: "Your account lockout has been resolved. If you did not request this, please contact Apple Support immediately. Ref: {{support_ticket_id}}."
consumes:
- type: http
namespace: identity
baseUri: "https://idmsa.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.identity_service_token"
resources:
- name: verification
path: "/users/{{apple_id}}/verify"
inputParameters:
- name: apple_id
in: path
operations:
- name: verify-user
method: POST
- name: lockout
path: "/users/{{apple_id}}/lockout/reset"
inputParameters:
- name: apple_id
in: path
operations:
- name: reset-account-lockout
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.apple.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: events
path: "/collector/event"
operations:
- name: log-event
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Apple Intelligence Feature Rollout
▼
ai feature-management monitoring apple-intelligence
Manages progressive feature rollout for Apple Intelligence by checking feature flags, enabling for target audience segments, monitoring error rates, and reporting.
naftiko: "0.5"
info:
label: "Apple Intelligence Feature Rollout"
description: "Manages progressive feature rollout for Apple Intelligence by checking feature flags, enabling for target audience segments, monitoring error rates, and reporting."
tags:
- ai
- feature-management
- monitoring
- apple-intelligence
capability:
exposes:
- type: mcp
namespace: feature-rollout
port: 8080
tools:
- name: rollout-intelligence-feature
description: "Progressively roll out an Apple Intelligence feature: check flags, enable for segment, monitor errors, and report status."
inputParameters:
- name: feature_key
in: body
type: string
description: "The feature flag key."
- name: target_segment
in: body
type: string
description: "The target audience segment, e.g. beta_users, us_ios18."
- name: rollout_percent
in: body
type: number
description: "The rollout percentage, e.g. 10, 25, 50."
steps:
- name: check-flag-status
type: call
call: "feature-flags.get-flag"
with:
feature_key: "{{feature_key}}"
- name: enable-for-segment
type: call
call: "feature-flags.update-flag"
with:
feature_key: "{{feature_key}}"
segment: "{{target_segment}}"
rollout_percent: "{{rollout_percent}}"
- name: monitor-errors
type: call
call: "datadog.query-metrics"
with:
query: "sum:apple_intelligence.errors{feature:{{feature_key}}}.rollup(sum, 3600)"
time_range: "last_1h"
- name: report-status
type: call
call: "slack.post-message"
with:
channel: "#apple-intelligence"
text: "Feature {{feature_key}} rolled out to {{rollout_percent}}% of {{target_segment}}. Previous state: {{check-flag-status.current_percent}}%. Error rate: {{monitor-errors.error_count}} errors/hr."
consumes:
- type: http
namespace: feature-flags
baseUri: "https://feature-flags.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.feature_flags_token"
resources:
- name: flags
path: "/flags/{{feature_key}}"
inputParameters:
- name: feature_key
in: path
operations:
- name: get-flag
method: GET
- name: update-flag
method: PUT
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
operations:
- name: query-metrics
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Maps Geocode Lookup
▼
maps geolocation apple-maps
Geocodes an address string using the Apple MapKit JS API, returning latitude, longitude, and formatted address.
naftiko: "0.5"
info:
label: "Apple Maps Geocode Lookup"
description: "Geocodes an address string using the Apple MapKit JS API, returning latitude, longitude, and formatted address."
tags:
- maps
- geolocation
- apple-maps
capability:
exposes:
- type: mcp
namespace: apple-maps
port: 8080
tools:
- name: geocode-address
description: "Geocode a street address using Apple Maps. Returns latitude, longitude, and structured address components."
inputParameters:
- name: address
in: body
type: string
description: "The street address to geocode."
call: "mapkit.geocode"
with:
q: "{{address}}"
outputParameters:
- name: latitude
type: number
mapping: "$.results[0].coordinate.latitude"
- name: longitude
type: number
mapping: "$.results[0].coordinate.longitude"
- name: formatted_address
type: string
mapping: "$.results[0].formattedAddress"
consumes:
- type: http
namespace: mapkit
baseUri: "https://maps-api.apple.com/v1"
authentication:
type: bearer
token: "$secrets.mapkit_token"
resources:
- name: geocode
path: "/geocode?q={{q}}"
inputParameters:
- name: q
in: query
operations:
- name: geocode
method: GET
Apple Maps POI Data Quality Check
▼
maps data-quality analytics operations
Validates Apple Maps point-of-interest data by cross-referencing with external sources, scoring quality, and flagging discrepancies for the maps data team.
naftiko: "0.5"
info:
label: "Apple Maps POI Data Quality Check"
description: "Validates Apple Maps point-of-interest data by cross-referencing with external sources, scoring quality, and flagging discrepancies for the maps data team."
tags:
- maps
- data-quality
- analytics
- operations
capability:
exposes:
- type: mcp
namespace: maps-data-quality
port: 8080
tools:
- name: check-poi-quality
description: "Given a POI ID, cross-reference with external data, compute quality score, and flag discrepancies for review."
inputParameters:
- name: poi_id
in: body
type: string
description: "The Apple Maps POI identifier."
steps:
- name: get-poi-data
type: call
call: "maps-internal.get-poi"
with:
poi_id: "{{poi_id}}"
- name: cross-reference
type: call
call: "external-data.verify-business"
with:
name: "{{get-poi-data.name}}"
address: "{{get-poi-data.address}}"
phone: "{{get-poi-data.phone}}"
- name: compute-quality-score
type: call
call: "data-quality.score-poi"
with:
apple_data: "{{get-poi-data}}"
external_data: "{{cross-reference}}"
- name: flag-if-needed
type: call
call: "jira.create-issue"
with:
project: "MAPS"
summary: "POI quality issue: {{get-poi-data.name}} ({{poi_id}})"
description: "Quality score: {{compute-quality-score.score}}. Discrepancies: {{compute-quality-score.discrepancies}}"
issue_type: "Task"
consumes:
- type: http
namespace: maps-internal
baseUri: "https://maps-data.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.maps_data_token"
resources:
- name: pois
path: "/pois/{{poi_id}}"
inputParameters:
- name: poi_id
in: path
operations:
- name: get-poi
method: GET
- type: http
namespace: external-data
baseUri: "https://external-data-verify.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.external_data_token"
resources:
- name: businesses
path: "/verify"
operations:
- name: verify-business
method: POST
- type: http
namespace: data-quality
baseUri: "https://data-quality.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_quality_token"
resources:
- name: scoring
path: "/pois/score"
operations:
- name: score-poi
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Apple Maps Route ETA Lookup
▼
apple-maps routing geolocation
Calculates estimated travel time and distance between two locations using the Apple Maps API, returning route ETA and step-by-step directions.
naftiko: "0.5"
info:
label: "Apple Maps Route ETA Lookup"
description: "Calculates estimated travel time and distance between two locations using the Apple Maps API, returning route ETA and step-by-step directions."
tags:
- apple-maps
- routing
- geolocation
capability:
exposes:
- type: mcp
namespace: apple-maps-route
port: 8080
tools:
- name: get-route-eta
description: "Get estimated travel time and distance between an origin and destination using Apple Maps."
inputParameters:
- name: origin
in: body
type: string
description: "Origin coordinates as latitude,longitude."
- name: destination
in: body
type: string
description: "Destination coordinates as latitude,longitude."
- name: transport_type
in: body
type: string
description: "Transport type: Automobile, Walking, or Transit."
call: "applemaps.get-directions"
with:
origin: "{{origin}}"
destination: "{{destination}}"
transport_type: "{{transport_type}}"
outputParameters:
- name: eta_minutes
type: number
mapping: "$.routes[0].expectedTravelTimeMinutes"
- name: distance_km
type: number
mapping: "$.routes[0].distanceMeters"
consumes:
- type: http
namespace: applemaps
baseUri: "https://maps-api.apple.com/v1"
authentication:
type: bearer
token: "$secrets.apple_maps_token"
resources:
- name: directions
path: "/directions?origin={{origin}}&destination={{destination}}&transportType={{transport_type}}"
inputParameters:
- name: origin
in: query
- name: destination
in: query
- name: transport_type
in: query
operations:
- name: get-directions
method: GET
Apple Music Content Ingestion Pipeline
▼
media apple-music content-ingestion s3
Ingests new music content by validating metadata, uploading assets to S3, registering tracks in the catalog, and notifying the editorial team.
naftiko: "0.5"
info:
label: "Apple Music Content Ingestion Pipeline"
description: "Ingests new music content by validating metadata, uploading assets to S3, registering tracks in the catalog, and notifying the editorial team."
tags:
- media
- apple-music
- content-ingestion
- s3
capability:
exposes:
- type: mcp
namespace: music-ingestion
port: 8080
tools:
- name: ingest-album
description: "Ingest a new album: validate metadata, upload assets, register in catalog, and notify editorial team."
inputParameters:
- name: album_upc
in: body
type: string
description: "The album UPC barcode."
- name: label_id
in: body
type: string
description: "The record label identifier."
steps:
- name: validate-metadata
type: call
call: "music-metadata.validate-album"
with:
album_upc: "{{album_upc}}"
label_id: "{{label_id}}"
- name: upload-assets
type: call
call: "s3.put-object"
with:
bucket: "apple-music-assets"
key: "albums/{{album_upc}}/master"
metadata_ref: "{{validate-metadata.asset_manifest}}"
- name: register-catalog
type: call
call: "music-catalog.register-album"
with:
album_upc: "{{album_upc}}"
asset_url: "{{upload-assets.object_url}}"
metadata: "{{validate-metadata.metadata}}"
- name: notify-editorial
type: call
call: "slack.post-message"
with:
channel: "#music-editorial"
text: "New album ingested: {{validate-metadata.album_title}} (UPC: {{album_upc}}). Catalog ID: {{register-catalog.catalog_id}}."
consumes:
- type: http
namespace: music-metadata
baseUri: "https://music-metadata.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.music_metadata_token"
resources:
- name: albums
path: "/albums/{{album_upc}}/validate"
inputParameters:
- name: album_upc
in: path
operations:
- name: validate-album
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-west-2.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_s3_token"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- type: http
namespace: music-catalog
baseUri: "https://music-catalog.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.music_catalog_token"
resources:
- name: albums
path: "/albums"
operations:
- name: register-album
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Music Playlist Lookup
▼
media apple-music content
Retrieves playlist details from Apple Music by playlist ID, including name, track count, curator, and description.
naftiko: "0.5"
info:
label: "Apple Music Playlist Lookup"
description: "Retrieves playlist details from Apple Music by playlist ID, including name, track count, curator, and description."
tags:
- media
- apple-music
- content
capability:
exposes:
- type: mcp
namespace: apple-music
port: 8080
tools:
- name: get-playlist
description: "Look up an Apple Music playlist by ID. Returns playlist name, description, curator name, and track count."
inputParameters:
- name: playlist_id
in: body
type: string
description: "The Apple Music playlist identifier."
call: "musickit.get-playlist"
with:
playlist_id: "{{playlist_id}}"
outputParameters:
- name: name
type: string
mapping: "$.data[0].attributes.name"
- name: track_count
type: number
mapping: "$.data[0].attributes.trackCount"
- name: curator
type: string
mapping: "$.data[0].attributes.curatorName"
consumes:
- type: http
namespace: musickit
baseUri: "https://api.music.apple.com/v1"
authentication:
type: bearer
token: "$secrets.musickit_token"
resources:
- name: playlists
path: "/catalog/us/playlists/{{playlist_id}}"
inputParameters:
- name: playlist_id
in: path
operations:
- name: get-playlist
method: GET
Apple News Publisher Analytics
▼
media apple-news analytics
Retrieves article performance analytics for an Apple News publisher channel, including impressions, unique viewers, and shares.
naftiko: "0.5"
info:
label: "Apple News Publisher Analytics"
description: "Retrieves article performance analytics for an Apple News publisher channel, including impressions, unique viewers, and shares."
tags:
- media
- apple-news
- analytics
capability:
exposes:
- type: mcp
namespace: apple-news
port: 8080
tools:
- name: get-article-analytics
description: "Get Apple News article performance metrics by article ID. Returns impressions, unique viewers, and share count."
inputParameters:
- name: article_id
in: body
type: string
description: "The Apple News article identifier."
call: "news-api.get-analytics"
with:
article_id: "{{article_id}}"
outputParameters:
- name: impressions
type: number
mapping: "$.analytics.impressions"
- name: unique_viewers
type: number
mapping: "$.analytics.uniqueViewers"
- name: shares
type: number
mapping: "$.analytics.shareCount"
consumes:
- type: http
namespace: news-api
baseUri: "https://news-api.apple.com/v1"
authentication:
type: bearer
token: "$secrets.apple_news_api_token"
resources:
- name: analytics
path: "/articles/{{article_id}}/analytics"
inputParameters:
- name: article_id
in: path
operations:
- name: get-analytics
method: GET
Apple Patent Prior Art Search
▼
legal intellectual-property ai research
Searches for prior art related to a patent application by querying patent databases, analyzing relevance with AI, and generating a prior art report for the legal team.
naftiko: "0.5"
info:
label: "Apple Patent Prior Art Search"
description: "Searches for prior art related to a patent application by querying patent databases, analyzing relevance with AI, and generating a prior art report for the legal team."
tags:
- legal
- intellectual-property
- ai
- research
capability:
exposes:
- type: mcp
namespace: patent-search
port: 8080
tools:
- name: search-prior-art
description: "Search for prior art: query patent databases, analyze relevance with AI, and generate a report for the legal team."
inputParameters:
- name: patent_title
in: body
type: string
description: "The patent application title."
- name: abstract
in: body
type: string
description: "The patent application abstract."
- name: classification_code
in: body
type: string
description: "The IPC classification code."
steps:
- name: search-patents
type: call
call: "patent-db.search"
with:
query: "{{patent_title}}"
classification: "{{classification_code}}"
- name: analyze-relevance
type: call
call: "openai.analyze-text"
with:
text: "Application abstract: {{abstract}}\n\nPotential prior art results: {{search-patents.results}}"
instruction: "Analyze each prior art result for relevance to the application. Score 0-100 for overlap. Return JSON with ranked results and analysis."
- name: generate-report
type: call
call: "confluence.create-page"
with:
space_key: "LEGAL"
title: "Prior Art Report: {{patent_title}}"
body: "{{analyze-relevance.report}}. Total results: {{search-patents.total_count}}. High-relevance matches: {{analyze-relevance.high_relevance_count}}."
- name: notify-legal
type: call
call: "slack.post-message"
with:
channel: "#ip-legal"
text: "Prior art search complete for '{{patent_title}}'. {{analyze-relevance.high_relevance_count}} high-relevance matches found. Report: {{generate-report.url}}"
consumes:
- type: http
namespace: patent-db
baseUri: "https://patent-search.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.patent_db_token"
resources:
- name: search
path: "/search"
operations:
- name: search
method: POST
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: confluence
baseUri: "https://apple-eng.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Pay Fraud Detection Workflow
▼
payments fraud-detection security splunk
Detects potentially fraudulent Apple Pay transactions by scoring with an ML model, blocking suspicious merchants, logging to Splunk, and alerting the fraud team.
naftiko: "0.5"
info:
label: "Apple Pay Fraud Detection Workflow"
description: "Detects potentially fraudulent Apple Pay transactions by scoring with an ML model, blocking suspicious merchants, logging to Splunk, and alerting the fraud team."
tags:
- payments
- fraud-detection
- security
- splunk
capability:
exposes:
- type: mcp
namespace: fraud-detection
port: 8080
tools:
- name: evaluate-transaction-fraud
description: "Given a transaction ID, score for fraud risk, block if suspicious, log the event, and alert the fraud operations team."
inputParameters:
- name: transaction_id
in: body
type: string
description: "The Apple Pay transaction ID to evaluate."
steps:
- name: get-transaction
type: call
call: "applepay.get-transaction"
with:
transaction_id: "{{transaction_id}}"
- name: score-fraud-risk
type: call
call: "fraud-ml.score-transaction"
with:
amount: "{{get-transaction.amount}}"
merchant_id: "{{get-transaction.merchant_id}}"
country: "{{get-transaction.country}}"
device_id: "{{get-transaction.device_id}}"
- name: log-to-splunk
type: call
call: "splunk.log-event"
with:
index: "fraud-events"
event: "fraud_score"
transaction_id: "{{transaction_id}}"
score: "{{score-fraud-risk.risk_score}}"
- name: alert-fraud-team
type: call
call: "slack.post-message"
with:
channel: "#fraud-ops"
text: "Fraud evaluation for txn {{transaction_id}}: Risk score={{score-fraud-risk.risk_score}}, Decision={{score-fraud-risk.decision}}. Merchant: {{get-transaction.merchant_name}}."
consumes:
- type: http
namespace: applepay
baseUri: "https://apple-pay-gateway.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.apple_pay_api_token"
resources:
- name: transactions
path: "/transactions/{{transaction_id}}"
inputParameters:
- name: transaction_id
in: path
operations:
- name: get-transaction
method: GET
- type: http
namespace: fraud-ml
baseUri: "https://fraud-ml.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.fraud_ml_token"
resources:
- name: scoring
path: "/score"
operations:
- name: score-transaction
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.apple.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: events
path: "/collector/event"
operations:
- name: log-event
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Pay Merchant Onboarding
▼
payments apple-pay merchant onboarding
Onboards a new merchant to Apple Pay by validating their certificate, provisioning a payment session, registering in the merchant portal, and sending confirmation.
naftiko: "0.5"
info:
label: "Apple Pay Merchant Onboarding"
description: "Onboards a new merchant to Apple Pay by validating their certificate, provisioning a payment session, registering in the merchant portal, and sending confirmation."
tags:
- payments
- apple-pay
- merchant
- onboarding
capability:
exposes:
- type: mcp
namespace: merchant-onboarding
port: 8080
tools:
- name: onboard-merchant
description: "Onboard a new Apple Pay merchant: validate certificate, provision payment session, register merchant, and confirm via email."
inputParameters:
- name: merchant_id
in: body
type: string
description: "The merchant identifier to onboard."
