Bank of America Capabilities
Naftiko 0.5 capability definitions for Bank of America - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
AI-Assisted Regulatory Document Summarization
▼
ai compliance openai sharepoint document-processing regulatory
Retrieves a regulatory filing or policy document from SharePoint and generates a structured executive summary using OpenAI GPT-4o, returning key findings for compliance review.
naftiko: "0.5"
info:
label: "AI-Assisted Regulatory Document Summarization"
description: "Retrieves a regulatory filing or policy document from SharePoint and generates a structured executive summary using OpenAI GPT-4o, returning key findings for compliance review."
tags:
- ai
- compliance
- openai
- sharepoint
- document-processing
- regulatory
capability:
exposes:
- type: mcp
namespace: compliance-ai
port: 8080
tools:
- name: summarize-regulatory-document
description: "Given a SharePoint site ID and document item ID, retrieve the document and generate a 5-point executive summary using OpenAI. Use for rapid review of regulatory filings, SEC documents, or policy updates."
inputParameters:
- name: site_id
in: body
type: string
description: "The SharePoint site ID where the regulatory document is stored."
- name: item_id
in: body
type: string
description: "The SharePoint drive item ID for the document."
- name: document_type
in: body
type: string
description: "Document type context: 'SEC filing', 'CCAR report', 'compliance policy', 'audit finding'."
steps:
- name: get-document
type: call
call: "sharepoint.get-document-content"
with:
site_id: "{{site_id}}"
item_id: "{{item_id}}"
- name: generate-summary
type: call
call: "openai.create-chat-completion"
with:
model: "gpt-4o"
system_prompt: "You are a regulatory compliance analyst at a major US bank. Summarize the following {{document_type}} document in 5 key bullet points, highlighting risk factors, regulatory requirements, deadlines, and required actions."
user_message: "{{get-document.content}}"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: document-content
path: "/sites/{{site_id}}/drive/items/{{item_id}}/content"
inputParameters:
- name: site_id
in: path
- name: item_id
in: path
operations:
- name: get-document-content
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: chat-completions
path: "/chat/completions"
operations:
- name: create-chat-completion
method: POST
AML Transaction Monitoring Alert
▼
banking aml compliance snowflake servicenow
When an AML alert fires, enriches the transaction from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer via Teams.
naftiko: "0.5"
info:
label: "AML Transaction Monitoring Alert"
description: "When an AML alert fires, enriches the transaction from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer via Teams."
tags:
- banking
- aml
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: aml-ops
port: 8080
tools:
- name: handle-aml-alert
description: "Given a transaction ID and alert type, enrich from Snowflake, create a SAR investigation in ServiceNow, and notify the BSA officer."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Transaction ID."
- name: alert_type
in: body
type: string
description: "AML alert type."
- name: bsa_officer_upn
in: body
type: string
description: "BSA officer UPN."
steps:
- name: enrich-txn
type: call
call: snowflake.get-transaction
with:
transaction_id: "{{transaction_id}}"
- name: create-sar
type: call
call: snow.create-sar
with:
short_description: "AML Alert: {{transaction_id}} — {{alert_type}}"
description: "Amount: {{enrich-txn.amount}} | Customer: {{enrich-txn.customer_name}}"
- name: notify-bsa
type: call
call: msteams.send-message
with:
recipient_upn: "{{bsa_officer_upn}}"
text: "AML alert: {{transaction_id}} — {{alert_type}}. Amount: {{enrich-txn.amount}}. SAR: {{create-sar.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-transaction
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: sar
path: "/table/u_sar_investigation"
operations:
- name: create-sar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
AML Transaction Monitoring Workflow
▼
banking aml compliance snowflake servicenow
When an AML alert fires, enriches from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer.
naftiko: "0.5"
info:
label: "AML Transaction Monitoring Workflow"
description: "When an AML alert fires, enriches from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer."
tags:
- banking
- aml
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: aml-ops
port: 8080
tools:
- name: handle-aml-alert
description: "Given a transaction ID and alert type, enrich from Snowflake, create a SAR in ServiceNow, and notify BSA."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Transaction ID."
- name: alert_type
in: body
type: string
description: "Alert type."
- name: bsa_upn
in: body
type: string
description: "BSA officer UPN."
steps:
- name: enrich
type: call
call: snowflake.get-transaction
with:
transaction_id: "{{transaction_id}}"
- name: create-sar
type: call
call: snow.create-sar
with:
short_description: "AML: {{transaction_id}} — {{alert_type}}"
description: "Amount: {{enrich.amount}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{bsa_upn}}"
text: "AML: {{transaction_id}} — {{alert_type}}. Amount: {{enrich.amount}}. SAR: {{create-sar.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-transaction
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: sar
path: "/table/u_sar_investigation"
operations:
- name: create-sar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Azure DevOps Build Status Lookup
▼
banking devops azure-devops cicd lookup
Retrieves the latest build run for an Azure DevOps pipeline, returning status and result.
naftiko: "0.5"
info:
label: "Azure DevOps Build Status Lookup"
description: "Retrieves the latest build run for an Azure DevOps pipeline, returning status and result."
tags:
- banking
- devops
- azure-devops
- cicd
- lookup
capability:
exposes:
- type: mcp
namespace: cicd-ops
port: 8080
tools:
- name: get-build-status
description: "Given an Azure DevOps project and pipeline ID, return the latest build status and result."
inputParameters:
- name: project
in: body
type: string
description: "Azure DevOps project name."
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
call: azdo.get-run
with:
project: "{{project}}"
pipelineId: "{{pipeline_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].state"
- name: result
type: string
mapping: "$.value[0].result"
consumes:
- namespace: azdo
type: http
baseUri: "https://dev.azure.com/bofa"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: cicd-ops
path: "/{{id}}"
operations:
- name: get-run
method: GET
Azure Kubernetes Cluster Scaling Handler
▼
banking devops kubernetes azure datadog
Responds to AKS scaling alerts by checking Datadog metrics, triggering node pool scaling via Azure, and notifying the platform team in Teams.
naftiko: "0.5"
info:
label: "Azure Kubernetes Cluster Scaling Handler"
description: "Responds to AKS scaling alerts by checking Datadog metrics, triggering node pool scaling via Azure, and notifying the platform team in Teams."
tags:
- banking
- devops
- kubernetes
- azure
- datadog
capability:
exposes:
- type: mcp
namespace: platform-ops
port: 8080
tools:
- name: handle-aks-scaling
description: "Given an AKS cluster name and CPU utilization, check Datadog metrics, scale Azure node pool, and notify platform team in Teams."
inputParameters:
- name: cluster_name
in: body
type: string
description: "AKS cluster name."
- name: cpu_utilization
in: body
type: number
description: "CPU utilization percentage."