- name: domain
in: body
type: string
description: "The merchant web domain for domain verification."
- name: contact_email
in: body
type: string
description: "The merchant contact email address."
steps:
- name: validate-certificate
type: call
call: "applepay.validate-merchant-cert"
with:
merchant_id: "{{merchant_id}}"
domain: "{{domain}}"
- name: provision-session
type: call
call: "applepay.create-payment-session"
with:
merchant_id: "{{merchant_id}}"
validation_url: "{{validate-certificate.validation_url}}"
- name: register-merchant
type: call
call: "merchant-portal.register"
with:
merchant_id: "{{merchant_id}}"
session_token: "{{provision-session.session_token}}"
domain: "{{domain}}"
- name: send-confirmation
type: call
call: "ses.send-email"
with:
to: "{{contact_email}}"
subject: "Apple Pay Merchant Onboarding Complete"
body: "Merchant {{merchant_id}} has been successfully onboarded. Portal ID: {{register-merchant.portal_id}}."
consumes:
- type: http
namespace: applepay
baseUri: "https://apple-pay-gateway.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.apple_pay_api_token"
resources:
- name: validation
path: "/merchants/{{merchant_id}}/validate"
inputParameters:
- name: merchant_id
in: path
operations:
- name: validate-merchant-cert
method: POST
- name: sessions
path: "/payment-sessions"
operations:
- name: create-payment-session
method: POST
- type: http
namespace: merchant-portal
baseUri: "https://merchant-portal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.merchant_portal_token"
resources:
- name: registration
path: "/merchants"
operations:
- name: register
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Apple Pay Transaction Lookup
▼
payments apple-pay fintech
Retrieves details of an Apple Pay transaction by its transaction ID, including merchant, amount, status, and timestamp.
naftiko: "0.5"
info:
label: "Apple Pay Transaction Lookup"
description: "Retrieves details of an Apple Pay transaction by its transaction ID, including merchant, amount, status, and timestamp."
tags:
- payments
- apple-pay
- fintech
capability:
exposes:
- type: mcp
namespace: apple-pay
port: 8080
tools:
- name: get-transaction
description: "Look up an Apple Pay transaction by ID. Returns merchant name, amount, currency, status, and timestamp."
inputParameters:
- name: transaction_id
in: body
type: string
description: "The Apple Pay transaction identifier."
call: "applepay.get-transaction"
with:
transaction_id: "{{transaction_id}}"
outputParameters:
- name: merchant_name
type: string
mapping: "$.merchantName"
- name: amount
type: number
mapping: "$.amount"
- name: status
type: string
mapping: "$.transactionStatus"
consumes:
- type: http
namespace: applepay
baseUri: "https://apple-pay-gateway.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.apple_pay_api_token"
resources:
- name: transactions
path: "/transactions/{{transaction_id}}"
inputParameters:
- name: transaction_id
in: path
operations:
- name: get-transaction
method: GET
Apple Podcast Analytics Digest
▼
media apple-podcasts analytics reporting
Generates a podcast performance digest by pulling analytics from Apple Podcasts Connect, summarizing with AI, and distributing to the content team via Slack.
naftiko: "0.5"
info:
label: "Apple Podcast Analytics Digest"
description: "Generates a podcast performance digest by pulling analytics from Apple Podcasts Connect, summarizing with AI, and distributing to the content team via Slack."
tags:
- media
- apple-podcasts
- analytics
- reporting
capability:
exposes:
- type: mcp
namespace: podcast-analytics
port: 8080
tools:
- name: generate-podcast-digest
description: "Generate a podcast analytics digest: fetch metrics, summarize with AI, and distribute to content team."
inputParameters:
- name: show_id
in: body
type: string
description: "The Apple Podcasts show identifier."
- name: period
in: body
type: string
description: "The reporting period, e.g. last_7d, last_30d."
steps:
- name: fetch-analytics
type: call
call: "podcasts-connect.get-analytics"
with:
show_id: "{{show_id}}"
period: "{{period}}"
- name: summarize-performance
type: call
call: "openai.analyze-text"
with:
text: "Downloads: {{fetch-analytics.total_downloads}}, Listeners: {{fetch-analytics.unique_listeners}}, Avg completion: {{fetch-analytics.avg_completion_rate}}%, Top episode: {{fetch-analytics.top_episode}}"
instruction: "Summarize podcast performance. Highlight trends, top content, and growth recommendations."
- name: post-to-slack
type: call
call: "slack.post-message"
with:
channel: "#podcast-content"
text: "Podcast digest for {{show_id}} ({{period}}):\n{{summarize-performance.summary}}"
consumes:
- type: http
namespace: podcasts-connect
baseUri: "https://api.podcastsconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.podcasts_connect_token"
resources:
- name: analytics
path: "/shows/{{show_id}}/analytics?period={{period}}"
inputParameters:
- name: show_id
in: path
- name: period
in: query
operations:
- name: get-analytics
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Push Notification Delivery Status
▼
notifications apns mobile
Checks the delivery status of an Apple Push Notification by its notification UUID, returning delivery state and timestamp.
naftiko: "0.5"
info:
label: "Apple Push Notification Delivery Status"
description: "Checks the delivery status of an Apple Push Notification by its notification UUID, returning delivery state and timestamp."
tags:
- notifications
- apns
- mobile
capability:
exposes:
- type: mcp
namespace: apns-status
port: 8080
tools:
- name: get-notification-status
description: "Check the delivery status of an APNs push notification by UUID. Returns delivery state, device token prefix, and timestamp."
inputParameters:
- name: notification_id
in: body
type: string
description: "The APNs notification UUID."
call: "apns.get-delivery-status"
with:
notification_id: "{{notification_id}}"
outputParameters:
- name: delivery_state
type: string
mapping: "$.deliveryStatus"
- name: timestamp
type: string
mapping: "$.deliveredAt"
consumes:
- type: http
namespace: apns
baseUri: "https://api.push.apple.com/v3"
authentication:
type: bearer
token: "$secrets.apns_auth_token"
resources:
- name: notifications
path: "/notifications/{{notification_id}}/status"
inputParameters:
- name: notification_id
in: path
operations:
- name: get-delivery-status
method: GET
Apple Renewable Energy Monitoring
▼
sustainability energy monitoring operations
Monitors renewable energy generation across Apple facilities by querying solar and wind output, comparing against consumption, and reporting sustainability metrics.
naftiko: "0.5"
info:
label: "Apple Renewable Energy Monitoring"
description: "Monitors renewable energy generation across Apple facilities by querying solar and wind output, comparing against consumption, and reporting sustainability metrics."
tags:
- sustainability
- energy
- monitoring
- operations
capability:
exposes:
- type: mcp
namespace: renewable-energy
port: 8080
tools:
- name: monitor-energy-output
description: "Monitor renewable energy: query generation data, compare against consumption, calculate sustainability metrics, and report."
inputParameters:
- name: facility_id
in: body
type: string
description: "The Apple facility identifier."
- name: date
in: body
type: string
description: "The monitoring date in YYYY-MM-DD format."
steps:
- name: get-generation-data
type: call
call: "energy-api.get-generation"
with:
facility_id: "{{facility_id}}"
date: "{{date}}"
- name: get-consumption-data
type: call
call: "energy-api.get-consumption"
with:
facility_id: "{{facility_id}}"
date: "{{date}}"
- name: calculate-metrics
type: call
call: "sustainability-api.calculate-metrics"
with:
generation_kwh: "{{get-generation-data.total_kwh}}"
consumption_kwh: "{{get-consumption-data.total_kwh}}"
facility_id: "{{facility_id}}"
- name: post-report
type: call
call: "slack.post-message"
with:
channel: "#sustainability"
text: "Energy report for {{facility_id}} on {{date}}: Generated={{get-generation-data.total_kwh}}kWh, Consumed={{get-consumption-data.total_kwh}}kWh, Renewable ratio={{calculate-metrics.renewable_percent}}%."
consumes:
- type: http
namespace: energy-api
baseUri: "https://energy-monitoring.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.energy_api_token"
resources:
- name: generation
path: "/facilities/{{facility_id}}/generation?date={{date}}"
inputParameters:
- name: facility_id
in: path
- name: date
in: query
operations:
- name: get-generation
method: GET
- name: consumption
path: "/facilities/{{facility_id}}/consumption?date={{date}}"
inputParameters:
- name: facility_id
in: path
- name: date
in: query
operations:
- name: get-consumption
method: GET
- type: http
namespace: sustainability-api
baseUri: "https://sustainability.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.sustainability_api_token"
resources:
- name: metrics
path: "/metrics/calculate"
operations:
- name: calculate-metrics
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Retail Store Info Lookup
▼
retail operations store-management
Retrieves details of an Apple Retail Store by store number, including address, phone, hours, and Genius Bar availability.
naftiko: "0.5"
info:
label: "Apple Retail Store Info Lookup"
description: "Retrieves details of an Apple Retail Store by store number, including address, phone, hours, and Genius Bar availability."
tags:
- retail
- operations
- store-management
capability:
exposes:
- type: mcp
namespace: apple-retail
port: 8080
tools:
- name: get-store-info
description: "Look up an Apple Retail Store by store number. Returns address, phone, operating hours, and Genius Bar status."
inputParameters:
- name: store_number
in: body
type: string
description: "The Apple Retail Store number, e.g. R001."
call: "retail-api.get-store"
with:
store_number: "{{store_number}}"
outputParameters:
- name: name
type: string
mapping: "$.store.name"
- name: address
type: string
mapping: "$.store.address.formattedAddress"
- name: genius_bar_available
type: boolean
mapping: "$.store.geniusBarAvailable"
consumes:
- type: http
namespace: retail-api
baseUri: "https://retail-internal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.retail_api_token"
resources:
- name: stores
path: "/stores/{{store_number}}"
inputParameters:
- name: store_number
in: path
operations:
- name: get-store
method: GET
Apple Search Ads Campaign Optimizer
▼
marketing apple-search-ads optimization advertising
Optimizes Apple Search Ads campaigns by pulling performance data, analyzing with AI, adjusting bids, and reporting results to the marketing team.
naftiko: "0.5"
info:
label: "Apple Search Ads Campaign Optimizer"
description: "Optimizes Apple Search Ads campaigns by pulling performance data, analyzing with AI, adjusting bids, and reporting results to the marketing team."
tags:
- marketing
- apple-search-ads
- optimization
- advertising
capability:
exposes:
- type: mcp
namespace: search-ads-optimizer
port: 8080
tools:
- name: optimize-campaign
description: "Optimize an Apple Search Ads campaign: fetch metrics, analyze performance, adjust bids, and report to marketing."
inputParameters:
- name: campaign_id
in: body
type: string
description: "The Apple Search Ads campaign identifier."
steps:
- name: fetch-campaign-data
type: call
call: "searchads.get-campaign-report"
with:
campaign_id: "{{campaign_id}}"
- name: analyze-performance
type: call
call: "openai.analyze-text"
with:
text: "Campaign {{campaign_id}}: CPA=${{fetch-campaign-data.avg_cpa}}, CTR={{fetch-campaign-data.ctr}}%, Conversions={{fetch-campaign-data.conversions}}, Spend=${{fetch-campaign-data.total_spend}}"
instruction: "Analyze this Apple Search Ads campaign. Recommend bid adjustments and keyword changes. Return JSON with recommendations."
- name: apply-bid-adjustments
type: call
call: "searchads.update-campaign-bids"
with:
campaign_id: "{{campaign_id}}"
recommendations: "{{analyze-performance.recommendations}}"
- name: report-results
type: call
call: "slack.post-message"
with:
channel: "#search-ads-marketing"
text: "Campaign {{campaign_id}} optimized. CPA: ${{fetch-campaign-data.avg_cpa}}. Bid changes applied: {{apply-bid-adjustments.changes_count}}. AI insights: {{analyze-performance.summary}}."
consumes:
- type: http
namespace: searchads
baseUri: "https://api.searchads.apple.com/api/v4"
authentication:
type: bearer
token: "$secrets.search_ads_token"
resources:
- name: reports
path: "/campaigns/{{campaign_id}}/reports"
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-campaign-report
method: POST
- name: bids
path: "/campaigns/{{campaign_id}}/bids"
inputParameters:
- name: campaign_id
in: path
operations:
- name: update-campaign-bids
method: PUT
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Silicon Chip Spec Lookup
▼
hardware silicon-design engineering
Retrieves technical specifications for an Apple Silicon chip by model identifier, including core counts, transistor count, and process node.
naftiko: "0.5"
info:
label: "Apple Silicon Chip Spec Lookup"
description: "Retrieves technical specifications for an Apple Silicon chip by model identifier, including core counts, transistor count, and process node."
tags:
- hardware
- silicon-design
- engineering
capability:
exposes:
- type: mcp
namespace: silicon-specs
port: 8080
tools:
- name: get-chip-spec
description: "Look up Apple Silicon chip specifications by model ID. Returns CPU/GPU core counts, transistor count, and fabrication process node."
inputParameters:
- name: chip_model
in: body
type: string
description: "The chip model identifier, e.g. M3-Pro."
call: "engineering-db.get-chip"
with:
chip_model: "{{chip_model}}"
outputParameters:
- name: cpu_cores
type: number
mapping: "$.chip.cpuCoreCount"
- name: gpu_cores
type: number
mapping: "$.chip.gpuCoreCount"
- name: process_node_nm
type: number
mapping: "$.chip.processNodeNm"
consumes:
- type: http
namespace: engineering-db
baseUri: "https://engineering-data.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.engineering_db_token"
resources:
- name: chips
path: "/silicon/chips/{{chip_model}}"
inputParameters:
- name: chip_model
in: path
operations:
- name: get-chip
method: GET
Apple Silicon Thermal Test Pipeline
▼
silicon-design hardware testing engineering
Runs thermal validation tests on Apple Silicon chips by triggering test bench execution, collecting sensor data, analyzing results, and filing deviations.
naftiko: "0.5"
info:
label: "Apple Silicon Thermal Test Pipeline"
description: "Runs thermal validation tests on Apple Silicon chips by triggering test bench execution, collecting sensor data, analyzing results, and filing deviations."
tags:
- silicon-design
- hardware
- testing
- engineering
capability:
exposes:
- type: mcp
namespace: thermal-testing
port: 8080
tools:
- name: run-thermal-validation
description: "Run thermal validation on a chip: trigger tests, collect sensor data, analyze results, and file deviations if found."
inputParameters:
- name: chip_model
in: body
type: string
description: "The chip model under test, e.g. M4-Pro."
- name: test_profile
in: body
type: string
description: "The thermal test profile, e.g. sustained_load, burst, idle."
steps:
- name: trigger-test
type: call
call: "test-bench.start-thermal-test"
with:
chip_model: "{{chip_model}}"
profile: "{{test_profile}}"
- name: collect-sensor-data
type: call
call: "test-bench.get-sensor-readings"
with:
test_run_id: "{{trigger-test.test_run_id}}"
- name: analyze-results
type: call
call: "thermal-analysis.evaluate"
with:
sensor_data: "{{collect-sensor-data.readings}}"
chip_model: "{{chip_model}}"
profile: "{{test_profile}}"
- name: file-deviation
type: call
call: "jira.create-issue"
with:
project: "SILICON"
summary: "Thermal deviation: {{chip_model}} under {{test_profile}}"
description: "Max temp: {{analyze-results.max_temp_c}}C. Threshold: {{analyze-results.threshold_c}}C. Deviation: {{analyze-results.deviation_c}}C."
issue_type: "Bug"
consumes:
- type: http
namespace: test-bench
baseUri: "https://test-bench.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.test_bench_token"
resources:
- name: thermal-tests
path: "/thermal/tests"
operations:
- name: start-thermal-test
method: POST
- name: sensors
path: "/tests/{{test_run_id}}/sensors"
inputParameters:
- name: test_run_id
in: path
operations:
- name: get-sensor-readings
method: GET
- type: http
namespace: thermal-analysis
baseUri: "https://thermal-analysis.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.thermal_analysis_token"
resources:
- name: evaluation
path: "/evaluate"
operations:
- name: evaluate
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Apple Store Inventory Rebalancing
▼
retail supply-chain inventory sap
Rebalances retail inventory by querying store stock levels, identifying surplus and deficit locations, generating transfer orders in SAP, and notifying logistics.
naftiko: "0.5"
info:
label: "Apple Store Inventory Rebalancing"
description: "Rebalances retail inventory by querying store stock levels, identifying surplus and deficit locations, generating transfer orders in SAP, and notifying logistics."
tags:
- retail
- supply-chain
- inventory
- sap
capability:
exposes:
- type: mcp
namespace: inventory-rebalance
port: 8080
tools:
- name: rebalance-product-inventory
description: "Given a product SKU, check stock levels across stores, compute transfer recommendations, create SAP transfer orders, and notify logistics."
inputParameters:
- name: product_sku
in: body
type: string
description: "The product SKU to rebalance."
- name: region
in: body
type: string
description: "The retail region code, e.g. US-WEST, EMEA."
steps:
- name: get-stock-levels
type: call
call: "retail-api.get-regional-stock"
with:
product_sku: "{{product_sku}}"
region: "{{region}}"
- name: compute-transfers
type: call
call: "inventory-optimizer.compute-transfers"
with:
stock_data: "{{get-stock-levels.stores}}"
product_sku: "{{product_sku}}"
- name: create-sap-orders
type: call
call: "sap.create-transfer-order"
with:
transfers: "{{compute-transfers.transfer_plan}}"
material_number: "{{product_sku}}"
- name: notify-logistics
type: call
call: "slack.post-message"
with:
channel: "#retail-logistics"
text: "Inventory rebalance initiated for {{product_sku}} in {{region}}. {{compute-transfers.transfer_count}} transfers created. SAP order: {{create-sap-orders.order_id}}."
consumes:
- type: http
namespace: retail-api
baseUri: "https://retail-internal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.retail_api_token"
resources:
- name: stock
path: "/inventory/{{product_sku}}/stock?region={{region}}"
inputParameters:
- name: product_sku
in: path
- name: region
in: query
operations:
- name: get-regional-stock
method: GET
- type: http
namespace: inventory-optimizer
baseUri: "https://inventory-optimizer.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.inventory_optimizer_token"
resources:
- name: transfers
path: "/optimize/transfers"
operations:
- name: compute-transfers
method: POST
- type: http
namespace: sap
baseUri: "https://sap.apple.com/api/v1"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: transfer-orders
path: "/transfer-orders"
operations:
- name: create-transfer-order
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Support Case Routing AI
▼
customer-service ai servicenow support
Routes Apple Support cases by analyzing the issue with AI, classifying severity and product area, assigning to the right team in ServiceNow, and notifying the team lead.
naftiko: "0.5"
info:
label: "Apple Support Case Routing AI"
description: "Routes Apple Support cases by analyzing the issue with AI, classifying severity and product area, assigning to the right team in ServiceNow, and notifying the team lead."
tags:
- customer-service
- ai
- servicenow
- support
capability:
exposes:
- type: mcp
namespace: case-routing
port: 8080
tools:
- name: route-support-case
description: "Route a support case: analyze with AI, classify product/severity, assign in ServiceNow, and notify team lead."
inputParameters:
- name: case_id
in: body
type: string
description: "The support case identifier."
- name: issue_text
in: body
type: string
description: "The customer issue description."
steps:
- name: classify-issue
type: call
call: "openai.analyze-text"
with:
text: "{{issue_text}}"
instruction: "Classify this Apple Support case. Return JSON with product_area (iPhone, Mac, iPad, Services, etc.), severity (P1-P4), and suggested_team."
- name: update-case
type: call
call: "servicenow.update-incident"
with:
sys_id: "{{case_id}}"
category: "{{classify-issue.product_area}}"
priority: "{{classify-issue.severity}}"
assignment_group: "{{classify-issue.suggested_team}}"
- name: notify-team-lead
type: call
call: "slack.post-message"
with:
channel: "#support-escalations"
text: "Case {{case_id}} routed to {{classify-issue.suggested_team}} ({{classify-issue.severity}}). Product: {{classify-issue.product_area}}."
consumes:
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{sys_id}}"
inputParameters:
- name: sys_id
in: path
operations:
- name: update-incident
method: PATCH
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple TV+ Content Catalog Search
▼
media apple-tv content
Searches the Apple TV+ content catalog by keyword, returning matching titles with genre, rating, and release year.
naftiko: "0.5"
info:
label: "Apple TV+ Content Catalog Search"
description: "Searches the Apple TV+ content catalog by keyword, returning matching titles with genre, rating, and release year."
tags:
- media
- apple-tv
- content
capability:
exposes:
- type: mcp
namespace: apple-tv-plus
port: 8080
tools:
- name: search-catalog
description: "Search Apple TV+ content catalog by keyword. Returns matching show/movie titles, genres, and ratings."
inputParameters:
- name: query
in: body
type: string
description: "The search keyword or phrase."
call: "tvservices.search-content"
with:
query: "{{query}}"
outputParameters:
- name: results
type: array
mapping: "$.data.results"
- name: result_count
type: number
mapping: "$.data.totalCount"
consumes:
- type: http
namespace: tvservices
baseUri: "https://tv.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.tv_services_token"
resources:
- name: search
path: "/search?term={{query}}&type=shows,movies"
inputParameters:
- name: query
in: query
operations:
- name: search-content
method: GET
Apple TV+ Content Localization Workflow
▼
media apple-tv localization content-delivery
Manages content localization by extracting subtitles, translating via AI, uploading to the content delivery network, and notifying the localization team.
naftiko: "0.5"
info:
label: "Apple TV+ Content Localization Workflow"
description: "Manages content localization by extracting subtitles, translating via AI, uploading to the content delivery network, and notifying the localization team."
tags:
- media
- apple-tv
- localization
- content-delivery
capability:
exposes:
- type: mcp
namespace: tv-localization
port: 8080
tools:
- name: localize-content
description: "Localize Apple TV+ content: extract subtitles, translate to target language, upload to CDN, and notify localization team."
inputParameters:
- name: content_id
in: body
type: string
description: "The Apple TV+ content identifier."
- name: target_language
in: body
type: string
description: "The target language code, e.g. es, fr, ja."
steps:
- name: extract-subtitles
type: call
call: "content-pipeline.extract-subtitles"
with:
content_id: "{{content_id}}"
- name: translate-subtitles
type: call
call: "openai.translate-text"
with:
text: "{{extract-subtitles.subtitle_text}}"
target_language: "{{target_language}}"
- name: upload-to-cdn
type: call
call: "cdn-api.upload-asset"
with:
content_id: "{{content_id}}"
asset_type: "subtitles"
language: "{{target_language}}"
data: "{{translate-subtitles.translated_text}}"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "#localization"
text: "Localized subtitles for {{content_id}} in {{target_language}} uploaded to CDN. Asset URL: {{upload-to-cdn.asset_url}}."
consumes:
- type: http
namespace: content-pipeline
baseUri: "https://content-pipeline.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.content_pipeline_token"
resources:
- name: subtitles
path: "/content/{{content_id}}/subtitles"
inputParameters:
- name: content_id
in: path
operations:
- name: extract-subtitles
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: translate-text
method: POST
- type: http
namespace: cdn-api
baseUri: "https://cdn-management.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.cdn_api_token"
resources:
- name: assets
path: "/assets"
operations:
- name: upload-asset
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Apple Wallet Pass Status Check
▼
digital-wallets apple-wallet mobile
Checks the status of an Apple Wallet pass by pass type and serial number, returning validity and last update.
naftiko: "0.5"
info:
label: "Apple Wallet Pass Status Check"
description: "Checks the status of an Apple Wallet pass by pass type and serial number, returning validity and last update."
tags:
- digital-wallets
- apple-wallet
- mobile
capability:
exposes:
- type: mcp
namespace: apple-wallet
port: 8080
tools:
- name: get-pass-status
description: "Check Apple Wallet pass validity by pass type ID and serial number. Returns pass status, last updated date, and voided flag."
inputParameters:
- name: pass_type_id
in: body
type: string
description: "The pass type identifier."
- name: serial_number
in: body
type: string
description: "The pass serial number."
call: "wallet-api.get-pass"
with:
pass_type_id: "{{pass_type_id}}"
serial_number: "{{serial_number}}"
outputParameters:
- name: status
type: string
mapping: "$.pass.status"
- name: last_updated
type: string
mapping: "$.pass.lastUpdated"
- name: is_voided
type: boolean
mapping: "$.pass.voided"
consumes:
- type: http
namespace: wallet-api
baseUri: "https://wallet-api.apple.com/v1"
authentication:
type: bearer
token: "$secrets.wallet_api_token"
resources:
- name: passes
path: "/passes/{{pass_type_id}}/{{serial_number}}"
inputParameters:
- name: pass_type_id
in: path
- name: serial_number
in: path
operations:
- name: get-pass
method: GET
Change Management Approval Workflow
▼
itsm change-management servicenow slack
Creates a ServiceNow change request for infrastructure changes, routes it to CAB, and notifies the requestor via Slack.
naftiko: "0.5"
info:
label: "Change Management Approval Workflow"
description: "Creates a ServiceNow change request for infrastructure changes, routes it to CAB, and notifies the requestor via Slack."
tags:
- itsm
- change-management
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: create-change-request
description: "Given change details, create a ServiceNow change request and notify the requestor via Slack. Use for infrastructure and application changes requiring CAB approval."
inputParameters:
- name: short_description
in: body
type: string
description: "Brief description of the change."
- name: change_type
in: body
type: string
description: "Change type: normal, standard, or emergency."
- name: risk_level
in: body
type: string
description: "Risk level: low, medium, high, or critical."
- name: requestor_slack_id
in: body
type: string
description: "The Slack user ID of the change requestor."
steps:
- name: create-cr
type: call
call: "servicenow-chg.create-change"
with:
short_description: "{{short_description}}"
type: "{{change_type}}"
risk: "{{risk_level}}"
assignment_group: "CAB"
- name: notify-requestor
type: call
call: "slack-chg.post-message"
with:
channel: "{{requestor_slack_id}}"
text: "Change request submitted: {{create-cr.number}}. Type: {{change_type}}. Risk: {{risk_level}}. Pending CAB review."
consumes:
- type: http
namespace: servicenow-chg
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack-chg
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Cloud Cost Anomaly Responder
▼
finops cloud aws datadog jira slack
When an AWS cost anomaly is detected, annotates the event in Datadog, creates a Jira FinOps issue, and posts an alert to the cloud finance Slack channel.
naftiko: "0.5"
info:
label: "Cloud Cost Anomaly Responder"
description: "When an AWS cost anomaly is detected, annotates the event in Datadog, creates a Jira FinOps issue, and posts an alert to the cloud finance Slack channel."
tags:
- finops
- cloud
- aws
- datadog
- jira
- slack
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-cost-anomaly
description: "Given an AWS cost anomaly ID, affected service, and estimated overage, create a Datadog event, open a Jira FinOps issue, and notify the cloud finance Slack channel."
inputParameters:
- name: anomaly_id
in: body
type: string
description: "The AWS Cost Anomaly Detection anomaly ID."
- name: aws_service
in: body
type: string
description: "The AWS service generating the anomaly."
- name: estimated_overage_usd
in: body
type: number
description: "Estimated dollar overage detected."
- name: business_unit
in: body
type: string
description: "The Apple business unit owning the AWS account."
steps:
- name: annotate-datadog
type: call
call: "datadog-finops.create-event"
with:
title: "AWS Cost Anomaly: {{aws_service}}"
text: "Anomaly {{anomaly_id}} — estimated overage: ${{estimated_overage_usd}} — BU: {{business_unit}}"
alert_type: "warning"
- name: create-finops-issue
type: call
call: "jira-finops.create-issue"
with:
project_key: "FINOPS"
issuetype: "Task"
summary: "AWS Cost Anomaly: {{aws_service}} — ${{estimated_overage_usd}} overage"
description: "Anomaly {{anomaly_id}} on {{aws_service}} for {{business_unit}}. Datadog event: {{annotate-datadog.id}}."
- name: alert-slack
type: call
call: "slack-finops.post-message"
with:
channel: "#cloud-finance-alerts"
text: "AWS Cost Anomaly: {{aws_service}} | Overage: ${{estimated_overage_usd}} | BU: {{business_unit}} | Jira: {{create-finops-issue.key}}"
consumes:
- type: http
namespace: datadog-finops
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira-finops
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-finops
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
CrowdStrike Security Alert Triage
▼
security crowdstrike servicenow incident-response slack
When CrowdStrike detects a high-severity endpoint threat, creates a ServiceNow security incident, isolates the endpoint, and alerts the SOC team via Slack.
naftiko: "0.5"
info:
label: "CrowdStrike Security Alert Triage"
description: "When CrowdStrike detects a high-severity endpoint threat, creates a ServiceNow security incident, isolates the endpoint, and alerts the SOC team via Slack."
tags:
- security
- crowdstrike
- servicenow
- incident-response
- slack
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: handle-endpoint-detection
description: "Given a CrowdStrike detection ID and host ID, create a ServiceNow security incident, isolate the host, and alert the Apple SOC Slack channel."
inputParameters:
- name: detection_id
in: body
type: string
description: "The CrowdStrike detection ID."
- name: host_id
in: body
type: string
description: "The CrowdStrike host ID for the affected endpoint."
- name: severity
in: body
type: string
description: "Detection severity: critical, high, medium, or low."
steps:
- name: create-security-incident
type: call
call: "servicenow-soc.create-incident"
with:
short_description: "CrowdStrike detection {{detection_id}} — {{severity}} severity"
category: "security"
assignment_group: "SOC"
urgency: "1"
- name: isolate-host
type: call
call: "crowdstrike.contain-host"
with:
host_id: "{{host_id}}"
- name: alert-soc-slack
type: call
call: "slack-soc.post-message"
with:
channel: "#soc-alerts"
text: "SECURITY: CrowdStrike detection {{detection_id}} ({{severity}}) on host {{host_id}}. Host isolated. SNOW: {{create-security-incident.number}}."
consumes:
- type: http
namespace: servicenow-soc
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: host-containment
path: "/devices/entities/devices-actions/v2"
operations:
- name: contain-host
method: POST
- type: http
namespace: slack-soc
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Infrastructure Health Check
▼
observability datadog monitoring infrastructure
Retrieves the current health status of Apple's monitored infrastructure hosts and active monitors from Datadog, returning a consolidated health snapshot.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Health Check"
description: "Retrieves the current health status of Apple's monitored infrastructure hosts and active monitors from Datadog, returning a consolidated health snapshot."
tags:
- observability
- datadog
- monitoring
- infrastructure
capability:
exposes:
- type: mcp
namespace: infra-monitoring
port: 8080
tools:
- name: get-infrastructure-health
description: "Query Datadog for the current status of all monitored hosts and active alerts for a given environment. Use for ops dashboards and incident triage."
inputParameters:
- name: environment
in: body
type: string
description: "The deployment environment: production, staging, or development."
call: "datadog-health.list-monitors"
with:
tags: "env:{{environment}}"
outputParameters:
- name: monitors
type: array
mapping: "$.monitors"
consumes:
- type: http
namespace: datadog-health
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: list-monitors
method: GET
inputParameters:
- name: tags
in: query
Developer Certificate Rotation Workflow
▼
developer-tools security certificates ci-cd
Automates Apple Developer certificate rotation by generating a new signing certificate, updating the provisioning profile, notifying the CI pipeline, and alerting the team.
naftiko: "0.5"
info:
label: "Developer Certificate Rotation Workflow"
description: "Automates Apple Developer certificate rotation by generating a new signing certificate, updating the provisioning profile, notifying the CI pipeline, and alerting the team."
tags:
- developer-tools
- security
- certificates
- ci-cd
capability:
exposes:
- type: mcp
namespace: cert-rotation
port: 8080
tools:
- name: rotate-signing-certificate
description: "Rotate an Apple Developer signing certificate: generate new cert, update provisioning profile, trigger CI, and alert team."
inputParameters:
- name: team_id
in: body
type: string
description: "The Apple Developer team ID."