- name: platform_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: check-metrics
type: call
call: datadog.get-cluster-metrics
with:
cluster: "{{cluster_name}}"
- name: scale-nodes
type: call
call: azure.scale-nodepool
with:
cluster: "{{cluster_name}}"
- name: notify-team
type: call
call: msteams.post-channel
with:
channel_id: "{{platform_channel_id}}"
text: "AKS scaling: {{cluster_name}} — CPU: {{cpu_utilization}}%. Trend: {{check-metrics.trend}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query?query=kubernetes.cpu.usage{{cluster}}"
inputParameters:
- name: cluster
in: query
operations:
- name: get-cluster-metrics
method: GET
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: nodepools
path: "/subscriptions/{{subId}}/resourceGroups/aks-rg/providers/Microsoft.ContainerService/managedClusters/{{cluster}}/agentPools/default"
inputParameters:
- name: cluster
in: path
operations:
- name: scale-nodepool
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Azure Resource Group Cost Check
▼
banking cloud azure finops lookup
Queries Azure Cost Management for the current month spend of a specified resource group.
naftiko: "0.5"
info:
label: "Azure Resource Group Cost Check"
description: "Queries Azure Cost Management for the current month spend of a specified resource group."
tags:
- banking
- cloud
- azure
- finops
- lookup
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: get-rg-cost
description: "Given an Azure resource group name, return the current month total cost and forecast."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group name."
call: azure-cost.get-cost
with:
resourceGroup: "{{resource_group}}"
outputParameters:
- name: total_cost
type: number
mapping: "$.properties.rows[0][0]"
- name: forecast
type: number
mapping: "$.properties.rows[0][1]"
consumes:
- namespace: azure-cost
type: http
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: cloud-finops
path: "/{{id}}"
operations:
- name: get-cost
method: GET
Bloomberg Security Price Lookup
▼
banking bloomberg market-data trading lookup
Retrieves current market price for a security from Bloomberg Enterprise Data.
naftiko: "0.5"
info:
label: "Bloomberg Security Price Lookup"
description: "Retrieves current market price for a security from Bloomberg Enterprise Data."
tags:
- banking
- bloomberg
- market-data
- trading
- lookup
capability:
exposes:
- type: mcp
namespace: market-ops
port: 8080
tools:
- name: get-security-price
description: "Given a Bloomberg security identifier, return the last price, change, and volume."
inputParameters:
- name: security_id
in: body
type: string
description: "Bloomberg security identifier."
call: bloomberg.get-quote
with:
securities: "{{security_id}}"
outputParameters:
- name: last_price
type: number
mapping: "$.data[0].last_price"
- name: change_pct
type: number
mapping: "$.data[0].change_pct"
consumes:
- namespace: bloomberg
type: http
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: quotes
path: "/quotes?securities={{securities}}"
operations:
- name: get-quote
method: GET
Business Continuity Drill Coordinator
▼
banking operations business-continuity workday servicenow
Coordinates BC drills by pulling participant lists from Workday, creating tasks in ServiceNow, and distributing instructions via Teams.
naftiko: "0.5"
info:
label: "Business Continuity Drill Coordinator"
description: "Coordinates BC drills by pulling participant lists from Workday, creating tasks in ServiceNow, and distributing instructions via Teams."
tags:
- banking
- operations
- business-continuity
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: bcp-ops
port: 8080
tools:
- name: coordinate-bc-drill
description: "Given a drill scenario and date, pull department staff from Workday, create drill tasks in ServiceNow, and post instructions to Teams."
inputParameters:
- name: drill_scenario
in: body
type: string
description: "Drill scenario."
- name: drill_date
in: body
type: string
description: "Drill date."
- name: bcp_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-participants
type: call
call: workday.get-staff
with:
scenario: "{{drill_scenario}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "BC Drill: {{drill_scenario}} — {{drill_date}}"
description: "Participants: {{get-participants.count}}"
- name: notify-channel
type: call
call: msteams.post-channel
with:
channel_id: "{{bcp_channel_id}}"
text: "BC Drill: {{drill_scenario}} on {{drill_date}}. Participants: {{get-participants.count}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: staff
path: "/workers"
operations:
- name: get-staff
method: GET
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_bc_drill"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Client Portfolio Review Preparation
▼
banking wealth-management portfolio snowflake salesforce
Prepares a client portfolio review by pulling holdings from Snowflake, generating a performance summary, and distributing to the relationship manager via Teams.
naftiko: "0.5"
info:
label: "Client Portfolio Review Preparation"
description: "Prepares a client portfolio review by pulling holdings from Snowflake, generating a performance summary, and distributing to the relationship manager via Teams."
tags:
- banking
- wealth-management
- portfolio
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: wealth-ops
port: 8080
tools:
- name: prepare-portfolio-review
description: "Given a client ID, pull portfolio holdings from Snowflake, generate performance metrics, and notify the RM in Teams."
inputParameters:
- name: client_id
in: body
type: string
description: "Client ID."
- name: rm_upn
in: body
type: string
description: "Relationship manager UPN."
steps:
- name: get-holdings
type: call
call: snowflake.query-portfolio
with:
client_id: "{{client_id}}"
- name: update-sf
type: call
call: sf.update-review
with:
client_id: "{{client_id}}"
performance: "{{get-holdings.ytd_return}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Portfolio review ready: {{client_id}} — YTD: {{get-holdings.ytd_return}}% | AUM: ${{get-holdings.total_aum}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-portfolio
method: POST
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: reviews
path: "/sobjects/Portfolio_Review__c/{{client_id}}"
inputParameters:
- name: client_id
in: path
operations:
- name: update-review
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Portfolio Review Preparer
▼
banking wealth-management portfolio snowflake salesforce
Prepares portfolio reviews by pulling holdings from Snowflake, updating Salesforce, and notifying the RM.
naftiko: "0.5"
info:
label: "Client Portfolio Review Preparer"
description: "Prepares portfolio reviews by pulling holdings from Snowflake, updating Salesforce, and notifying the RM."
tags:
- banking
- wealth-management
- portfolio
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: wealth-ops
port: 8080
tools:
- name: prepare-portfolio-review
description: "Given a client ID, pull portfolio from Snowflake, update Salesforce, and notify the RM."
inputParameters:
- name: client_id
in: body
type: string
description: "Client ID."
- name: rm_upn
in: body
type: string
description: "RM UPN."
steps:
- name: get-holdings
type: call
call: snowflake.query-portfolio
with:
client_id: "{{client_id}}"
- name: update-sf
type: call
call: sf.update-review
with:
client_id: "{{client_id}}"
ytd: "{{get-holdings.ytd_return}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Portfolio ready: {{client_id}} — YTD: {{get-holdings.ytd_return}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-portfolio
method: POST
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: reviews
path: "/sobjects/Portfolio_Review__c/{{client_id}}"
operations:
- name: update-review
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Cloud Cost Anomaly Detection and Response
▼
finops cloud aws datadog servicenow cost-management
When an AWS cost anomaly alert is triggered, annotates it in Datadog, opens a ServiceNow change request for FinOps review, and notifies the Cloud Cost Management team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Cloud Cost Anomaly Detection and Response"
description: "When an AWS cost anomaly alert is triggered, annotates it in Datadog, opens a ServiceNow change request for FinOps review, and notifies the Cloud Cost Management team via Microsoft Teams."
tags:
- finops
- cloud
- aws
- datadog
- servicenow
- cost-management
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: handle-cost-anomaly
description: "Given an AWS cost anomaly with service name and overage amount, create a Datadog annotation, open a ServiceNow change request, and alert the FinOps Teams channel."
inputParameters:
- name: aws_service
in: body
type: string
description: "The AWS service reporting the anomaly, e.g. 'Amazon EC2', 'AWS Lambda'."