- name: certificate_type
in: body
type: string
description: "Certificate type, e.g. IOS_DISTRIBUTION, DEVELOPER_ID_APPLICATION."
steps:
- name: create-certificate
type: call
call: "appstoreconnect.create-certificate"
with:
team_id: "{{team_id}}"
certificate_type: "{{certificate_type}}"
- name: update-profile
type: call
call: "appstoreconnect.regenerate-profile"
with:
certificate_id: "{{create-certificate.certificate_id}}"
team_id: "{{team_id}}"
- name: trigger-ci-rebuild
type: call
call: "github.dispatch-workflow"
with:
repo: "apple/ios-app"
workflow: "build-and-sign.yml"
ref: "main"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "#ios-dev-ops"
text: "Certificate rotated for team {{team_id}}. New cert: {{create-certificate.certificate_id}}. Profile: {{update-profile.profile_id}}. CI triggered: {{trigger-ci-rebuild.run_id}}"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: certificates
path: "/certificates"
operations:
- name: create-certificate
method: POST
- name: profiles
path: "/profiles/{{certificate_id}}/regenerate"
inputParameters:
- name: certificate_id
in: path
operations:
- name: regenerate-profile
method: POST
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflows
path: "/repos/{{repo}}/actions/workflows/{{workflow}}/dispatches"
inputParameters:
- name: repo
in: path
- name: workflow
in: path
operations:
- name: dispatch-workflow
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Employee Offboarding Workflow
▼
hr offboarding workday okta servicenow slack
When a termination is recorded in Workday, deactivates the Okta account, closes open ServiceNow tickets, and posts a summary to the HR Slack channel.
naftiko: "0.5"
info:
label: "Employee Offboarding Workflow"
description: "When a termination is recorded in Workday, deactivates the Okta account, closes open ServiceNow tickets, and posts a summary to the HR Slack channel."
tags:
- hr
- offboarding
- workday
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-employee-offboarding
description: "Given a Workday employee ID and termination date, deactivate the Okta account, close open ServiceNow tickets, and notify the HR Slack channel."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the departing employee."
- name: termination_date
in: body
type: string
description: "The termination effective date in ISO 8601 format."
steps:
- name: get-worker
type: call
call: "workday-off.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: deactivate-okta
type: call
call: "okta-off.deactivate-user"
with:
user_id: "{{get-worker.okta_user_id}}"
- name: notify-hr
type: call
call: "slack-off.post-message"
with:
channel: "#hr-ops"
text: "Offboarding complete for {{get-worker.full_name}} (effective: {{termination_date}}). Okta account deactivated."
consumes:
- type: http
namespace: workday-off
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/apple/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-off
baseUri: "https://apple.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users/{{user_id}}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: slack-off
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow okta slack
When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Slack welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Slack welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- okta
- slack
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-employee-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full onboarding sequence: fetch worker profile, open a ServiceNow ticket, provision Okta access, and send a Slack welcome."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "The employee start date in ISO 8601 format, e.g. 2026-04-01."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: create-onboarding-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-worker.full_name}}"
category: "hr_onboarding"
assignment_group: "IT_Onboarding"
- name: provision-okta
type: call
call: "okta.create-user"
with:
first_name: "{{get-worker.first_name}}"
last_name: "{{get-worker.last_name}}"
email: "{{get-worker.work_email}}"
department: "{{get-worker.department}}"
- name: send-slack-welcome
type: call
call: "slack.post-message"
with:
channel: "#welcome-new-hires"
text: "Welcome to Apple, {{get-worker.first_name}} {{get-worker.last_name}}! Starting {{start_date}}. IT ticket: {{create-onboarding-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/apple/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: "https://apple.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub CI/CD Pipeline Failure Response
▼
devops cicd github jira datadog slack
On a GitHub Actions pipeline failure on a protected branch, creates a Jira bug, posts a Datadog deployment marker, and alerts the engineering team in Slack.
naftiko: "0.5"
info:
label: "GitHub CI/CD Pipeline Failure Response"
description: "On a GitHub Actions pipeline failure on a protected branch, creates a Jira bug, posts a Datadog deployment marker, and alerts the engineering team in Slack."
tags:
- devops
- cicd
- github
- jira
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions workflow failure event, create a Datadog deployment marker, open a Jira bug, and alert the engineering Slack channel."
inputParameters:
- name: repo_name
in: body
type: string
description: "The GitHub repository in org/repo format, e.g. apple/webkit."
- name: workflow_name
in: body
type: string
description: "The GitHub Actions workflow name that failed."
- name: branch_name
in: body
type: string
description: "The branch name where the failure occurred."
- name: commit_sha
in: body
type: string
description: "The commit SHA that triggered the workflow."
- name: run_url
in: body
type: string
description: "URL to the failed GitHub Actions run."
steps:
- name: create-dd-marker
type: call
call: "datadog.create-event"
with:
title: "Pipeline failure: {{repo_name}}"
text: "Workflow {{workflow_name}} failed on {{branch_name}} at {{commit_sha}}"
alert_type: "error"
- name: create-jira-bug
type: call
call: "jira.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{repo_name}} / {{branch_name}} — {{workflow_name}}"
description: "Pipeline failure on {{branch_name}}. Commit: {{commit_sha}}. Run: {{run_url}}. Datadog event: {{create-dd-marker.id}}."
- name: alert-slack
type: call
call: "slack-cicd.post-message"
with:
channel: "#engineering-alerts"
text: "Pipeline Failure: {{repo_name}} | Branch: {{branch_name}} | Workflow: {{workflow_name}} | Jira: {{create-jira-bug.key}} | Run: {{run_url}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-cicd
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub Repository Compliance Check
▼
devops compliance github security
Runs a compliance check on a GitHub repository to verify required branch protection rules, secret scanning, and CODEOWNERS files are configured correctly.
naftiko: "0.5"
info:
label: "GitHub Repository Compliance Check"
description: "Runs a compliance check on a GitHub repository to verify required branch protection rules, secret scanning, and CODEOWNERS files are configured correctly."
tags:
- devops
- compliance
- github
- security
capability:
exposes:
- type: mcp
namespace: repo-compliance
port: 8080
tools:
- name: check-repository-compliance
description: "Given a GitHub repository name, verify branch protection rules, secret scanning enablement, and CODEOWNERS presence. Returns a compliance report."
inputParameters:
- name: repo_name
in: body
type: string
description: "The GitHub repository in org/repo format, e.g. apple/swift."
steps:
- name: get-branch-protection
type: call
call: "github-comp.get-branch-protection"
with:
repo: "{{repo_name}}"
branch: "main"
- name: get-secret-scanning
type: call
call: "github-comp.get-secret-scanning"
with:
repo: "{{repo_name}}"
consumes:
- type: http
namespace: github-comp
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branch-protection
path: "/repos/{{repo}}/branches/{{branch}}/protection"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch-protection
method: GET
- name: secret-scanning
path: "/repos/{{repo}}/secret-scanning/alerts"
inputParameters:
- name: repo
in: path
operations:
- name: get-secret-scanning
method: GET
GitHub Security Scan to Jira
▼
security devops github jira slack
When GitHub Advanced Security finds a critical code scanning alert in an Apple repository, creates a Jira security issue and alerts the AppSec Slack channel.
naftiko: "0.5"
info:
label: "GitHub Security Scan to Jira"
description: "When GitHub Advanced Security finds a critical code scanning alert in an Apple repository, creates a Jira security issue and alerts the AppSec Slack channel."
tags:
- security
- devops
- github
- jira
- slack
capability:
exposes:
- type: mcp
namespace: appsec
port: 8080
tools:
- name: handle-code-scanning-alert
description: "Given a GitHub code scanning alert ID and repository, create a Jira security issue for remediation and notify the AppSec Slack channel."
inputParameters:
- name: repo_name
in: body
type: string
description: "The GitHub repository in org/repo format."
- name: alert_number
in: body
type: integer
description: "The GitHub code scanning alert number."
- name: alert_severity
in: body
type: string
description: "Alert severity: critical, high, medium, or low."
- name: rule_description
in: body
type: string
description: "The code scanning rule description."
steps:
- name: get-alert
type: call
call: "github.get-code-scanning-alert"
with:
repo: "{{repo_name}}"
alert_number: "{{alert_number}}"
- name: create-security-issue
type: call
call: "jira-appsec.create-issue"
with:
project_key: "SEC"
issuetype: "Security Vulnerability"
summary: "[{{alert_severity}}] {{rule_description}} in {{repo_name}}"
description: "GitHub alert #{{alert_number}} in {{repo_name}}. Rule: {{rule_description}}. File: {{get-alert.file_path}}."
- name: alert-appsec
type: call
call: "slack-appsec.post-message"
with:
channel: "#appsec-alerts"
text: "Code Scan Alert: {{repo_name}} | {{alert_severity}} | {{rule_description}} | Jira: {{create-security-issue.key}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: code-scanning-alerts
path: "/repos/{{repo}}/code-scanning/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-code-scanning-alert
method: GET
- type: http
namespace: jira-appsec
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-appsec
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Hardware Product Launch Readiness
▼
hardware product-launch supply-chain retail
Validates hardware product launch readiness by checking supply chain status, retail inventory staging, marketing asset completion, and generating a go/no-go report.
naftiko: "0.5"
info:
label: "Hardware Product Launch Readiness"
description: "Validates hardware product launch readiness by checking supply chain status, retail inventory staging, marketing asset completion, and generating a go/no-go report."
tags:
- hardware
- product-launch
- supply-chain
- retail
capability:
exposes:
- type: mcp
namespace: launch-readiness
port: 8080
tools:
- name: check-launch-readiness
description: "Validate hardware product launch readiness: check supply, retail staging, marketing assets, and generate go/no-go summary."
inputParameters:
- name: product_sku
in: body
type: string
description: "The product SKU for the launch."
- name: launch_date
in: body
type: string
description: "The planned launch date in ISO 8601 format."
steps:
- name: check-supply
type: call
call: "supply-chain-api.get-readiness"
with:
product_sku: "{{product_sku}}"
target_date: "{{launch_date}}"
- name: check-retail-staging
type: call
call: "retail-api.get-staging-status"
with:
product_sku: "{{product_sku}}"
- name: check-marketing
type: call
call: "marketing-api.get-asset-status"
with:
product_sku: "{{product_sku}}"
- name: post-readiness-report
type: call
call: "slack.post-message"
with:
channel: "#product-launches"
text: "Launch readiness for {{product_sku}} on {{launch_date}}: Supply={{check-supply.status}}, Retail={{check-retail-staging.status}}, Marketing={{check-marketing.status}}."
consumes:
- type: http
namespace: supply-chain-api
baseUri: "https://supply-chain.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.supply_chain_token"
resources:
- name: readiness
path: "/products/{{product_sku}}/readiness"
inputParameters:
- name: product_sku
in: path
operations:
- name: get-readiness
method: GET
- type: http
namespace: retail-api
baseUri: "https://retail-internal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.retail_api_token"
resources:
- name: staging
path: "/products/{{product_sku}}/staging"
inputParameters:
- name: product_sku
in: path
operations:
- name: get-staging-status
method: GET
- type: http
namespace: marketing-api
baseUri: "https://marketing-internal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.marketing_api_token"
resources:
- name: assets
path: "/products/{{product_sku}}/assets/status"
inputParameters:
- name: product_sku
in: path
operations:
- name: get-asset-status
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
iCloud Data Recovery Orchestrator
▼
icloud data-recovery support servicenow
Orchestrates iCloud data recovery by verifying user identity, initiating a recovery snapshot, creating a support ticket, and notifying the user via email.
naftiko: "0.5"
info:
label: "iCloud Data Recovery Orchestrator"
description: "Orchestrates iCloud data recovery by verifying user identity, initiating a recovery snapshot, creating a support ticket, and notifying the user via email."
tags:
- icloud
- data-recovery
- support
- servicenow
capability:
exposes:
- type: mcp
namespace: icloud-recovery
port: 8080
tools:
- name: initiate-data-recovery
description: "Given an Apple ID and recovery reason, verify identity, initiate a snapshot recovery, create a support case, and email the user."
inputParameters:
- name: apple_id
in: body
type: string
description: "The Apple ID email for the recovery request."
- name: recovery_reason
in: body
type: string
description: "Brief description of why data recovery is needed."
steps:
- name: verify-identity
type: call
call: "identity.verify-user"
with:
apple_id: "{{apple_id}}"
- name: create-snapshot
type: call
call: "icloud.create-recovery-snapshot"
with:
apple_id: "{{apple_id}}"
verified_token: "{{verify-identity.verification_token}}"
- name: create-support-case
type: call
call: "servicenow.create-incident"
with:
short_description: "iCloud data recovery: {{apple_id}}"
description: "Reason: {{recovery_reason}}. Snapshot ID: {{create-snapshot.snapshot_id}}"
category: "data_recovery"
- name: email-user
type: call
call: "ses.send-email"
with:
to: "{{apple_id}}"
subject: "Your iCloud Data Recovery Request"
body: "Your recovery has been initiated. Support case: {{create-support-case.number}}. Snapshot ID: {{create-snapshot.snapshot_id}}."
consumes:
- type: http
namespace: identity
baseUri: "https://idmsa.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.identity_service_token"
resources:
- name: verification
path: "/users/{{apple_id}}/verify"
inputParameters:
- name: apple_id
in: path
operations:
- name: verify-user
method: POST
- type: http
namespace: icloud
baseUri: "https://setup.icloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.icloud_admin_token"
resources:
- name: recovery
path: "/recovery/snapshots"
operations:
- name: create-recovery-snapshot
method: POST
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
iCloud Private Relay Status Check
▼
privacy security icloud
Checks the operational status of iCloud Private Relay for a given region, returning relay health, latency, and any active incidents.
naftiko: "0.5"
info:
label: "iCloud Private Relay Status Check"
description: "Checks the operational status of iCloud Private Relay for a given region, returning relay health, latency, and any active incidents."
tags:
- privacy
- security
- icloud
capability:
exposes:
- type: mcp
namespace: private-relay
port: 8080
tools:
- name: get-relay-status
description: "Check iCloud Private Relay operational status for a region. Returns health status, average latency, and active incident count."
inputParameters:
- name: region_code
in: body
type: string
description: "ISO 3166-1 alpha-2 region code, e.g. US, GB, DE."
call: "relay-ops.get-status"
with:
region_code: "{{region_code}}"
outputParameters:
- name: health_status
type: string
mapping: "$.region.healthStatus"
- name: avg_latency_ms
type: number
mapping: "$.region.avgLatencyMs"
- name: active_incidents
type: number
mapping: "$.region.activeIncidentCount"
consumes:
- type: http
namespace: relay-ops
baseUri: "https://relay-ops.icloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.relay_ops_token"
resources:
- name: status
path: "/regions/{{region_code}}/status"
inputParameters:
- name: region_code
in: path
operations:
- name: get-status
method: GET
iCloud Storage Quota Lookup
▼
cloud-services icloud storage
Retrieves the current iCloud storage usage and quota for a given Apple ID, returning total capacity, used space, and breakdown by service.
naftiko: "0.5"
info:
label: "iCloud Storage Quota Lookup"
description: "Retrieves the current iCloud storage usage and quota for a given Apple ID, returning total capacity, used space, and breakdown by service."
tags:
- cloud-services
- icloud
- storage
capability:
exposes:
- type: mcp
namespace: icloud-storage
port: 8080
tools:
- name: get-storage-quota
description: "Look up iCloud storage usage for an Apple ID. Returns total quota, used space, and per-service breakdown."
inputParameters:
- name: apple_id
in: body
type: string
description: "The Apple ID email address to look up storage for."
call: "icloud.get-storage-quota"
with:
apple_id: "{{apple_id}}"
outputParameters:
- name: total_quota_gb
type: number
mapping: "$.totalQuotaInGB"
- name: used_gb
type: number
mapping: "$.usedSpaceInGB"
- name: plan_name
type: string
mapping: "$.planName"
consumes:
- type: http
namespace: icloud
baseUri: "https://setup.icloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.icloud_admin_token"
resources:
- name: storage
path: "/storage/{{apple_id}}/quota"
inputParameters:
- name: apple_id
in: path
operations:
- name: get-storage-quota
method: GET
iCloud Sync Conflict Resolution
▼
icloud data-sync conflict-resolution operations
Resolves iCloud data sync conflicts by fetching conflicting records, applying merge strategy, updating the canonical record, and notifying the user.
naftiko: "0.5"
info:
label: "iCloud Sync Conflict Resolution"
description: "Resolves iCloud data sync conflicts by fetching conflicting records, applying merge strategy, updating the canonical record, and notifying the user."
tags:
- icloud
- data-sync
- conflict-resolution
- operations
capability:
exposes:
- type: mcp
namespace: sync-conflict
port: 8080
tools:
- name: resolve-sync-conflict
description: "Resolve an iCloud sync conflict: fetch conflicting records, apply merge strategy, update canonical record, and notify the user."
inputParameters:
- name: conflict_id
in: body
type: string
description: "The sync conflict identifier."
- name: apple_id
in: body
type: string
description: "The Apple ID of the affected user."
steps:
- name: get-conflict-details
type: call
call: "cloudkit.get-conflict"
with:
conflict_id: "{{conflict_id}}"
- name: apply-merge
type: call
call: "cloudkit.merge-records"
with:
conflict_id: "{{conflict_id}}"
strategy: "latest-wins"
records: "{{get-conflict-details.conflicting_records}}"
- name: update-canonical
type: call
call: "cloudkit.update-record"
with:
record_id: "{{get-conflict-details.record_id}}"
data: "{{apply-merge.merged_data}}"
- name: notify-user
type: call
call: "apns.send-notification"
with:
apple_id: "{{apple_id}}"
title: "Sync Conflict Resolved"
body: "A data conflict in your iCloud account has been automatically resolved."
consumes:
- type: http
namespace: cloudkit
baseUri: "https://api.apple-cloudkit.com/database/1"
authentication:
type: bearer
token: "$secrets.cloudkit_admin_token"
resources:
- name: conflicts
path: "/conflicts/{{conflict_id}}"
inputParameters:
- name: conflict_id
in: path
operations:
- name: get-conflict
method: GET
- name: merge
path: "/conflicts/{{conflict_id}}/merge"
inputParameters:
- name: conflict_id
in: path
operations:
- name: merge-records
method: POST
- name: records
path: "/records/{{record_id}}"
inputParameters:
- name: record_id
in: path
operations:
- name: update-record
method: PUT
- type: http
namespace: apns
baseUri: "https://api.push.apple.com/v3"
authentication:
type: bearer
token: "$secrets.apns_auth_token"
resources:
- name: notifications
path: "/notifications"
operations:
- name: send-notification
method: POST
Intelligent Incident Triage with OpenAI
▼
ai itsm servicenow openai incident-response
When a complex ServiceNow incident is created, submits the description to OpenAI for AI-assisted triage and recommended resolution steps, then updates the ticket with the analysis.
naftiko: "0.5"
info:
label: "Intelligent Incident Triage with OpenAI"
description: "When a complex ServiceNow incident is created, submits the description to OpenAI for AI-assisted triage and recommended resolution steps, then updates the ticket with the analysis."
tags:
- ai
- itsm
- servicenow
- openai
- incident-response
capability:
exposes:
- type: mcp
namespace: ai-triage
port: 8080
tools:
- name: triage-incident-with-ai
description: "Given a ServiceNow incident number, retrieve the incident, submit to OpenAI for root cause and resolution recommendations, and update the ServiceNow record with AI analysis."
inputParameters:
- name: incident_number
in: body
type: string
description: "The ServiceNow incident number, e.g. INC0012345."
steps:
- name: get-incident
type: call
call: "servicenow-ai.get-incident"
with:
number: "{{incident_number}}"
- name: analyze-incident
type: call
call: "openai-triage.create-completion"
with:
model: "gpt-4o"
prompt: "Analyze this IT incident and provide: 1) Probable root cause, 2) Recommended resolution steps, 3) Priority suggestion. Incident: {{get-incident.short_description}} — {{get-incident.description}}"
- name: update-incident
type: call
call: "servicenow-ai.update-incident"
with:
number: "{{incident_number}}"
work_notes: "AI Triage Analysis: {{analyze-incident.text}}"
consumes:
- type: http
namespace: servicenow-ai
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
inputParameters:
- name: number
in: query
- name: update-incident
method: PATCH
- type: http
namespace: openai-triage
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: create-completion
method: POST
iOS Crash Report Analysis Pipeline
▼
developer-tools crash-analysis openai jira
Analyzes iOS crash reports by fetching crash logs from App Store Connect, symbolizing with DSYM, classifying with OpenAI, and filing a Jira ticket.
naftiko: "0.5"
info:
label: "iOS Crash Report Analysis Pipeline"
description: "Analyzes iOS crash reports by fetching crash logs from App Store Connect, symbolizing with DSYM, classifying with OpenAI, and filing a Jira ticket."
tags:
- developer-tools
- crash-analysis
- openai
- jira
capability:
exposes:
- type: mcp
namespace: crash-analysis
port: 8080
tools:
- name: analyze-crash-report
description: "Given an app ID and crash signature, fetch crash logs, symbolize, classify root cause with AI, and create a Jira ticket."
inputParameters:
- name: app_id
in: body
type: string
description: "The App Store Connect app identifier."
- name: crash_signature
in: body
type: string
description: "The crash signature hash."
steps:
- name: fetch-crash-log
type: call
call: "appstoreconnect.get-crash-log"
with:
app_id: "{{app_id}}"
signature: "{{crash_signature}}"
- name: symbolize-crash
type: call
call: "symbolication.symbolize"
with:
crash_data: "{{fetch-crash-log.raw_crash}}"
dsym_url: "{{fetch-crash-log.dsym_url}}"
- name: classify-root-cause
type: call
call: "openai.analyze-text"
with:
text: "{{symbolize-crash.symbolicated_trace}}"
instruction: "Analyze this iOS crash stack trace. Identify the root cause, affected component, and suggested fix. Return JSON."
- name: create-bug-ticket
type: call
call: "jira.create-issue"
with:
project: "IOS"
summary: "Crash: {{classify-root-cause.affected_component}} - {{classify-root-cause.root_cause}}"
description: "Stack trace: {{symbolize-crash.symbolicated_trace}}\nSuggested fix: {{classify-root-cause.suggested_fix}}"
issue_type: "Bug"
priority: "High"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: crashes
path: "/apps/{{app_id}}/diagnosticSignatures?filter[signature]={{signature}}"
inputParameters:
- name: app_id
in: path
- name: signature
in: query
operations:
- name: get-crash-log
method: GET
- type: http
namespace: symbolication
baseUri: "https://symbolication.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.symbolication_token"
resources:
- name: symbolicate
path: "/symbolicate"
operations:
- name: symbolize
method: POST
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat
path: "/chat/completions"
operations:
- name: analyze-text
method: POST
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
iOS OTA Update Rollout Manager
▼
software-updates ota ios deployment
Manages iOS over-the-air update rollouts by checking device eligibility, staging firmware, initiating phased rollout, and monitoring adoption rates.
naftiko: "0.5"
info:
label: "iOS OTA Update Rollout Manager"
description: "Manages iOS over-the-air update rollouts by checking device eligibility, staging firmware, initiating phased rollout, and monitoring adoption rates."
tags:
- software-updates
- ota
- ios
- deployment
capability:
exposes:
- type: mcp
namespace: ios-ota
port: 8080
tools:
- name: manage-ota-rollout
description: "Manage iOS OTA update rollout: check eligibility, stage firmware, initiate phased rollout, and monitor adoption."
inputParameters:
- name: ios_version
in: body
type: string
description: "The iOS version to roll out, e.g. 19.2."
- name: target_devices
in: body
type: string
description: "The target device models, e.g. iPhone16,1."
- name: rollout_percent
in: body
type: number
description: "The initial rollout percentage."
steps:
- name: check-eligibility
type: call
call: "ota-service.check-device-eligibility"
with:
ios_version: "{{ios_version}}"
device_model: "{{target_devices}}"
- name: stage-firmware
type: call
call: "ota-service.stage-firmware"
with:
ios_version: "{{ios_version}}"
eligible_count: "{{check-eligibility.eligible_count}}"
- name: initiate-rollout
type: call
call: "ota-service.start-rollout"
with:
ios_version: "{{ios_version}}"
rollout_percent: "{{rollout_percent}}"
firmware_id: "{{stage-firmware.firmware_id}}"
- name: report-status
type: call
call: "slack.post-message"
with:
channel: "#ios-updates"
text: "iOS {{ios_version}} OTA rollout started at {{rollout_percent}}% for {{target_devices}}. Eligible devices: {{check-eligibility.eligible_count}}. Firmware: {{stage-firmware.firmware_id}}."
consumes:
- type: http
namespace: ota-service
baseUri: "https://ota-updates.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.ota_service_token"
resources:
- name: eligibility
path: "/eligibility"
operations:
- name: check-device-eligibility
method: POST
- name: staging
path: "/firmware/stage"
operations:
- name: stage-firmware
method: POST
- name: rollouts
path: "/rollouts"
operations:
- name: start-rollout
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
IT Incident Response Chain
▼
itsm incident-response datadog servicenow pagerduty slack
When a critical Datadog alert fires, creates a ServiceNow incident, pages the on-call team in PagerDuty, and posts a Slack alert to the ops channel.
naftiko: "0.5"
info:
label: "IT Incident Response Chain"
description: "When a critical Datadog alert fires, creates a ServiceNow incident, pages the on-call team in PagerDuty, and posts a Slack alert to the ops channel."
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: handle-critical-alert
description: "Given a Datadog alert ID, affected service, and severity, create a ServiceNow incident, trigger a PagerDuty page, and notify the ops Slack channel."
inputParameters:
- name: alert_id
in: body
type: string
description: "The Datadog alert or monitor ID."
- name: service_name
in: body
type: string
description: "The name of the affected service or application."
- name: severity
in: body
type: string
description: "Alert severity: critical, high, medium, or low."
- name: alert_message
in: body
type: string
description: "The alert message body from Datadog."
steps:
- name: create-incident
type: call
call: "servicenow-ops.create-incident"
with:
short_description: "{{severity}} alert: {{service_name}} — {{alert_id}}"
description: "{{alert_message}}"
urgency: "1"
impact: "1"
assignment_group: "IT_Operations"
- name: page-oncall
type: call
call: "pagerduty.create-incident"
with:
title: "{{severity}} alert on {{service_name}}"
service_id: "$secrets.pagerduty_service_id"
body: "{{alert_message}}"
- name: alert-slack
type: call
call: "slack-ops.post-message"
with:
channel: "#it-ops-alerts"
text: "INCIDENT: {{severity}} on {{service_name}} | Datadog: {{alert_id}} | SNOW: {{create-incident.number}} | PD: {{page-oncall.incident_number}}"
consumes:
- type: http
namespace: servicenow-ops
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-ops
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Jira Sprint Digest Report
▼
devops jira reporting sprint slack
Generates a daily sprint status digest from Jira, summarizing completed, in-progress, and blocked issues, then posts it to the engineering Slack channel.
naftiko: "0.5"
info:
label: "Jira Sprint Digest Report"
description: "Generates a daily sprint status digest from Jira, summarizing completed, in-progress, and blocked issues, then posts it to the engineering Slack channel."
tags:
- devops
- jira
- reporting
- sprint
- slack
capability:
exposes:
- type: mcp
namespace: sprint-reporting
port: 8080
tools:
- name: digest-sprint-status
description: "Given a Jira project key and sprint name, fetch all sprint issues and post a summary digest to the engineering Slack channel. Use for daily stand-up prep and sprint reviews."
inputParameters:
- name: project_key
in: body
type: string
description: "The Jira project key, e.g. SW or HW."
- name: sprint_name
in: body
type: string
description: "The Jira sprint name to summarize."
- name: slack_channel
in: body
type: string
description: "The Slack channel to post the digest to, e.g. #engineering-standup."
steps:
- name: get-sprint-issues
type: call
call: "jira-sprint.search-issues"
with:
jql: "project = {{project_key}} AND sprint = '{{sprint_name}}'"
- name: post-digest
type: call
call: "slack-sprint.post-message"
with:
channel: "{{slack_channel}}"
text: "Sprint Digest — {{project_key}} / {{sprint_name}}: Total: {{get-sprint-issues.total}} | Done: {{get-sprint-issues.done_count}} | In Progress: {{get-sprint-issues.inprogress_count}} | Blocked: {{get-sprint-issues.blocked_count}}"
consumes:
- type: http
namespace: jira-sprint
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/search"
operations:
- name: search-issues
method: GET
inputParameters:
- name: jql
in: query
- type: http
namespace: slack-sprint
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
LinkedIn Talent Acquisition Signal
▼
hr recruiting linkedin workday slack
When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager via Slack.
naftiko: "0.5"
info:
label: "LinkedIn Talent Acquisition Signal"
description: "When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager via Slack."
tags:
- hr
- recruiting
- linkedin
- workday
- slack
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: enrich-candidate-profile
description: "Given a LinkedIn member URN and Workday job requisition ID, fetch the LinkedIn profile, create the candidate record in Workday, and notify the hiring manager via Slack."
inputParameters:
- name: linkedin_member_urn
in: body
type: string
description: "The LinkedIn member URN for the candidate."
- name: job_req_id
in: body
type: string
description: "The Workday job requisition ID."
- name: hiring_manager_slack_id
in: body
type: string
description: "The Slack user ID of the hiring manager."
steps:
- name: get-linkedin-profile
type: call
call: "linkedin.get-profile"
with:
member_urn: "{{linkedin_member_urn}}"
- name: create-candidate
type: call
call: "workday-recruit.create-candidate"
with:
job_req_id: "{{job_req_id}}"
first_name: "{{get-linkedin-profile.firstName}}"
last_name: "{{get-linkedin-profile.lastName}}"
headline: "{{get-linkedin-profile.headline}}"
- name: notify-hiring-manager
type: call
call: "slack-recruit.post-message"
with:
channel: "{{hiring_manager_slack_id}}"
text: "New candidate: {{get-linkedin-profile.firstName}} {{get-linkedin-profile.lastName}} applied for req {{job_req_id}}. Title: {{get-linkedin-profile.headline}}. Workday: {{create-candidate.candidate_id}}."
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: profiles
path: "/people/{{member_urn}}"
inputParameters:
- name: member_urn
in: path
operations:
- name: get-profile
method: GET
- type: http
namespace: workday-recruit
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: candidates
path: "/apple/jobRequisitions/{{job_req_id}}/candidates"
inputParameters:
- name: job_req_id
in: path
operations:
- name: create-candidate
method: POST
- type: http
namespace: slack-recruit
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
MDM Device Compliance Enforcement
▼
device-management security jamf compliance
Checks device compliance via Jamf Pro, restricts non-compliant devices in Okta, creates a ServiceNow remediation ticket, and notifies IT security.
naftiko: "0.5"
info:
label: "MDM Device Compliance Enforcement"
description: "Checks device compliance via Jamf Pro, restricts non-compliant devices in Okta, creates a ServiceNow remediation ticket, and notifies IT security."
tags:
- device-management
- security
- jamf
- compliance
capability:
exposes:
- type: mcp
namespace: mdm-compliance
port: 8080
tools:
- name: enforce-device-compliance
description: "Check device compliance in Jamf, restrict access in Okta if non-compliant, open a remediation ticket, and alert IT security."
inputParameters:
- name: device_serial
in: body
type: string
description: "The device serial number to check."
- name: employee_email
in: body
type: string
description: "The device owner email."
steps:
- name: check-compliance
type: call
call: "jamf.get-device-compliance"
with:
serial_number: "{{device_serial}}"
- name: restrict-access
type: call
call: "okta.suspend-user-apps"
with:
email: "{{employee_email}}"
reason: "Device {{device_serial}} non-compliant: {{check-compliance.violations}}"
- name: create-remediation-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Non-compliant device: {{device_serial}}"
description: "Owner: {{employee_email}}. Violations: {{check-compliance.violations}}. Okta access restricted."
category: "security_compliance"
urgency: "2"
- name: alert-security
type: call
call: "slack.post-message"
with:
channel: "#it-security"
text: "Non-compliant device {{device_serial}} ({{employee_email}}). Okta access restricted. Ticket: {{create-remediation-ticket.number}}"
consumes:
- type: http
namespace: jamf
baseUri: "https://apple.jamfcloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.jamf_api_token"
resources:
- name: devices
path: "/computers-inventory?filter=hardware.serialNumber=={{serial_number}}"
inputParameters:
- name: serial_number
in: query
operations:
- name: get-device-compliance
method: GET
- type: http
namespace: okta
baseUri: "https://apple.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users/{{email}}/lifecycle/suspend"
inputParameters:
- name: email
in: path
operations:
- name: suspend-user-apps
method: POST
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ML Model Deployment Pipeline
▼
machine-learning deployment core-ml s3
Deploys a Core ML model by pulling the artifact from S3, registering it in the model registry, triggering OTA delivery, and notifying the ML team.
naftiko: "0.5"
info:
label: "ML Model Deployment Pipeline"
description: "Deploys a Core ML model by pulling the artifact from S3, registering it in the model registry, triggering OTA delivery, and notifying the ML team."
tags:
- machine-learning
- deployment
- core-ml
- s3
capability:
exposes:
- type: mcp
namespace: ml-deploy
port: 8080
tools:
- name: deploy-coreml-model
description: "Deploy a Core ML model: fetch artifact from S3, register in model registry, trigger OTA, and notify ML team."
inputParameters:
- name: model_name
in: body
type: string
description: "The Core ML model name."
- name: model_version
in: body
type: string
description: "The model version to deploy."