- name: overage_usd
in: body
type: number
description: "Estimated cost overage in USD."
- name: account_id
in: body
type: string
description: "The AWS account ID where the anomaly was detected."
steps:
- name: annotate-datadog
type: call
call: "datadog.create-event"
with:
title: "AWS Cost Anomaly: {{aws_service}}"
text: "Account {{account_id}} — overage: ${{overage_usd}}"
alert_type: "warning"
- name: open-change-request
type: call
call: "servicenow.create-change"
with:
short_description: "FinOps review: {{aws_service}} overage ${{overage_usd}}"
category: "finops"
justification: "AWS anomaly detected on account {{account_id}}"
- name: notify-finops
type: call
call: "msteams.post-channel-message"
with:
channel: "cloud-cost-management"
message: "AWS Cost Anomaly: {{aws_service}} | Account: {{account_id}} | Overage: ${{overage_usd}} | SNOW: {{open-change-request.number}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Compliance Training Completion Tracker
▼
banking compliance training workday servicenow
Tracks compliance training by pulling enrollment data from Workday Learning, checking ServiceNow escalation thresholds, and notifying managers via Teams.
naftiko: "0.5"
info:
label: "Compliance Training Completion Tracker"
description: "Tracks compliance training by pulling enrollment data from Workday Learning, checking ServiceNow escalation thresholds, and notifying managers via Teams."
tags:
- banking
- compliance
- training
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: compliance-training
port: 8080
tools:
- name: track-training-completion
description: "Given a program ID and deadline, query Workday for incomplete enrollments, check escalation status in ServiceNow, and notify managers in Teams."
inputParameters:
- name: program_id
in: body
type: string
description: "Training program ID."
- name: deadline
in: body
type: string
description: "Deadline date."
steps:
- name: get-enrollments
type: call
call: workday.get-training-status
with:
program_id: "{{program_id}}"
- name: check-escalation
type: call
call: snow.check-escalation
with:
program_id: "{{program_id}}"
deadline: "{{deadline}}"
- name: notify-managers
type: call
call: msteams.send-notification
with:
subject: "Training overdue: {{program_id}}"
body: "Deadline: {{deadline}}. Incomplete: {{get-enrollments.incomplete_count}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Learning/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: training
path: "/learning-enrollments?program={{program_id}}"
inputParameters:
- name: program_id
in: query
operations:
- name: get-training-status
method: GET
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: escalation
path: "/table/u_training_compliance"
operations:
- name: check-escalation
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Conference Room Booking Notification
▼
banking facilities microsoft-graph microsoft-teams scheduling
Books a conference room via Microsoft Graph, creates the calendar event, and notifies attendees in Teams.
naftiko: "0.5"
info:
label: "Conference Room Booking Notification"
description: "Books a conference room via Microsoft Graph, creates the calendar event, and notifies attendees in Teams."
tags:
- banking
- facilities
- microsoft-graph
- microsoft-teams
- scheduling
capability:
exposes:
- type: mcp
namespace: facilities-ops
port: 8080
tools:
- name: book-conference-room
description: "Given a room email, start/end times, and organizer, check availability, create the booking, and notify in Teams."
inputParameters:
- name: room_email
in: body
type: string
description: "Room resource email."
- name: start_time
in: body
type: string
description: "Start time (ISO 8601)."
- name: end_time
in: body
type: string
description: "End time (ISO 8601)."
- name: organizer_upn
in: body
type: string
description: "Organizer UPN."
steps:
- name: check-availability
type: call
call: msgraph.get-schedule
with:
room: "{{room_email}}"
start: "{{start_time}}"
- name: create-booking
type: call
call: msgraph.create-event
with:
room: "{{room_email}}"
start: "{{start_time}}"
end: "{{end_time}}"
- name: notify-organizer
type: call
call: msteams.send-message
with:
recipient_upn: "{{organizer_upn}}"
text: "Room booked: {{room_email}} from {{start_time}} to {{end_time}}."
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: schedules
path: "/users/{{room}}/calendar/getSchedule"
inputParameters:
- name: room
in: path
operations:
- name: get-schedule
method: POST
- name: events
path: "/users/{{organizer_upn}}/events"
operations:
- name: create-event
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Confluence Knowledge Article Search
▼
banking knowledge-management confluence documentation lookup
Searches Confluence for a knowledge article by keyword and returns the page title, space, and URL.
naftiko: "0.5"
info:
label: "Confluence Knowledge Article Search"
description: "Searches Confluence for a knowledge article by keyword and returns the page title, space, and URL."
tags:
- banking
- knowledge-management
- confluence
- documentation
- lookup
capability:
exposes:
- type: mcp
namespace: km-ops
port: 8080
tools:
- name: search-article
description: "Given a keyword, search Confluence for matching articles and return the top result title, space, and URL."
inputParameters:
- name: keyword
in: body
type: string
description: "Search keyword."
call: confluence.search-content
with:
cql: "type=page AND title~{{keyword}}"
outputParameters:
- name: title
type: string
mapping: "$.results[0].title"
- name: space
type: string
mapping: "$.results[0].space.name"
consumes:
- namespace: confluence
type: http
baseUri: "https://bofa.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_api_token"
resources:
- name: km-ops
path: "/{{id}}"
operations:
- name: search-content
method: GET
Credit Risk Assessment Handler
▼
banking credit-risk risk-management snowflake salesforce
Performs credit risk assessment by pulling financials from Snowflake, computing risk, and updating Salesforce.
naftiko: "0.5"
info:
label: "Credit Risk Assessment Handler"
description: "Performs credit risk assessment by pulling financials from Snowflake, computing risk, and updating Salesforce."
tags:
- banking
- credit-risk
- risk-management
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: credit-ops
port: 8080
tools:
- name: assess-credit-risk
description: "Given a customer ID and loan amount, pull financials from Snowflake, update Salesforce, and notify the RM."
inputParameters:
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: loan_amount
in: body
type: number
description: "Loan amount."
- name: rm_upn
in: body
type: string
description: "RM UPN."
steps:
- name: get-financials
type: call
call: snowflake.query-financials
with:
customer_id: "{{customer_id}}"
- name: update-sf
type: call
call: sf.update-risk
with:
customer_id: "{{customer_id}}"
risk_score: "{{get-financials.risk_score}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Credit: {{customer_id}} — Risk: {{get-financials.risk_score}} | Loan: ${{loan_amount}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-financials
method: POST
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{customer_id}}"
operations:
- name: update-risk
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Credit Risk Assessment Workflow
▼
banking credit-risk risk-management snowflake salesforce
Performs a credit risk assessment by pulling customer financials from Snowflake, running the risk model, and updating the Salesforce opportunity with the risk rating.
naftiko: "0.5"
info:
label: "Credit Risk Assessment Workflow"
description: "Performs a credit risk assessment by pulling customer financials from Snowflake, running the risk model, and updating the Salesforce opportunity with the risk rating."
tags:
- banking
- credit-risk
- risk-management
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: credit-ops
port: 8080
tools:
- name: assess-credit-risk
description: "Given a customer ID and loan amount, pull financials from Snowflake, compute risk score, and update the Salesforce opportunity."
inputParameters:
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: loan_amount
in: body
type: number
description: "Requested loan amount."