- name: s3_artifact_path
in: body
type: string
description: "The S3 path to the compiled model artifact."
steps:
- name: fetch-artifact
type: call
call: "s3.get-object"
with:
bucket: "apple-ml-models"
key: "{{s3_artifact_path}}"
- name: register-model
type: call
call: "model-registry.register"
with:
model_name: "{{model_name}}"
version: "{{model_version}}"
artifact_url: "{{fetch-artifact.object_url}}"
- name: trigger-ota
type: call
call: "ota-service.push-model"
with:
model_id: "{{register-model.model_id}}"
target_os: "iOS"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "#ml-deployments"
text: "Core ML model {{model_name}} v{{model_version}} deployed. Registry ID: {{register-model.model_id}}. OTA status: {{trigger-ota.delivery_status}}."
consumes:
- type: http
namespace: s3
baseUri: "https://s3.us-west-2.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_s3_token"
resources:
- name: objects
path: "/apple-ml-models/{{key}}"
inputParameters:
- name: key
in: path
operations:
- name: get-object
method: GET
- type: http
namespace: model-registry
baseUri: "https://ml-registry.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.ml_registry_token"
resources:
- name: models
path: "/models"
operations:
- name: register
method: POST
- type: http
namespace: ota-service
baseUri: "https://ota-ml.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.ota_ml_token"
resources:
- name: deployments
path: "/deployments"
operations:
- name: push-model
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta User Access Provisioning
▼
identity security okta workday access-management
When a new employee joins Apple, provisions appropriate Okta application assignments based on their department and role as defined in Workday.
naftiko: "0.5"
info:
label: "Okta User Access Provisioning"
description: "When a new employee joins Apple, provisions appropriate Okta application assignments based on their department and role as defined in Workday."
tags:
- identity
- security
- okta
- workday
- access-management
capability:
exposes:
- type: mcp
namespace: identity-provisioning
port: 8080
tools:
- name: provision-okta-access
description: "Given a Workday employee ID and Okta user ID, retrieve their department and role from Workday, then assign the appropriate Okta application groups."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the employee."
- name: okta_user_id
in: body
type: string
description: "The Okta user ID for the employee."
steps:
- name: get-worker-profile
type: call
call: "workday-okta.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: assign-app-groups
type: call
call: "okta-prov.assign-group"
with:
user_id: "{{okta_user_id}}"
department: "{{get-worker-profile.department}}"
consumes:
- type: http
namespace: workday-okta
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/apple/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-prov
baseUri: "https://apple.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_id}}/users/{{user_id}}"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: assign-group
method: PUT
PagerDuty Incident Escalation
▼
itsm incident-response pagerduty jira slack
When a PagerDuty incident goes unacknowledged past an SLA threshold, escalates the incident to senior on-call, creates a Jira post-mortem issue, and notifies the incident Slack channel.
naftiko: "0.5"
info:
label: "PagerDuty Incident Escalation"
description: "When a PagerDuty incident goes unacknowledged past an SLA threshold, escalates the incident to senior on-call, creates a Jira post-mortem issue, and notifies the incident Slack channel."
tags:
- itsm
- incident-response
- pagerduty
- jira
- slack
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-unacknowledged-incident
description: "Given a PagerDuty incident ID that is unacknowledged, escalate to the senior on-call policy, create a Jira post-mortem issue, and notify the incident Slack channel."
inputParameters:
- name: pd_incident_id
in: body
type: string
description: "The PagerDuty incident ID to escalate."
- name: service_name
in: body
type: string
description: "The affected service name."
- name: incident_summary
in: body
type: string
description: "Brief description of the incident."
steps:
- name: escalate-pd
type: call
call: "pagerduty.escalate-incident"
with:
incident_id: "{{pd_incident_id}}"
escalation_policy_id: "$secrets.pd_senior_escalation_policy"
- name: create-postmortem
type: call
call: "jira-pm.create-issue"
with:
project_key: "PM"
issuetype: "Post-mortem"
summary: "Post-mortem: {{service_name}} — {{pd_incident_id}}"
description: "{{incident_summary}} — PagerDuty incident escalated at {{escalate-pd.escalated_at}}."
- name: notify-incident-channel
type: call
call: "slack-pd.post-message"
with:
channel: "#incidents"
text: "Incident ESCALATED: {{service_name}} | PD: {{pd_incident_id}} | Post-mortem Jira: {{create-postmortem.key}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incident-escalations
path: "/incidents/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: escalate-incident
method: PUT
- type: http
namespace: jira-pm
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-pd
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Payroll Headcount Snapshot
▼
hr finance reporting workday headcount
Returns current headcount by department and cost center from Workday, for use in finance planning and headcount reporting.
naftiko: "0.5"
info:
label: "Payroll Headcount Snapshot"
description: "Returns current headcount by department and cost center from Workday, for use in finance planning and headcount reporting."
tags:
- hr
- finance
- reporting
- workday
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-by-department
description: "Returns a list of active Apple employees grouped by department and cost center from Workday. Use for headcount planning, budget reviews, and workforce analytics."
call: "workday-hc.headcount-report"
outputParameters:
- name: employees
type: array
mapping: "$.data"
consumes:
- type: http
namespace: workday-hc
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/apple/reports/headcount"
operations:
- name: headcount-report
method: GET
Power BI Report Refresh and Distribution
▼
data analytics power-bi reporting slack
Triggers a Power BI dataset refresh for a business report and posts a Slack notification with a report link when the refresh completes.
naftiko: "0.5"
info:
label: "Power BI Report Refresh and Distribution"
description: "Triggers a Power BI dataset refresh for a business report and posts a Slack notification with a report link when the refresh completes."
tags:
- data
- analytics
- power-bi
- reporting
- slack
capability:
exposes:
- type: mcp
namespace: powerbi-ops
port: 8080
tools:
- name: refresh-and-distribute-report
description: "Given a Power BI workspace ID and dataset ID, trigger a refresh and notify a Slack channel with the report URL when complete."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Power BI workspace (group) ID."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID to refresh."
- name: slack_channel
in: body
type: string
description: "The Slack channel to notify on completion."
steps:
- name: trigger-refresh
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "{{workspace_id}}"
dataset_id: "{{dataset_id}}"
- name: notify-slack
type: call
call: "slack-pbi.post-message"
with:
channel: "{{slack_channel}}"
text: "Power BI dataset {{dataset_id}} refresh triggered in workspace {{workspace_id}}. Refresh ID: {{trigger-refresh.refresh_id}}."
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refreshes
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: slack-pbi
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Privacy Data Request Fulfillment
▼
privacy compliance gdpr legal
Processes a GDPR/CCPA data subject request by collecting user data from iCloud and Apple ID services, packaging it, and notifying the user and legal team.
naftiko: "0.5"
info:
label: "Privacy Data Request Fulfillment"
description: "Processes a GDPR/CCPA data subject request by collecting user data from iCloud and Apple ID services, packaging it, and notifying the user and legal team."
tags:
- privacy
- compliance
- gdpr
- legal
capability:
exposes:
- type: mcp
namespace: privacy-dsr
port: 8080
tools:
- name: fulfill-data-request
description: "Given a data subject request ID and Apple ID, collect user data, generate export package, and notify user and legal."
inputParameters:
- name: request_id
in: body
type: string
description: "The data subject request identifier."
- name: apple_id
in: body
type: string
description: "The Apple ID of the data subject."
steps:
- name: collect-icloud-data
type: call
call: "icloud.export-user-data"
with:
apple_id: "{{apple_id}}"
request_id: "{{request_id}}"
- name: collect-appleid-data
type: call
call: "identity.export-user-profile"
with:
apple_id: "{{apple_id}}"
- name: create-export-package
type: call
call: "data-packaging.create-package"
with:
request_id: "{{request_id}}"
icloud_data_ref: "{{collect-icloud-data.data_ref}}"
profile_data_ref: "{{collect-appleid-data.data_ref}}"
- name: notify-user
type: call
call: "ses.send-email"
with:
to: "{{apple_id}}"
subject: "Your Data Request is Ready"
body: "Your data export for request {{request_id}} is ready for download. Package ID: {{create-export-package.package_id}}."
consumes:
- type: http
namespace: icloud
baseUri: "https://setup.icloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.icloud_admin_token"
resources:
- name: exports
path: "/users/{{apple_id}}/export"
inputParameters:
- name: apple_id
in: path
operations:
- name: export-user-data
method: POST
- type: http
namespace: identity
baseUri: "https://idmsa.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.identity_service_token"
resources:
- name: profiles
path: "/users/{{apple_id}}/profile/export"
inputParameters:
- name: apple_id
in: path
operations:
- name: export-user-profile
method: POST
- type: http
namespace: data-packaging
baseUri: "https://privacy-data.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.privacy_data_token"
resources:
- name: packages
path: "/packages"
operations:
- name: create-package
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Product Recall Coordination Workflow
▼
quality-assurance supply-chain compliance customer-service
Coordinates a product recall by identifying affected serial numbers, notifying customers, creating a logistics plan, and reporting to regulatory teams.
naftiko: "0.5"
info:
label: "Product Recall Coordination Workflow"
description: "Coordinates a product recall by identifying affected serial numbers, notifying customers, creating a logistics plan, and reporting to regulatory teams."
tags:
- quality-assurance
- supply-chain
- compliance
- customer-service
capability:
exposes:
- type: mcp
namespace: product-recall
port: 8080
tools:
- name: coordinate-recall
description: "Coordinate a product recall: identify affected units, notify customers, create logistics plan, and report to regulatory."
inputParameters:
- name: product_sku
in: body
type: string
description: "The recalled product SKU."
- name: recall_reason
in: body
type: string
description: "The reason for the recall."
- name: serial_range_start
in: body
type: string
description: "Start of the affected serial number range."
- name: serial_range_end
in: body
type: string
description: "End of the affected serial number range."
steps:
- name: identify-affected
type: call
call: "manufacturing-db.get-units-in-range"
with:
product_sku: "{{product_sku}}"
serial_start: "{{serial_range_start}}"
serial_end: "{{serial_range_end}}"
- name: notify-customers
type: call
call: "notification-service.send-bulk-notification"
with:
customer_list: "{{identify-affected.customer_contacts}}"
subject: "Important Safety Recall: {{product_sku}}"
message: "Your device may be affected by a recall. Reason: {{recall_reason}}. Please visit apple.com/support/recall."
- name: create-logistics-plan
type: call
call: "logistics-api.create-recall-plan"
with:
product_sku: "{{product_sku}}"
unit_count: "{{identify-affected.affected_count}}"
- name: report-to-regulatory
type: call
call: "compliance-api.submit-recall-report"
with:
product_sku: "{{product_sku}}"
reason: "{{recall_reason}}"
affected_units: "{{identify-affected.affected_count}}"
logistics_plan_id: "{{create-logistics-plan.plan_id}}"
consumes:
- type: http
namespace: manufacturing-db
baseUri: "https://manufacturing-data.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.manufacturing_db_token"
resources:
- name: units
path: "/products/{{product_sku}}/units"
inputParameters:
- name: product_sku
in: path
operations:
- name: get-units-in-range
method: POST
- type: http
namespace: notification-service
baseUri: "https://notifications.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.notification_service_token"
resources:
- name: bulk
path: "/notifications/bulk"
operations:
- name: send-bulk-notification
method: POST
- type: http
namespace: logistics-api
baseUri: "https://logistics.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.logistics_token"
resources:
- name: recall-plans
path: "/recall-plans"
operations:
- name: create-recall-plan
method: POST
- type: http
namespace: compliance-api
baseUri: "https://compliance-internal.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_api_token"
resources:
- name: recall-reports
path: "/recall-reports"
operations:
- name: submit-recall-report
method: POST
Retail Employee Schedule Optimizer
▼
retail workforce-management workday scheduling
Optimizes Apple Retail store employee schedules by analyzing foot traffic predictions, current staffing, and generating optimized shift assignments in Workday.
naftiko: "0.5"
info:
label: "Retail Employee Schedule Optimizer"
description: "Optimizes Apple Retail store employee schedules by analyzing foot traffic predictions, current staffing, and generating optimized shift assignments in Workday."
tags:
- retail
- workforce-management
- workday
- scheduling
capability:
exposes:
- type: mcp
namespace: schedule-optimizer
port: 8080
tools:
- name: optimize-store-schedule
description: "Optimize retail employee schedules: analyze traffic predictions, review current staffing, generate shift assignments, and update Workday."
inputParameters:
- name: store_number
in: body
type: string
description: "The Apple Retail Store number."
- name: week_start
in: body
type: string
description: "The week start date in ISO 8601 format."
steps:
- name: get-traffic-forecast
type: call
call: "retail-analytics.get-traffic-prediction"
with:
store_number: "{{store_number}}"
week_start: "{{week_start}}"
- name: get-current-staff
type: call
call: "workday.get-store-roster"
with:
store_number: "{{store_number}}"
- name: generate-schedule
type: call
call: "schedule-engine.optimize"
with:
traffic_forecast: "{{get-traffic-forecast.hourly_predictions}}"
staff_roster: "{{get-current-staff.employees}}"
store_number: "{{store_number}}"
- name: publish-schedule
type: call
call: "workday.publish-schedule"
with:
store_number: "{{store_number}}"
schedule: "{{generate-schedule.optimized_shifts}}"
week_start: "{{week_start}}"
consumes:
- type: http
namespace: retail-analytics
baseUri: "https://retail-analytics.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.retail_analytics_token"
resources:
- name: traffic
path: "/stores/{{store_number}}/traffic/prediction"
inputParameters:
- name: store_number
in: path
operations:
- name: get-traffic-prediction
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: rosters
path: "/apple/stores/{{store_number}}/roster"
inputParameters:
- name: store_number
in: path
operations:
- name: get-store-roster
method: GET
- name: schedules
path: "/apple/stores/{{store_number}}/schedules"
inputParameters:
- name: store_number
in: path
operations:
- name: publish-schedule
method: POST
- type: http
namespace: schedule-engine
baseUri: "https://schedule-engine.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.schedule_engine_token"
resources:
- name: optimization
path: "/optimize"
operations:
- name: optimize
method: POST
Retail Genius Bar Appointment Orchestrator
▼
retail customer-service scheduling servicenow
Manages Genius Bar appointment scheduling by checking store availability, booking the slot, creating a service ticket, and sending a confirmation to the customer.
naftiko: "0.5"
info:
label: "Retail Genius Bar Appointment Orchestrator"
description: "Manages Genius Bar appointment scheduling by checking store availability, booking the slot, creating a service ticket, and sending a confirmation to the customer."
tags:
- retail
- customer-service
- scheduling
- servicenow
capability:
exposes:
- type: mcp
namespace: genius-bar
port: 8080
tools:
- name: book-genius-appointment
description: "Book a Genius Bar appointment: check store availability, reserve slot, create service ticket, and confirm with customer."
inputParameters:
- name: store_number
in: body
type: string
description: "The Apple Retail Store number."
- name: customer_email
in: body
type: string
description: "The customer email address."
- name: device_serial
in: body
type: string
description: "The device serial number needing service."
- name: issue_description
in: body
type: string
description: "Brief description of the issue."
steps:
- name: check-availability
type: call
call: "retail-api.get-availability"
with:
store_number: "{{store_number}}"
- name: book-slot
type: call
call: "retail-api.book-appointment"
with:
store_number: "{{store_number}}"
slot_id: "{{check-availability.next_available_slot_id}}"
customer_email: "{{customer_email}}"
- name: create-service-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Genius Bar: {{issue_description}}"
description: "Device: {{device_serial}}. Store: {{store_number}}. Appointment: {{book-slot.appointment_id}}"
category: "hardware_support"
- name: send-confirmation
type: call
call: "ses.send-email"
with:
to: "{{customer_email}}"
subject: "Your Genius Bar Appointment Confirmation"
body: "Appointment confirmed at store {{store_number}} on {{book-slot.appointment_time}}. Ref: {{book-slot.appointment_id}}."
consumes:
- type: http
namespace: retail-api
baseUri: "https://retail-internal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.retail_api_token"
resources:
- name: availability
path: "/stores/{{store_number}}/genius-bar/availability"
inputParameters:
- name: store_number
in: path
operations:
- name: get-availability
method: GET
- name: appointments
path: "/stores/{{store_number}}/genius-bar/appointments"
inputParameters:
- name: store_number
in: path
operations:
- name: book-appointment
method: POST
- type: http
namespace: servicenow
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-west-2.amazonaws.com/v2"
authentication:
type: bearer
token: "$secrets.aws_ses_token"
resources:
- name: emails
path: "/email/outbound-emails"
operations:
- name: send-email
method: POST
Sales Intelligence Enrichment from LinkedIn
▼
sales crm salesforce linkedin slack
When a qualifying LinkedIn signal occurs, enriches the Salesforce contact and alerts the owning sales rep in Slack.
naftiko: "0.5"
info:
label: "Sales Intelligence Enrichment from LinkedIn"
description: "When a qualifying LinkedIn signal occurs, enriches the Salesforce contact and alerts the owning sales rep in Slack."
tags:
- sales
- crm
- salesforce
- linkedin
- slack
capability:
exposes:
- type: mcp
namespace: sales-intelligence
port: 8080
tools:
- name: enrich-lead-from-linkedin
description: "Given a LinkedIn member URN and Salesforce contact ID, fetch the LinkedIn profile, update the Salesforce contact, and notify the owning sales rep via Slack."
inputParameters:
- name: linkedin_member_urn
in: body
type: string
description: "The LinkedIn member URN for the contact."
- name: salesforce_contact_id
in: body
type: string
description: "The Salesforce contact record ID to enrich."
- name: rep_slack_id
in: body
type: string
description: "The Slack user ID of the owning sales rep."
steps:
- name: get-linkedin-profile
type: call
call: "linkedin.get-profile"
with:
member_urn: "{{linkedin_member_urn}}"
- name: enrich-salesforce
type: call
call: "salesforce-si.update-contact"
with:
contact_id: "{{salesforce_contact_id}}"
title: "{{get-linkedin-profile.headline}}"
linkedin_profile: "https://www.linkedin.com/in/{{get-linkedin-profile.vanityName}}"
- name: alert-rep
type: call
call: "slack-si.post-message"
with:
channel: "{{rep_slack_id}}"
text: "Lead Enriched: {{get-linkedin-profile.firstName}} {{get-linkedin-profile.lastName}} | Title: {{get-linkedin-profile.headline}} | Salesforce updated."
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: profiles
path: "/people/{{member_urn}}"
inputParameters:
- name: member_urn
in: path
operations:
- name: get-profile
method: GET
- type: http
namespace: salesforce-si
baseUri: "https://apple.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/sobjects/Contact/{{contact_id}}"
inputParameters:
- name: contact_id
in: path
operations:
- name: update-contact
method: PATCH
- type: http
namespace: slack-si
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Account Health Digest
▼
sales crm salesforce reporting slack
Generates a weekly account health digest from Salesforce, summarizing open opportunities and support cases for strategic accounts, posted to the sales Slack channel.
naftiko: "0.5"
info:
label: "Salesforce Account Health Digest"
description: "Generates a weekly account health digest from Salesforce, summarizing open opportunities and support cases for strategic accounts, posted to the sales Slack channel."
tags:
- sales
- crm
- salesforce
- reporting
- slack
capability:
exposes:
- type: mcp
namespace: account-health
port: 8080
tools:
- name: digest-account-health
description: "Given a Salesforce account ID and Slack channel, retrieve open opportunities and support cases, then post a health digest to the sales Slack channel."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID."
- name: slack_channel
in: body
type: string
description: "The Slack channel to post the health digest to."
steps:
- name: get-account
type: call
call: "salesforce-health.get-account"
with:
account_id: "{{account_id}}"
- name: get-opportunities
type: call
call: "salesforce-health.get-account-opportunities"
with:
account_id: "{{account_id}}"
- name: post-digest
type: call
call: "slack-health.post-message"
with:
channel: "{{slack_channel}}"
text: "Account Health: {{get-account.name}} | Open Opps: {{get-opportunities.total_count}} | Pipeline: ${{get-opportunities.total_amount}}"
consumes:
- type: http
namespace: salesforce-health
baseUri: "https://apple.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- name: account-opportunities
path: "/sobjects/Account/{{account_id}}/Opportunities"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-opportunities
method: GET
- type: http
namespace: slack-health
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Opportunity Status Lookup
▼
sales crm salesforce reporting
Retrieves the current status, value, stage, and close date of a Salesforce opportunity by ID for sales pipeline reviews.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Status Lookup"
description: "Retrieves the current status, value, stage, and close date of a Salesforce opportunity by ID for sales pipeline reviews."
tags:
- sales
- crm
- salesforce
- reporting
capability:
exposes:
- type: mcp
namespace: crm-sales
port: 8080
tools:
- name: get-opportunity
description: "Look up a Salesforce opportunity by ID. Returns stage, amount, close date, and account name. Use for pipeline reviews or to surface deal context."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce opportunity record ID."
call: "salesforce.get-opportunity"
with:
opportunity_id: "{{opportunity_id}}"
outputParameters:
- name: name
type: string
mapping: "$.Name"
- name: stage
type: string
mapping: "$.StageName"
- name: amount
type: number
mapping: "$.Amount"
- name: close_date
type: string
mapping: "$.CloseDate"
consumes:
- type: http
namespace: salesforce
baseUri: "https://apple.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
SAP Concur Expense Report Approval
▼
finance expense-management sap-concur servicenow
Retrieves a pending expense report from SAP Concur, validates it against Apple travel policy, and routes it for manager approval via ServiceNow.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Approval"
description: "Retrieves a pending expense report from SAP Concur, validates it against Apple travel policy, and routes it for manager approval via ServiceNow."
tags:
- finance
- expense-management
- sap-concur
- servicenow
capability:
exposes:
- type: mcp
namespace: expense-mgmt
port: 8080
tools:
- name: process-expense-report
description: "Given a SAP Concur expense report ID and employee ID, retrieve the report details and create a ServiceNow approval task for the manager."
inputParameters:
- name: expense_report_id
in: body
type: string
description: "The SAP Concur expense report identifier."
- name: employee_id
in: body
type: string
description: "The employee ID submitting the expense report."
steps:
- name: get-expense-report
type: call
call: "sap-concur.get-expense-report"
with:
report_id: "{{expense_report_id}}"
- name: create-approval-task
type: call
call: "servicenow-exp.create-task"
with:
short_description: "Expense approval: {{employee_id}} — {{expense_report_id}}"
description: "Amount: {{get-expense-report.total_amount}} {{get-expense-report.currency}}. Period: {{get-expense-report.period}}."
assignment_group: "Finance_Expense"
consumes:
- type: http
namespace: sap-concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports/{{report_id}}"
inputParameters:
- name: report_id
in: path
operations:
- name: get-expense-report
method: GET
- type: http
namespace: servicenow-exp
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
SAP Purchase Order Lookup
▼
finance procurement sap erp
Looks up an Apple SAP S/4HANA purchase order by number and returns header status, vendor details, and total value.
naftiko: "0.5"
info:
label: "SAP Purchase Order Lookup"
description: "Looks up an Apple SAP S/4HANA purchase order by number and returns header status, vendor details, and total value."
tags:
- finance
- procurement
- sap
- erp
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: "Look up a SAP S/4HANA purchase order by PO number. Returns status, vendor name, total value, and currency. Use for procurement status checks and AP invoice matching."
inputParameters:
- name: po_number
in: body
type: string
description: "The SAP purchase order number, e.g. 4500098765."
call: "sap-erp.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OverallStatus"
- name: vendor
type: string
mapping: "$.d.Supplier.CompanyName"
- name: total_value
type: string
mapping: "$.d.TotalAmount"
- name: currency
type: string
mapping: "$.d.TransactionCurrency"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://apple-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
Security Vulnerability Response Chain
▼
security vulnerability-management jira pagerduty
When a critical CVE is detected by Qualys, creates a Jira security ticket, triggers a Terraform patch deployment, and escalates via PagerDuty.
naftiko: "0.5"
info:
label: "Security Vulnerability Response Chain"
description: "When a critical CVE is detected by Qualys, creates a Jira security ticket, triggers a Terraform patch deployment, and escalates via PagerDuty."
tags:
- security
- vulnerability-management
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: vuln-response
port: 8080
tools:
- name: respond-to-vulnerability
description: "Given a CVE ID, fetch vulnerability details, create a security Jira ticket, trigger patching, and escalate via PagerDuty."
inputParameters:
- name: cve_id
in: body
type: string
description: "The CVE identifier, e.g. CVE-2026-12345."
- name: affected_hosts
in: body
type: string
description: "Comma-separated list of affected hostnames."
steps:
- name: get-vuln-details
type: call
call: "qualys.get-vulnerability"
with:
cve_id: "{{cve_id}}"
- name: create-security-ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "Critical CVE: {{cve_id}} - {{get-vuln-details.title}}"
description: "CVSS: {{get-vuln-details.cvss_score}}. Affected: {{affected_hosts}}. Remediation: {{get-vuln-details.remediation}}"
issue_type: "Security Bug"
priority: "Critical"
- name: trigger-patch
type: call
call: "terraform.trigger-run"
with:
workspace: "security-patches"
message: "Auto-patch for {{cve_id}}"
- name: escalate-pagerduty
type: call
call: "pagerduty.create-incident"
with:
title: "Critical CVE {{cve_id}} detected"
description: "CVSS: {{get-vuln-details.cvss_score}}. Jira: {{create-security-ticket.key}}. Terraform run: {{trigger-patch.run_id}}."
severity: "critical"
service_id: "security-ops"
consumes:
- type: http
namespace: qualys
baseUri: "https://qualysapi.apple.com/api/v2"
authentication:
type: basic
username: "$secrets.qualys_user"
password: "$secrets.qualys_password"
resources:
- name: vulnerabilities
path: "/fo/knowledge_base/vuln/?action=list&cve_id={{cve_id}}"
inputParameters:
- name: cve_id
in: query
operations:
- name: get-vulnerability
method: GET
- type: http
namespace: jira
baseUri: "https://apple-eng.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: trigger-run
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
Silicon Wafer Yield Analysis Pipeline
▼
silicon-design manufacturing snowflake analytics
Pulls wafer test results from the fab database, runs yield analysis in Snowflake, generates a report, and posts findings to the engineering Slack channel.
naftiko: "0.5"
info:
label: "Silicon Wafer Yield Analysis Pipeline"
description: "Pulls wafer test results from the fab database, runs yield analysis in Snowflake, generates a report, and posts findings to the engineering Slack channel."
tags:
- silicon-design
- manufacturing
- snowflake
- analytics
capability:
exposes:
- type: mcp
namespace: wafer-yield
port: 8080
tools:
- name: analyze-wafer-yield
description: "Given a wafer lot ID, pull test data, run yield analysis, generate report, and share results with engineering."
inputParameters:
- name: lot_id
in: body
type: string
description: "The wafer lot identifier."
- name: fab_site
in: body
type: string
description: "The fabrication site code, e.g. TSMC-F16."
steps:
- name: get-test-results
type: call
call: "fab-db.get-wafer-tests"
with:
lot_id: "{{lot_id}}"
fab_site: "{{fab_site}}"
- name: run-yield-analysis
type: call
call: "snowflake.execute-query"
with:
query: "CALL silicon_analytics.analyze_yield('{{lot_id}}', '{{fab_site}}')"
warehouse: "SILICON_WH"
- name: generate-report
type: call
call: "confluence.create-page"
with:
space_key: "SILICON"
title: "Yield Report: Lot {{lot_id}} - {{fab_site}}"
body: "Yield: {{run-yield-analysis.yield_percent}}%. Defects: {{run-yield-analysis.defect_count}}. Good dies: {{run-yield-analysis.good_dies}}."
- name: notify-engineering
type: call
call: "slack.post-message"
with:
channel: "#silicon-engineering"
text: "Yield report for lot {{lot_id}} at {{fab_site}}: {{run-yield-analysis.yield_percent}}% yield. Report: {{generate-report.url}}"
consumes:
- type: http
namespace: fab-db
baseUri: "https://fab-data.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.fab_db_token"
resources:
- name: wafer-tests
path: "/lots/{{lot_id}}/tests?site={{fab_site}}"
inputParameters:
- name: lot_id
in: path
- name: fab_site
in: query
operations:
- name: get-wafer-tests
method: GET
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence
baseUri: "https://apple-eng.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Siri Intent Performance Monitoring
▼
ai siri monitoring datadog
Monitors Siri intent resolution performance by querying Datadog metrics, comparing against SLOs, and alerting the Siri team if degraded.
naftiko: "0.5"
info:
label: "Siri Intent Performance Monitoring"
description: "Monitors Siri intent resolution performance by querying Datadog metrics, comparing against SLOs, and alerting the Siri team if degraded."
tags:
- ai
- siri
- monitoring
- datadog
capability:
exposes:
- type: mcp
namespace: siri-perf
port: 8080
tools:
- name: check-intent-performance
description: "Check Siri intent resolution performance metrics from Datadog, compare against SLOs, and alert if thresholds breached."
inputParameters:
- name: intent_domain
in: body
type: string
description: "The Siri intent domain, e.g. com.apple.Siri.messaging."
- name: time_range
in: body
type: string
description: "Time range for metrics, e.g. last_1h, last_24h."
steps:
- name: query-metrics
type: call
call: "datadog.query-metrics"
with:
query: "avg:siri.intent.resolution_time{domain:{{intent_domain}}}.rollup(avg, 300)"
time_range: "{{time_range}}"
- name: get-slo-thresholds
type: call
call: "slo-registry.get-slo"
with:
service: "siri"
metric: "intent_resolution_time"
- name: evaluate-slo
type: call
call: "datadog.check-slo-status"
with:
slo_id: "{{get-slo-thresholds.slo_id}}"
- name: alert-team
type: call
call: "slack.post-message"
with:
channel: "#siri-engineering"
text: "Siri intent perf for {{intent_domain}}: Avg resolution={{query-metrics.avg_value}}ms. SLO target={{get-slo-thresholds.target_ms}}ms. SLO status: {{evaluate-slo.status}}."
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: metrics
path: "/query"
operations:
- name: query-metrics
method: GET
- name: slo
path: "/slo/{{slo_id}}"
inputParameters:
- name: slo_id
in: path
operations:
- name: check-slo-status
method: GET
- type: http
namespace: slo-registry
baseUri: "https://slo-registry.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.slo_registry_token"
resources:
- name: slos
path: "/slos"
operations:
- name: get-slo
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Data Pipeline Health Check
▼
data analytics snowflake pipeline-monitoring
Queries Snowflake for failed or long-running data pipeline tasks in a given schema, returning a status report for data engineering triage.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Health Check"
description: "Queries Snowflake for failed or long-running data pipeline tasks in a given schema, returning a status report for data engineering triage."
tags:
- data
- analytics
- snowflake
- pipeline-monitoring
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: get-pipeline-task-failures
description: "Query Snowflake task history for failed tasks in a given database and schema over the last N hours. Use to triage data engineering issues and SLA breaches."
inputParameters:
- name: database_name
in: body
type: string
description: "The Snowflake database to query, e.g. APPLE_ANALYTICS."
- name: schema_name
in: body
type: string
description: "The Snowflake schema to query, e.g. ETL."
- name: lookback_hours
in: body
type: integer
description: "Number of hours to look back in task history."
call: "snowflake.query-task-history"
with:
database: "{{database_name}}"
schema: "{{schema_name}}"
hours: "{{lookback_hours}}"
outputParameters:
- name: failed_tasks
type: array
mapping: "$.data"
consumes:
- type: http
namespace: snowflake
baseUri: "https://apple.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/{{database}}/schemas/{{schema}}/tasks/history"
inputParameters:
- name: database
in: path
- name: schema
in: path
- name: hours
in: query
operations:
- name: query-task-history
method: GET
Snowflake Data Quality Alert
▼
data analytics snowflake jira data-quality slack
When a Snowflake data quality check fails, creates a Jira data quality issue and notifies the data engineering team via Slack.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Alert"
description: "When a Snowflake data quality check fails, creates a Jira data quality issue and notifies the data engineering team via Slack."
tags:
- data
- analytics
- snowflake
- jira
- data-quality
- slack
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: handle-data-quality-failure
description: "Given a Snowflake table and failed data quality check name, open a Jira data quality issue and notify the data engineering Slack channel."
inputParameters:
- name: table_name
in: body
type: string
description: "The fully qualified Snowflake table name that failed the quality check."
- name: check_name
in: body
type: string
description: "The data quality check name that failed."
- name: failure_detail
in: body
type: string
description: "Description of what failed and relevant metrics."
steps:
- name: create-dq-issue
type: call
call: "jira-dq.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "[DQ Failure] {{table_name}} — {{check_name}}"
description: "Data quality check {{check_name}} failed on {{table_name}}. Detail: {{failure_detail}}."
- name: notify-data-team
type: call
call: "slack-dq.post-message"
with:
channel: "#data-engineering-alerts"
text: "Data Quality Failure: {{table_name}} | Check: {{check_name}} | Jira: {{create-dq-issue.key}}"
consumes:
- type: http
namespace: jira-dq
baseUri: "https://apple.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-dq
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Supplier Onboarding Orchestration
▼
procurement supply-chain sap-ariba salesforce servicenow slack
When a new supplier is approved in SAP Ariba, creates a Salesforce vendor account, opens a ServiceNow setup task, and notifies the procurement team via Slack.
naftiko: "0.5"
info:
label: "Supplier Onboarding Orchestration"
description: "When a new supplier is approved in SAP Ariba, creates a Salesforce vendor account, opens a ServiceNow setup task, and notifies the procurement team via Slack."
tags:
- procurement
- supply-chain
- sap-ariba
- salesforce
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: supplier-onboarding
port: 8080
tools:
- name: onboard-supplier
description: "Given an Ariba supplier ID and supplier name, create a Salesforce vendor account, open a ServiceNow setup task, and notify the procurement team in Slack."
inputParameters:
- name: ariba_supplier_id
in: body
type: string
description: "The SAP Ariba supplier ID."