- name: rm_upn
in: body
type: string
description: "Relationship manager UPN."
steps:
- name: get-financials
type: call
call: snowflake.query-financials
with:
customer_id: "{{customer_id}}"
- name: update-opportunity
type: call
call: sf.update-risk-rating
with:
customer_id: "{{customer_id}}"
risk_score: "{{get-financials.risk_score}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Credit assessment: {{customer_id}} — Risk score: {{get-financials.risk_score}} | Loan: ${{loan_amount}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-financials
method: POST
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{customer_id}}"
inputParameters:
- name: customer_id
in: path
operations:
- name: update-risk-rating
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Critical IT Incident Response and Escalation
▼
itsm incident-response datadog servicenow pagerduty microsoft-teams operations
When a critical Datadog alert fires for a banking platform, creates a ServiceNow P1 incident, pages the on-call engineer via PagerDuty, and posts a war-room message to Microsoft Teams.
naftiko: "0.5"
info:
label: "Critical IT Incident Response and Escalation"
description: "When a critical Datadog alert fires for a banking platform, creates a ServiceNow P1 incident, pages the on-call engineer via PagerDuty, and posts a war-room message to Microsoft Teams."
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
- microsoft-teams
- operations
capability:
exposes:
- type: mcp
namespace: incident-ops
port: 8080
tools:
- name: handle-critical-incident
description: "Given a Datadog alert with monitor ID, severity, and affected banking service, create a ServiceNow P1 incident, page PagerDuty on-call, and post a war-room alert to Teams."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that triggered the critical alert."
- name: affected_service
in: body
type: string
description: "The affected banking service name, e.g. 'Online Banking Portal', 'ACH Processing'."
- name: alert_message
in: body
type: string
description: "The Datadog alert message describing the failure condition."
- name: severity
in: body
type: string
description: "Alert severity: 'critical' or 'warning'."
steps:
- name: create-p1-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "P1: {{affected_service}} — {{alert_message}}"
urgency: "1"
impact: "1"
category: "infrastructure"
- name: page-oncall
type: call
call: "pagerduty.create-incident"
with:
title: "CRITICAL: {{affected_service}} — {{alert_message}}"
service_id: "$secrets.pagerduty_banking_service_id"
severity: "critical"
body: "Monitor: {{monitor_id}} | SNOW: {{create-p1-incident.number}}"
- name: open-war-room
type: call
call: "msteams.post-channel-message"
with:
channel: "incident-war-room"
message: "P1 INCIDENT: {{affected_service}} | {{alert_message}} | SNOW: {{create-p1-incident.number}} | PD: {{page-oncall.id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Customer Complaint Escalation Handler
▼
banking customer-service salesforce servicenow compliance
When a complaint is received, creates a Salesforce case, opens a ServiceNow investigation task, and notifies the compliance officer via Teams.
naftiko: "0.5"
info:
label: "Customer Complaint Escalation Handler"
description: "When a complaint is received, creates a Salesforce case, opens a ServiceNow investigation task, and notifies the compliance officer via Teams."
tags:
- banking
- customer-service
- salesforce
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: complaints-ops
port: 8080
tools:
- name: escalate-complaint
description: "Given complaint details, create a Salesforce case, open a ServiceNow task, and alert compliance via Teams."
inputParameters:
- name: customer_name
in: body
type: string
description: "Complainant name."
- name: account_number
in: body
type: string
description: "Account or policy number."
- name: complaint_category
in: body
type: string
description: "Complaint category."
- name: compliance_upn
in: body
type: string
description: "UPN of compliance officer."
steps:
- name: create-case
type: call
call: sf.create-case
with:
Subject: "Complaint — {{account_number}} — {{complaint_category}}"
Description: "Customer: {{customer_name}} | Category: {{complaint_category}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "Complaint: {{account_number}}"
description: "SF Case: {{create-case.case_number}} | {{complaint_category}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Complaint escalation: {{customer_name}} — {{complaint_category}}. SF: {{create-case.case_number}} | SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sn_si_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Data Privacy Subject Access Request Handler
▼
banking compliance data-privacy salesforce snowflake servicenow
Processes a data subject access request by searching Salesforce and Snowflake for personal data, compiling results, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Data Privacy Subject Access Request Handler"
description: "Processes a data subject access request by searching Salesforce and Snowflake for personal data, compiling results, and logging in ServiceNow."
tags:
- banking
- compliance
- data-privacy
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: privacy-ops
port: 8080
tools:
- name: process-dsar
description: "Given a data subject email, search for personal data across Salesforce and Snowflake, log the DSAR in ServiceNow, and notify the privacy officer via Teams."
inputParameters:
- name: subject_email
in: body
type: string
description: "Data subject email."
- name: request_type
in: body
type: string
description: "DSAR type: access, deletion."
- name: privacy_officer_upn
in: body
type: string
description: "UPN of privacy officer."
steps:
- name: search-sf
type: call
call: sf.search-person
with:
email: "{{subject_email}}"
- name: search-snowflake
type: call
call: snowflake.search-pii
with:
email: "{{subject_email}}"
- name: log-dsar
type: call
call: snow.create-dsar
with:
short_description: "DSAR: {{request_type}} — {{subject_email}}"
description: "SF: {{search-sf.record_count}} | Snowflake: {{search-snowflake.record_count}}"
- name: notify-officer
type: call
call: msteams.send-message
with:
recipient_upn: "{{privacy_officer_upn}}"
text: "DSAR: {{request_type}} for {{subject_email}}. SF: {{search-sf.record_count}}, SF: {{search-snowflake.record_count}}. SNOW: {{log-dsar.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: search
path: "/parameterizedSearch/?q={{email}}"
inputParameters:
- name: email
in: query
operations:
- name: search-person
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: search-pii
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: dsar
path: "/table/u_dsar_request"
operations:
- name: create-dsar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Datadog Platform SLO Digest
▼
observability monitoring datadog slo microsoft-teams reporting
Queries Datadog for SLO compliance across Bank of America's critical banking platforms and posts a daily availability digest to the Engineering Operations Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Datadog Platform SLO Digest"
description: "Queries Datadog for SLO compliance across Bank of America's critical banking platforms and posts a daily availability digest to the Engineering Operations Microsoft Teams channel."
tags:
- observability
- monitoring
- datadog
- slo
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: observability-reporting
port: 8080
tools:
- name: digest-platform-slos
description: "Query Datadog for SLO compliance metrics for the specified environment and time window, then post a structured report to the Engineering Ops Teams channel."
inputParameters:
- name: environment
in: body
type: string
description: "Target environment to report on: 'production', 'staging', or 'dr'."
- name: time_window_hours
in: body
type: integer
description: "Look-back window in hours for SLO metrics. Typically 24."
steps:
- name: get-slos
type: call
call: "datadog.list-slos"
with:
tags: "env:{{environment}}"
limit: "100"
- name: post-digest
type: call
call: "msteams.post-channel-message"
with:
channel: "engineering-ops"
message: "Daily SLO Report ({{environment}}, last {{time_window_hours}}h): {{get-slos.passing}} passing, {{get-slos.failing}} failing. Overall compliance: {{get-slos.compliance_pct}}%"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slos
path: "/slo"
operations:
- name: list-slos
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Datadog Service Health Check
▼
banking it-operations datadog monitoring lookup
Queries Datadog for the current health status of a specified service, returning uptime percentage and error rate.
naftiko: "0.5"
info:
label: "Datadog Service Health Check"
description: "Queries Datadog for the current health status of a specified service, returning uptime percentage and error rate."
tags:
- banking
- it-operations
- datadog
- monitoring
- lookup
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: "Given a Datadog service name, return the current uptime percentage, error rate, and active monitor count."
inputParameters:
- name: service_name
in: body
type: string
description: "Datadog service name."
call: datadog.get-slo
with:
service: "{{service_name}}"
outputParameters:
- name: uptime_pct
type: number
mapping: "$.data[0].overall.sli_value"
- name: error_rate
type: number
mapping: "$.data[0].overall.error_budget_remaining"
consumes:
- namespace: datadog
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: observability
path: "/{{id}}"
operations:
- name: get-slo
method: GET
Datadog SLO Breach Incident Handler
▼
banking sre datadog servicenow pagerduty
When a Datadog SLO breach is detected, creates a ServiceNow incident, pages on-call via PagerDuty, and posts to the reliability channel.
naftiko: "0.5"
info:
label: "Datadog SLO Breach Incident Handler"
description: "When a Datadog SLO breach is detected, creates a ServiceNow incident, pages on-call via PagerDuty, and posts to the reliability channel."
tags:
- banking
- sre
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: sre-ops
port: 8080
tools:
- name: handle-slo-breach
description: "Given an SLO name and current SLI value, create a ServiceNow incident, trigger a PagerDuty alert, and notify the SRE channel in Teams."
inputParameters:
- name: slo_name
in: body
type: string
description: "SLO name."
- name: sli_value
in: body
type: number
description: "Current SLI value."
- name: service_name
in: body
type: string
description: "Affected service."
- name: sre_channel_id
in: body
type: string
description: "SRE Teams channel."
steps:
- name: create-incident
type: call
call: snow.create-incident
with:
short_description: "SLO breach: {{slo_name}} — {{service_name}}"
description: "SLI: {{sli_value}}%"
priority: "2"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: "sre-team"
title: "SLO breach: {{slo_name}} ({{sli_value}}%)"
- name: notify-channel
type: call
call: msteams.post-channel
with:
channel_id: "{{sre_channel_id}}"
text: "SLO Breach: {{slo_name}} — {{service_name}} at {{sli_value}}%. SNOW: {{create-incident.number}}"
consumes:
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
DocuSign Envelope Tracking Lookup
▼
banking legal docusign document-management lookup
Retrieves the status of a DocuSign envelope by ID, returning signing status and sent date.
naftiko: "0.5"
info:
label: "DocuSign Envelope Tracking Lookup"
description: "Retrieves the status of a DocuSign envelope by ID, returning signing status and sent date."
tags:
- banking
- legal
- docusign
- document-management
- lookup
capability:
exposes:
- type: mcp
namespace: doc-ops
port: 8080
tools:
- name: get-envelope-status
description: "Given a DocuSign envelope ID, return the status, sent date, and recipient count."
inputParameters:
- name: envelope_id
in: body
type: string
description: "DocuSign envelope ID."
call: docusign.get-envelope
with:
envelopeId: "{{envelope_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: sent_date
type: string
mapping: "$.sentDateTime"
consumes:
- namespace: docusign
type: http
baseUri: "https://na4.docusign.net/restapi/v2.1"
authentication:
type: bearer
token: "$secrets.docusign_token"
resources:
- name: doc-ops
path: "/{{id}}"
operations:
- name: get-envelope
method: GET
Dynatrace Application Metrics Lookup
▼
banking it-operations dynatrace monitoring lookup
Queries Dynatrace for the response time and failure rate of a specified application.
naftiko: "0.5"
info:
label: "Dynatrace Application Metrics Lookup"
description: "Queries Dynatrace for the response time and failure rate of a specified application."
tags:
- banking
- it-operations
- dynatrace
- monitoring
- lookup
capability:
exposes:
- type: mcp
namespace: apm-ops
port: 8080
tools:
- name: get-app-metrics
description: "Given a Dynatrace entity ID, return the median response time and failure rate."
inputParameters:
- name: entity_id
in: body
type: string
description: "Dynatrace application entity ID."
call: dynatrace.get-metrics
with:
entityId: "{{entity_id}}"
outputParameters:
- name: response_time_ms
type: number
mapping: "$.result[0].data[0].values.median"
- name: failure_rate
type: number
mapping: "$.result[1].data[0].values.avg"
consumes:
- namespace: dynatrace
type: http
baseUri: "https://bofa.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: apm-ops
path: "/{{id}}"
operations:
- name: get-metrics
method: GET
Employee Offboarding and Access Revocation
▼
hr offboarding workday okta servicenow microsoft-graph access-revocation
When an employee termination is recorded in Workday, disables their Microsoft 365 account, revokes Okta sessions, and opens a ServiceNow offboarding checklist ticket to track hardware recovery.
naftiko: "0.5"
info:
label: "Employee Offboarding and Access Revocation"
description: "When an employee termination is recorded in Workday, disables their Microsoft 365 account, revokes Okta sessions, and opens a ServiceNow offboarding checklist ticket to track hardware recovery."
tags:
- hr
- offboarding
- workday
- okta
- servicenow
- microsoft-graph
- access-revocation
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-employee-offboarding
description: "Given a Workday employee ID and termination date, disable the Microsoft 365 account, revoke all Okta sessions, and open a ServiceNow offboarding ticket."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the departing employee."
- name: termination_date
in: body
type: string
description: "The employee's last working day in ISO 8601 format (YYYY-MM-DD)."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: disable-m365
type: call
call: "msgraph.disable-user"
with:
user_id: "{{get-worker.work_email}}"
- name: revoke-okta
type: call
call: "okta.revoke-user-sessions"
with:
user_login: "{{get-worker.work_email}}"
- name: create-offboarding-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Offboarding: {{get-worker.full_name}} — last day {{termination_date}}"
category: "hr_offboarding"
assignment_group: "IT_Asset_Recovery"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bankofamerica/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_id}}"
inputParameters:
- name: user_id
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: okta
baseUri: "https://bankofamerica.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: user-sessions
path: "/users/{{user_login}}/sessions"
inputParameters:
- name: user_login
in: path
operations:
- name: revoke-user-sessions
method: DELETE
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Employee Termination Access Revocation
▼
banking hr security workday okta servicenow
When an employee termination is processed in Workday, disables their Okta account, revokes ServiceNow access, and notifies the HR business partner via Teams.
naftiko: "0.5"
info:
label: "Employee Termination Access Revocation"
description: "When an employee termination is processed in Workday, disables their Okta account, revokes ServiceNow access, and notifies the HR business partner via Teams."
tags:
- banking
- hr
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-security
port: 8080
tools:
- name: revoke-terminated-access
description: "Given a Workday employee ID and termination date, disable the Okta account, close open ServiceNow tickets, and notify the HRBP via Teams."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: termination_date
in: body
type: string
description: "Termination date."
- name: hrbp_upn
in: body
type: string
description: "UPN of the HRBP."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
employee_id: "{{employee_id}}"
- name: disable-okta
type: call
call: okta.deactivate-user
with:
login: "{{get-employee.email}}"
- name: notify-hrbp
type: call
call: msteams.send-message
with:
recipient_upn: "{{hrbp_upn}}"
text: "Access revoked for {{get-employee.full_name}} ({{employee_id}}) effective {{termination_date}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: workers
path: "/workers/{{employee_id}}"
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://bofa.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{login}}/lifecycle/deactivate"
inputParameters:
- name: login
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Executive KPI Dashboard Digest
▼
banking reporting analytics snowflake power-bi
Compiles an executive KPI digest by pulling metrics from Snowflake, refreshing Power BI, and emailing the C-suite.
naftiko: "0.5"
info:
label: "Executive KPI Dashboard Digest"
description: "Compiles an executive KPI digest by pulling metrics from Snowflake, refreshing Power BI, and emailing the C-suite."
tags:
- banking
- reporting
- analytics
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: exec-reporting
port: 8080
tools:
- name: generate-kpi-digest
description: "Given a reporting period, pull KPIs from Snowflake, refresh the Power BI executive dashboard, and email the digest."
inputParameters:
- name: period
in: body
type: string
description: "Reporting period."
- name: exec_dl
in: body
type: string
description: "Executive DL email."
steps:
- name: get-kpis
type: call
call: snowflake.query-kpis
with:
period: "{{period}}"
- name: refresh-pbi
type: call
call: powerbi.trigger-refresh
with:
datasetId: "executive-dashboard"
- name: send-digest
type: call
call: msgraph.send-mail
with:
to: "{{exec_dl}}"
subject: "Executive KPI Digest — {{period}}"
body: "Key metrics refreshed. Dashboard updated."
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-kpis
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@bofa.com/sendMail"
operations:
- name: send-mail
method: POST
GitHub Actions Deployment Failure Handler
▼
devops ci-cd github jira microsoft-teams deployment
When a GitHub Actions deployment workflow fails on the main banking platform branch, creates a Jira incident ticket, and notifies the Engineering leadership team via Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub Actions Deployment Failure Handler"
description: "When a GitHub Actions deployment workflow fails on the main banking platform branch, creates a Jira incident ticket, and notifies the Engineering leadership team via Microsoft Teams."
tags:
- devops
- ci-cd
- github
- jira
- microsoft-teams
- deployment
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-deployment-failure
description: "Given a failed GitHub Actions run ID and repository, retrieve failure details, create a Jira incident, and post an alert to the DevOps Teams channel."
inputParameters:
- name: repo_full_name
in: body
type: string
description: "The GitHub repository full name, e.g. 'bankofamerica/payments-api'."
- name: run_id
in: body
type: integer
description: "The GitHub Actions workflow run ID that failed."
- name: branch
in: body
type: string
description: "The branch that was being deployed, typically 'main'."
steps:
- name: get-run
type: call
call: "github.get-workflow-run"
with:
repo: "{{repo_full_name}}"
run_id: "{{run_id}}"
- name: create-jira-incident
type: call
call: "jira.create-issue"
with:
project_key: "OPS"
issuetype: "Incident"
summary: "Deployment failure: {{repo_full_name}} on {{branch}}"
description: "Run: {{run_id}} | Status: {{get-run.conclusion}} | URL: {{get-run.html_url}}"
- name: alert-teams
type: call
call: "msteams.post-channel-message"
with:
channel: "devops-alerts"
message: "Deployment FAILED: {{repo_full_name}} | Branch: {{branch}} | Jira: {{create-jira-incident.key}} | Run: {{get-run.html_url}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-runs
path: "/repos/{{repo}}/actions/runs/{{run_id}}"
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: "https://bankofamerica.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
GitHub Dependabot Alert Handler
▼
banking security github jira snowflake
When Dependabot alerts are raised, creates Jira tickets for remediation, logs in Snowflake, and alerts the AppSec team via Teams.
naftiko: "0.5"
info:
label: "GitHub Dependabot Alert Handler"
description: "When Dependabot alerts are raised, creates Jira tickets for remediation, logs in Snowflake, and alerts the AppSec team via Teams."
tags:
- banking
- security
- github
- jira
- snowflake
capability:
exposes:
- type: mcp
namespace: appsec-ops
port: 8080
tools:
- name: handle-dependabot-alert
description: "Given a repo and alert severity, create a Jira ticket, log the vulnerability in Snowflake, and notify AppSec in Teams."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository."
- name: cve_id
in: body
type: string
description: "CVE identifier."
- name: severity
in: body
type: string
description: "Alert severity."
- name: appsec_upn
in: body
type: string
description: "UPN of AppSec lead."
steps:
- name: create-jira
type: call
call: jira.create-issue
with:
project: "APPSEC"
summary: "Dependabot: {{cve_id}} in {{repo_name}}"
description: "Severity: {{severity}} | Repo: {{repo_name}}"
- name: log-vuln
type: call
call: snowflake.insert-vuln
with:
repo: "{{repo_name}}"
cve: "{{cve_id}}"
severity: "{{severity}}"
- name: notify-appsec
type: call
call: msteams.send-message
with:
recipient_upn: "{{appsec_upn}}"
text: "Dependabot: {{cve_id}} ({{severity}}) in {{repo_name}}. Jira: {{create-jira.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bofa.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-vuln
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
GitHub Pull Request Security Review Gate
▼
devops security github jira ci-cd compliance
On a pull request opened against a protected branch in a banking platform repository, posts a security checklist comment on GitHub and creates a Jira security review ticket.
naftiko: "0.5"
info:
label: "GitHub Pull Request Security Review Gate"
description: "On a pull request opened against a protected branch in a banking platform repository, posts a security checklist comment on GitHub and creates a Jira security review ticket."
tags:
- devops
- security
- github
- jira
- ci-cd
- compliance
capability:
exposes:
- type: mcp
namespace: pr-security
port: 8080
tools:
- name: handle-pr-security-gate
description: "Given a GitHub repository, PR number, and commit SHA, post a security review checklist comment on the PR and open a Jira security ticket for mandatory review before merge."
inputParameters:
- name: repo_full_name
in: body
type: string
description: "GitHub repository full name, e.g. 'bankofamerica/payments-gateway'."
- name: pr_number
in: body
type: integer
description: "The pull request number to gate."
- name: commit_sha
in: body
type: string
description: "Head commit SHA for the pull request."
steps:
- name: get-pr
type: call
call: "github.get-pull-request"
with:
repo: "{{repo_full_name}}"
pull_number: "{{pr_number}}"
- name: post-checklist-comment
type: call
call: "github.create-pr-comment"
with:
repo: "{{repo_full_name}}"
pull_number: "{{pr_number}}"
body: "Security review initiated for commit {{commit_sha}}. A Jira ticket has been created for mandatory security sign-off."
- name: create-security-ticket
type: call
call: "jira.create-issue"
with:
project_key: "SEC"
issuetype: "Task"
summary: "Security review: {{repo_full_name}} PR #{{pr_number}}"
description: "Commit: {{commit_sha}} | PR: {{get-pr.html_url}} | Author: {{get-pr.user_login}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pull-requests
path: "/repos/{{repo}}/pulls/{{pull_number}}"
inputParameters:
- name: repo
in: path
- name: pull_number
in: path
operations:
- name: get-pull-request
method: GET
- name: pr-comments
path: "/repos/{{repo}}/issues/{{pull_number}}/comments"
inputParameters:
- name: repo
in: path
- name: pull_number
in: path
operations:
- name: create-pr-comment
method: POST
- type: http
namespace: jira
baseUri: "https://bankofamerica.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
GitHub Repository Status Check
▼
banking engineering github devops lookup
Fetches a GitHub repository by name and returns the default branch, open issue count, and last push timestamp.
naftiko: "0.5"
info:
label: "GitHub Repository Status Check"
description: "Fetches a GitHub repository by name and returns the default branch, open issue count, and last push timestamp."
tags:
- banking
- engineering
- github
- devops
- lookup
capability:
exposes:
- type: mcp
namespace: dev-ops
port: 8080
tools:
- name: get-repo-status
description: "Given a GitHub repository full name, return the default branch and last push timestamp."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository full name."
call: github.get-repo
with:
repo: "{{repo_name}}"
outputParameters:
- name: default_branch
type: string
mapping: "$.default_branch"
- name: last_push
type: string
mapping: "$.pushed_at"
consumes:
- namespace: github
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dev-ops
path: "/{{id}}"
operations:
- name: get-repo
method: GET
Interest Rate Risk Sensitivity Analysis
▼
banking risk-management interest-rate snowflake reporting
Analyzes interest rate risk by pulling balance sheet data from Snowflake, running scenarios, and distributing results via Teams.
naftiko: "0.5"
info:
label: "Interest Rate Risk Sensitivity Analysis"
description: "Analyzes interest rate risk by pulling balance sheet data from Snowflake, running scenarios, and distributing results via Teams."
tags:
- banking
- risk-management
- interest-rate
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: alm-ops
port: 8080
tools:
- name: run-ir-sensitivity
description: "Given a scenario set and report date, pull balance sheet from Snowflake, run rate shock scenarios, and post results."
inputParameters:
- name: scenario_set
in: body
type: string
description: "Scenario set name."
- name: report_date
in: body
type: string
description: "Report date."
- name: alm_channel_id
in: body
type: string
description: "ALM channel."
steps:
- name: get-balances
type: call
call: snowflake.query-balances
with:
date: "{{report_date}}"
- name: run-scenarios
type: call
call: snowflake.run-scenarios
with:
scenario: "{{scenario_set}}"
- name: post-results
type: call
call: msteams.post-channel
with:
channel_id: "{{alm_channel_id}}"
text: "IR Sensitivity: {{scenario_set}} — {{report_date}}. NII impact: ${{run-scenarios.nii_impact}} | EVE impact: ${{run-scenarios.eve_impact}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-balances
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
IT Asset Lifecycle Retirement Workflow
▼
banking it-operations asset-management servicenow okta sap
Manages IT asset retirement by updating the ServiceNow CMDB, revoking Okta access, and logging disposal in SAP fixed assets.
naftiko: "0.5"
info:
label: "IT Asset Lifecycle Retirement Workflow"
description: "Manages IT asset retirement by updating the ServiceNow CMDB, revoking Okta access, and logging disposal in SAP fixed assets."
tags:
- banking
- it-operations
- asset-management
- servicenow
- okta
- sap
capability:
exposes:
- type: mcp
namespace: asset-ops
port: 8080
tools:
- name: retire-it-asset
description: "Given a CI name and asset tag, mark as retired in ServiceNow CMDB, revoke Okta access, create SAP disposal entry, and notify IT manager in Teams."
inputParameters:
- name: ci_name
in: body
type: string
description: "ServiceNow CI name."
- name: asset_tag
in: body
type: string
description: "Asset tag number."
- name: it_manager_upn
in: body
type: string
description: "UPN of IT asset manager."
steps:
- name: retire-cmdb
type: call
call: snow.update-ci-status
with:
ci_name: "{{ci_name}}"
status: "Retired"
- name: revoke-access
type: call
call: okta.remove-app-assignment
with:
app_label: "{{ci_name}}"
- name: log-disposal
type: call
call: sap.create-disposal
with:
asset_number: "{{asset_tag}}"
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient_upn: "{{it_manager_upn}}"
text: "Asset retired: {{ci_name}} ({{asset_tag}}). CMDB updated, access revoked."
consumes:
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{ci_name}}"
inputParameters:
- name: ci_name
in: query
operations:
- name: update-ci-status
method: PATCH
- type: http
namespace: okta
baseUri: "https://bofa.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: apps
path: "/apps?q={{app_label}}"
inputParameters:
- name: app_label
in: query
operations:
- name: remove-app-assignment
method: DELETE
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_FIXEDASSET_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: disposals
path: "/A_FixedAsset"
operations:
- name: create-disposal
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
IT Security Vulnerability Remediation Workflow
▼
banking security vulnerability-management jira servicenow
When a critical vulnerability is discovered, creates a Jira remediation ticket, updates the CMDB in ServiceNow, and alerts the security team via Teams.
naftiko: "0.5"
info:
label: "IT Security Vulnerability Remediation Workflow"
description: "When a critical vulnerability is discovered, creates a Jira remediation ticket, updates the CMDB in ServiceNow, and alerts the security team via Teams."
tags:
- banking
- security
- vulnerability-management
- jira
- servicenow
capability:
exposes:
- type: mcp
namespace: secops
port: 8080
tools:
- name: remediate-vulnerability
description: "Given a CVE ID, severity, and affected system, create a Jira ticket, update the ServiceNow CMDB, and notify SecOps in Teams."
inputParameters:
- name: cve_id
in: body
type: string
description: "CVE identifier."
- name: severity
in: body
type: string
description: "Severity level."
- name: affected_system
in: body
type: string
description: "Affected system name."
- name: secops_upn
in: body
type: string
description: "UPN of SecOps lead."
steps:
- name: create-ticket
type: call
call: jira.create-issue
with:
project: "SECOPS"
summary: "Remediate {{cve_id}} — {{affected_system}}"
description: "Severity: {{severity}} | System: {{affected_system}}"
- name: update-cmdb
type: call
call: snow.update-ci
with:
ci_name: "{{affected_system}}"
vulnerability: "{{cve_id}} — {{severity}}"
- name: notify-secops
type: call
call: msteams.send-message
with:
recipient_upn: "{{secops_upn}}"
text: "Vulnerability: {{cve_id}} ({{severity}}) on {{affected_system}}. Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bofa.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{ci_name}}"
inputParameters:
- name: ci_name
in: query
operations:
- name: update-ci
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Jira Engineering Sprint Velocity Report
▼
devops jira agile reporting microsoft-teams engineering
Retrieves completed sprint metrics from Jira, calculates velocity, and publishes a sprint summary to the Engineering Microsoft Teams channel for agile retrospective.
naftiko: "0.5"
info:
label: "Jira Engineering Sprint Velocity Report"
description: "Retrieves completed sprint metrics from Jira, calculates velocity, and publishes a sprint summary to the Engineering Microsoft Teams channel for agile retrospective."
tags:
- devops
- jira
- agile
- reporting
- microsoft-teams
- engineering
capability:
exposes:
- type: mcp
namespace: agile-reporting
port: 8080
tools:
- name: publish-sprint-report
description: "Given a Jira board ID and sprint ID, retrieve sprint issue data, calculate velocity, and post a formatted sprint summary to the Engineering Teams channel."
inputParameters:
- name: board_id
in: body
type: integer
description: "The Jira software board ID."
- name: sprint_id
in: body
type: integer
description: "The completed sprint ID to report on."
steps:
- name: get-sprint
type: call
call: "jira.get-sprint"
with:
board_id: "{{board_id}}"
sprint_id: "{{sprint_id}}"
- name: get-sprint-issues
type: call
call: "jira.list-sprint-issues"
with:
sprint_id: "{{sprint_id}}"
- name: post-sprint-report
type: call
call: "msteams.post-channel-message"
with:
channel: "engineering-metrics"
message: "Sprint {{get-sprint.name}} complete: {{get-sprint-issues.completed_points}} pts delivered | {{get-sprint-issues.count}} issues closed | Velocity: {{get-sprint-issues.velocity}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bankofamerica.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: sprints
path: "/board/{{board_id}}/sprint/{{sprint_id}}"
inputParameters:
- name: board_id
in: path
- name: sprint_id
in: path
operations:
- name: get-sprint
method: GET
- name: sprint-issues
path: "/sprint/{{sprint_id}}/issue"
inputParameters:
- name: sprint_id
in: path
operations:
- name: list-sprint-issues
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Jira Issue Detail Lookup
▼
banking engineering jira project-management lookup
Fetches a Jira issue by key and returns the summary, status, assignee, and priority.
naftiko: "0.5"
info:
label: "Jira Issue Detail Lookup"
description: "Fetches a Jira issue by key and returns the summary, status, assignee, and priority."
tags:
- banking
- engineering
- jira
- project-management
- lookup
capability:
exposes:
- type: mcp
namespace: eng-ops
port: 8080
tools:
- name: get-jira-issue
description: "Given a Jira issue key, return the issue summary, status, assignee, and priority."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key."
call: jira.get-issue
with:
issueKey: "{{issue_key}}"
outputParameters:
- name: summary
type: string
mapping: "$.fields.summary"
- name: status
type: string
mapping: "$.fields.status.name"
- name: assignee
type: string
mapping: "$.fields.assignee.displayName"
consumes:
- namespace: jira
type: http
baseUri: "https://bofa.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: eng-ops
path: "/{{id}}"
operations:
- name: get-issue
method: GET
KYC Customer Onboarding Handler
▼
banking kyc compliance salesforce snowflake servicenow
Processes KYC onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow.
naftiko: "0.5"
info:
label: "KYC Customer Onboarding Handler"
description: "Processes KYC onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow."
tags:
- banking
- kyc
- compliance
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: kyc-ops
port: 8080
tools:
- name: onboard-customer-kyc
description: "Given customer details, verify in Salesforce, run KYC in Snowflake, create a ServiceNow task, and notify compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: compliance_upn
in: body
type: string
description: "Compliance UPN."
steps:
- name: verify
type: call
call: sf.get-customer
with:
customer_id: "{{customer_id}}"
- name: run-kyc
type: call
call: snowflake.run-kyc
with:
customer: "{{customer_name}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "KYC: {{customer_name}}"
description: "Status: {{run-kyc.status}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "KYC: {{customer_name}} — {{run-kyc.status}}. SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: customers
path: "/sobjects/Account/{{customer_id}}"
operations:
- name: get-customer
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-kyc
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_kyc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
KYC Customer Onboarding Workflow
▼
banking kyc compliance salesforce snowflake servicenow
Processes KYC customer onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow.
naftiko: "0.5"
info:
label: "KYC Customer Onboarding Workflow"
description: "Processes KYC customer onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow."
tags:
- banking
- kyc
- compliance
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: kyc-ops
port: 8080
tools:
- name: onboard-customer-kyc
description: "Given customer details, verify identity in Salesforce, run KYC checks in Snowflake, create onboarding task in ServiceNow, and notify compliance in Teams."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: compliance_upn
in: body
type: string
description: "Compliance officer UPN."
steps:
- name: verify-identity
type: call
call: sf.get-customer
with:
customer_id: "{{customer_id}}"
- name: run-kyc
type: call
call: snowflake.run-kyc-check
with:
customer_name: "{{customer_name}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "KYC Onboarding: {{customer_name}}"
description: "ID: {{customer_id}} | KYC: {{run-kyc.status}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "KYC onboarding: {{customer_name}} — Status: {{run-kyc.status}}. SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: customers
path: "/sobjects/Account/{{customer_id}}"
inputParameters:
- name: customer_id
in: path
operations:
- name: get-customer
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-kyc-check
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_kyc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
LinkedIn Talent Acquisition Campaign Report
▼
hr recruiting linkedin workday microsoft-teams reporting
Fetches LinkedIn Talent Solutions job posting performance metrics and combines them with Workday recruiting pipeline data to produce a weekly talent acquisition digest for the Recruiting Teams channel.
naftiko: "0.5"
info:
label: "LinkedIn Talent Acquisition Campaign Report"
description: "Fetches LinkedIn Talent Solutions job posting performance metrics and combines them with Workday recruiting pipeline data to produce a weekly talent acquisition digest for the Recruiting Teams channel."
tags:
- hr
- recruiting
- linkedin
- workday
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: digest-recruiting-pipeline
description: "Given a LinkedIn organization URN and date range, fetch job posting metrics and merge with Workday open requisition counts, then post a weekly recruiting digest to the Talent Acquisition Teams channel."
inputParameters:
- name: org_urn
in: body
type: string
description: "The LinkedIn organization URN for Bank of America."
- name: start_date
in: body
type: string
description: "Report start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "Report end date in YYYY-MM-DD format."
steps:
- name: get-linkedin-job-metrics
type: call
call: "linkedin.get-job-postings"
with:
organizationalEntity: "{{org_urn}}"
- name: get-workday-requisitions
type: call
call: "workday.list-open-requisitions"
with:
asOfDate: "{{end_date}}"
- name: post-recruiting-digest
type: call
call: "msteams.post-channel-message"
with:
channel: "talent-acquisition"
message: "Recruiting digest ({{start_date}} to {{end_date}}): LinkedIn job views {{get-linkedin-job-metrics.views}}, Applications {{get-linkedin-job-metrics.applications}}, Workday open reqs: {{get-workday-requisitions.count}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-postings
path: "/jobPostings"
operations:
- name: get-job-postings
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: requisitions
path: "/bankofamerica/recruitingJobRequisitions"
operations:
- name: list-open-requisitions
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
LinkedIn Talent Brand Performance Report
▼
banking hr talent-acquisition linkedin workday
Generates a talent brand performance report by pulling LinkedIn analytics, comparing with Workday hiring data, and posting to Teams.
naftiko: "0.5"
info:
label: "LinkedIn Talent Brand Performance Report"
description: "Generates a talent brand performance report by pulling LinkedIn analytics, comparing with Workday hiring data, and posting to Teams."
tags:
- banking
- hr
- talent-acquisition
- linkedin
- workday
capability:
exposes:
- type: mcp
namespace: ta-ops
port: 8080
tools:
- name: generate-talent-report
description: "Given a reporting week, pull LinkedIn employer brand metrics, compare against Workday requisitions, and post a digest to Teams."
inputParameters:
- name: week
in: body
type: string
description: "Reporting week."