- name: supplier_name
in: body
type: string
description: "The supplier company name."
- name: category
in: body
type: string
description: "The procurement category, e.g. IT Hardware, Logistics."
steps:
- name: create-sf-vendor
type: call
call: "salesforce-sup.create-account"
with:
name: "{{supplier_name}}"
type: "Vendor"
ariba_supplier_id: "{{ariba_supplier_id}}"
category: "{{category}}"
- name: create-setup-task
type: call
call: "servicenow-sup.create-task"
with:
short_description: "Supplier setup: {{supplier_name}}"
description: "Ariba ID: {{ariba_supplier_id}}. Category: {{category}}. Salesforce Account: {{create-sf-vendor.account_id}}."
assignment_group: "Procurement"
- name: notify-procurement
type: call
call: "slack-sup.post-message"
with:
channel: "#procurement-ops"
text: "New Supplier Onboarded: {{supplier_name}} | Category: {{category}} | Ariba: {{ariba_supplier_id}} | SNOW: {{create-setup-task.number}}"
consumes:
- type: http
namespace: salesforce-sup
baseUri: "https://apple.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account"
operations:
- name: create-account
method: POST
- type: http
namespace: servicenow-sup
baseUri: "https://apple.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
- type: http
namespace: slack-sup
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Supply Chain Component Shortage Alert
▼
supply-chain manufacturing sap pagerduty
Monitors supplier inventory levels for a component, checks against forecast demand in SAP, and triggers a PagerDuty alert and Slack notification if shortage is detected.
naftiko: "0.5"
info:
label: "Supply Chain Component Shortage Alert"
description: "Monitors supplier inventory levels for a component, checks against forecast demand in SAP, and triggers a PagerDuty alert and Slack notification if shortage is detected."
tags:
- supply-chain
- manufacturing
- sap
- pagerduty
capability:
exposes:
- type: mcp
namespace: supply-chain-alert
port: 8080
tools:
- name: check-component-shortage
description: "Given a component part number, check supplier inventory against SAP demand forecast and alert if a shortage is detected."
inputParameters:
- name: part_number
in: body
type: string
description: "The component part number to check."
- name: supplier_id
in: body
type: string
description: "The supplier identifier."
steps:
- name: get-inventory
type: call
call: "supplier-portal.get-inventory"
with:
part_number: "{{part_number}}"
supplier_id: "{{supplier_id}}"
- name: get-demand-forecast
type: call
call: "sap.get-demand-forecast"
with:
material_number: "{{part_number}}"
- name: alert-pagerduty
type: call
call: "pagerduty.create-incident"
with:
title: "Component shortage alert: {{part_number}}"
description: "Supplier {{supplier_id}} inventory: {{get-inventory.quantity_available}}. Forecasted demand: {{get-demand-forecast.forecasted_demand}}."
severity: "high"
service_id: "supply-chain-ops"
- name: notify-slack
type: call
call: "slack.post-message"
with:
channel: "#supply-chain-alerts"
text: "Shortage alert for {{part_number}} from supplier {{supplier_id}}. Available: {{get-inventory.quantity_available}}, Demand: {{get-demand-forecast.forecasted_demand}}. PagerDuty: {{alert-pagerduty.incident_id}}"
consumes:
- type: http
namespace: supplier-portal
baseUri: "https://supplier-portal.apple.com/api/v2"
authentication:
type: bearer
token: "$secrets.supplier_portal_token"
resources:
- name: inventory
path: "/suppliers/{{supplier_id}}/inventory/{{part_number}}"
inputParameters:
- name: supplier_id
in: path
- name: part_number
in: path
operations:
- name: get-inventory
method: GET
- type: http
namespace: sap
baseUri: "https://sap.apple.com/api/v1"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: demand
path: "/demand-forecast/{{material_number}}"
inputParameters:
- name: material_number
in: path
operations:
- name: get-demand-forecast
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Swift Package Registry Lookup
▼
developer-tools swift packages
Looks up a Swift package in the Apple Swift Package Registry by name, returning latest version, dependencies, and platforms.
naftiko: "0.5"
info:
label: "Swift Package Registry Lookup"
description: "Looks up a Swift package in the Apple Swift Package Registry by name, returning latest version, dependencies, and platforms."
tags:
- developer-tools
- swift
- packages
capability:
exposes:
- type: mcp
namespace: swift-packages
port: 8080
tools:
- name: get-package
description: "Look up a Swift package by scope and name. Returns latest version, supported platforms, and dependency count."
inputParameters:
- name: package_scope
in: body
type: string
description: "The Swift package scope, e.g. apple."
- name: package_name
in: body
type: string
description: "The Swift package name, e.g. swift-nio."
call: "swift-registry.get-package"
with:
package_scope: "{{package_scope}}"
package_name: "{{package_name}}"
outputParameters:
- name: latest_version
type: string
mapping: "$.releases[0].version"
- name: platforms
type: array
mapping: "$.metadata.platforms"
consumes:
- type: http
namespace: swift-registry
baseUri: "https://packages.swift.org/api/v1"
authentication:
type: bearer
token: "$secrets.swift_registry_token"
resources:
- name: packages
path: "/{{package_scope}}/{{package_name}}"
inputParameters:
- name: package_scope
in: path
- name: package_name
in: path
operations:
- name: get-package
method: GET
Swift Playground Content Publishing
▼
developer-tools education swift content-publishing
Publishes educational Swift Playground content by validating the package, uploading to the content CDN, registering metadata, and notifying the education team.
naftiko: "0.5"
info:
label: "Swift Playground Content Publishing"
description: "Publishes educational Swift Playground content by validating the package, uploading to the content CDN, registering metadata, and notifying the education team."
tags:
- developer-tools
- education
- swift
- content-publishing
capability:
exposes:
- type: mcp
namespace: playground-publish
port: 8080
tools:
- name: publish-playground
description: "Publish a Swift Playground: validate package, upload to CDN, register metadata, and notify education team."
inputParameters:
- name: package_id
in: body
type: string
description: "The Swift Playground package identifier."
- name: version
in: body
type: string
description: "The content version to publish."
steps:
- name: validate-package
type: call
call: "playground-api.validate"
with:
package_id: "{{package_id}}"
version: "{{version}}"
- name: upload-to-cdn
type: call
call: "cdn-api.upload-asset"
with:
asset_type: "playground"
asset_id: "{{package_id}}"
version: "{{version}}"
content_ref: "{{validate-package.content_ref}}"
- name: register-metadata
type: call
call: "playground-api.register-version"
with:
package_id: "{{package_id}}"
version: "{{version}}"
cdn_url: "{{upload-to-cdn.asset_url}}"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "#education-content"
text: "Swift Playground {{package_id}} v{{version}} published. CDN: {{upload-to-cdn.asset_url}}."
consumes:
- type: http
namespace: playground-api
baseUri: "https://playground-content.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.playground_api_token"
resources:
- name: validation
path: "/packages/{{package_id}}/validate"
inputParameters:
- name: package_id
in: path
operations:
- name: validate
method: POST
- name: versions
path: "/packages/{{package_id}}/versions"
inputParameters:
- name: package_id
in: path
operations:
- name: register-version
method: POST
- type: http
namespace: cdn-api
baseUri: "https://cdn-management.apple.com/api/v1"
authentication:
type: bearer
token: "$secrets.cdn_api_token"
resources:
- name: assets
path: "/assets"
operations:
- name: upload-asset
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Tableau Dashboard Refresh Trigger
▼
data analytics tableau reporting slack
Triggers a Tableau workbook extract refresh and notifies stakeholders via Slack when the refresh completes or fails.
naftiko: "0.5"
info:
label: "Tableau Dashboard Refresh Trigger"
description: "Triggers a Tableau workbook extract refresh and notifies stakeholders via Slack when the refresh completes or fails."
tags:
- data
- analytics
- tableau
- reporting
- slack
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: refresh-tableau-workbook
description: "Given a Tableau workbook ID and site name, trigger an extract refresh and notify stakeholders via Slack."
inputParameters:
- name: workbook_id
in: body
type: string
description: "The Tableau workbook ID to refresh."
- name: site_name
in: body
type: string
description: "The Tableau site name, e.g. apple."
- name: slack_channel
in: body
type: string
description: "The Slack channel to notify on completion."
steps:
- name: trigger-refresh
type: call
call: "tableau.refresh-workbook"
with:
workbook_id: "{{workbook_id}}"
site: "{{site_name}}"
- name: notify-stakeholders
type: call
call: "slack-tableau.post-message"
with:
channel: "{{slack_channel}}"
text: "Tableau workbook {{workbook_id}} refresh triggered. Job ID: {{trigger-refresh.job_id}}."
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.apple.com/api/2.8"
authentication:
type: apikey
key: "X-Tableau-Auth"
value: "$secrets.tableau_token"
placement: header
resources:
- name: workbook-refresh
path: "/sites/{{site}}/workbooks/{{workbook_id}}/refresh"
inputParameters:
- name: site
in: path
- name: workbook_id
in: path
operations:
- name: refresh-workbook
method: POST
- type: http
namespace: slack-tableau
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Terraform Cloud Workspace Provisioning
▼
cloud infrastructure terraform devops slack
Creates a new Terraform Cloud workspace for a given project and environment, and notifies the infrastructure team via Slack.
naftiko: "0.5"
info:
label: "Terraform Cloud Workspace Provisioning"
description: "Creates a new Terraform Cloud workspace for a given project and environment, and notifies the infrastructure team via Slack."
tags:
- cloud
- infrastructure
- terraform
- devops
- slack
capability:
exposes:
- type: mcp
namespace: infra-provisioning
port: 8080
tools:
- name: provision-terraform-workspace
description: "Given a project name and environment, create a Terraform Cloud workspace in the Apple Terraform organization and notify the infrastructure Slack channel."
inputParameters:
- name: project_name
in: body
type: string
description: "The project name for the new workspace."
- name: environment
in: body
type: string
description: "The deployment environment: dev, staging, or prod."
steps:
- name: create-workspace
type: call
call: "terraform.create-workspace"
with:
org: "apple"
name: "{{project_name}}-{{environment}}"
- name: notify-infra
type: call
call: "slack-tf.post-message"
with:
channel: "#infrastructure-team"
text: "Terraform workspace created: {{project_name}}-{{environment}}. ID: {{create-workspace.workspace_id}}."
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/{{org}}/workspaces"
inputParameters:
- name: org
in: path
operations:
- name: create-workspace
method: POST
- type: http
namespace: slack-tf
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
TestFlight Beta Tester Lookup
▼
developer-tools testflight beta-testing
Retrieves beta tester details from TestFlight by email, including invitation status, installed builds, and last active date.
naftiko: "0.5"
info:
label: "TestFlight Beta Tester Lookup"
description: "Retrieves beta tester details from TestFlight by email, including invitation status, installed builds, and last active date."
tags:
- developer-tools
- testflight
- beta-testing
capability:
exposes:
- type: mcp
namespace: testflight
port: 8080
tools:
- name: get-beta-tester
description: "Look up a TestFlight beta tester by email. Returns invitation status, number of installed builds, and last session date."
inputParameters:
- name: email
in: body
type: string
description: "The beta tester email address."
call: "appstoreconnect.get-beta-tester"
with:
email: "{{email}}"
outputParameters:
- name: first_name
type: string
mapping: "$.data[0].attributes.firstName"
- name: invitation_status
type: string
mapping: "$.data[0].attributes.inviteType"
- name: installed_builds
type: number
mapping: "$.data[0].attributes.installedCfBundleShortVersionStrings.length"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: beta-testers
path: "/betaTesters?filter[email]={{email}}"
inputParameters:
- name: email
in: query
operations:
- name: get-beta-tester
method: GET
Workday Role Change Provisioning
▼
hr identity workday okta slack
When an employee changes roles in Workday, updates their Okta group memberships and notifies the new manager via Slack.
naftiko: "0.5"
info:
label: "Workday Role Change Provisioning"
description: "When an employee changes roles in Workday, updates their Okta group memberships and notifies the new manager via Slack."
tags:
- hr
- identity
- workday
- okta
- slack
capability:
exposes:
- type: mcp
namespace: hr-role-change
port: 8080
tools:
- name: sync-role-change
description: "Given a Workday employee ID and new role details, update Okta group assignments for the new role and notify the new manager via Slack."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the employee changing roles."
- name: new_role
in: body
type: string
description: "The new job role or title."
- name: new_manager_slack_id
in: body
type: string
description: "The Slack user ID of the new manager."
steps:
- name: get-worker
type: call
call: "workday-role.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: update-okta-groups
type: call
call: "okta-role.update-user-groups"
with:
user_id: "{{get-worker.okta_user_id}}"
department: "{{get-worker.new_department}}"
- name: notify-new-manager
type: call
call: "slack-role.post-message"
with:
channel: "{{new_manager_slack_id}}"
text: "{{get-worker.full_name}} has been assigned to your team in role: {{new_role}}. Okta access updated."
consumes:
- type: http
namespace: workday-role
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/apple/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-role
baseUri: "https://apple.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users/{{user_id}}/groups"
inputParameters:
- name: user_id
in: path
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: slack-role
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Xcode Cloud Build Status
▼
developer-tools ci-cd xcode-cloud
Retrieves the status of an Xcode Cloud build run by its build ID, including result, duration, and workflow name.
naftiko: "0.5"
info:
label: "Xcode Cloud Build Status"
description: "Retrieves the status of an Xcode Cloud build run by its build ID, including result, duration, and workflow name."
tags:
- developer-tools
- ci-cd
- xcode-cloud
capability:
exposes:
- type: mcp
namespace: xcode-cloud
port: 8080
tools:
- name: get-build-status
description: "Check the status of an Xcode Cloud build run. Returns build result, duration in seconds, and workflow name."
inputParameters:
- name: build_run_id
in: body
type: string
description: "The Xcode Cloud build run identifier."
call: "appstoreconnect.get-build-run"
with:
build_run_id: "{{build_run_id}}"
outputParameters:
- name: result
type: string
mapping: "$.data.attributes.completionStatus"
- name: duration_seconds
type: number
mapping: "$.data.attributes.executionDuration"
- name: workflow_name
type: string
mapping: "$.data.attributes.workflowName"
consumes:
- type: http
namespace: appstoreconnect
baseUri: "https://api.appstoreconnect.apple.com/v1"
authentication:
type: bearer
token: "$secrets.appstore_connect_token"
resources:
- name: build-runs
path: "/ciBuildRuns/{{build_run_id}}"
inputParameters:
- name: build_run_id
in: path
operations:
- name: get-build-run
method: GET
Zoom Meeting Recording Transcript Distribution
▼
communication zoom openai ai slack
When a Zoom meeting recording is available, retrieves the transcript, submits it to OpenAI for a summary, and posts the summary to the relevant Slack channel.
naftiko: "0.5"
info:
label: "Zoom Meeting Recording Transcript Distribution"
description: "When a Zoom meeting recording is available, retrieves the transcript, submits it to OpenAI for a summary, and posts the summary to the relevant Slack channel."
tags:
- communication
- zoom
- openai
- ai
- slack
capability:
exposes:
- type: mcp
namespace: meeting-intelligence
port: 8080
tools:
- name: summarize-meeting-recording
description: "Given a Zoom meeting ID and Slack channel, retrieve the recording transcript, generate an AI summary with OpenAI, and post it to Slack."
inputParameters:
- name: zoom_meeting_id
in: body
type: string
description: "The Zoom meeting ID."
- name: slack_channel
in: body
type: string
description: "The Slack channel to post the summary to."
steps:
- name: get-recording
type: call
call: "zoom.get-recording"
with:
meeting_id: "{{zoom_meeting_id}}"
- name: summarize
type: call
call: "openai-zoom.create-completion"
with:
model: "gpt-4o"
prompt: "Summarize this meeting transcript with: Key Decisions, Action Items (owner + due date), and Next Steps: {{get-recording.transcript}}"
- name: post-summary
type: call
call: "slack-zoom.post-message"
with:
channel: "{{slack_channel}}"
text: "Meeting Summary ({{zoom_meeting_id}}): {{summarize.text}}"
consumes:
- type: http
namespace: zoom
baseUri: "https://api.zoom.us/v2"
authentication:
type: bearer
token: "$secrets.zoom_token"
resources:
- name: recordings
path: "/meetings/{{meeting_id}}/recordings"
inputParameters:
- name: meeting_id
in: path
operations:
- name: get-recording
method: GET
- type: http
namespace: openai-zoom
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: create-completion
method: POST
- type: http
namespace: slack-zoom
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST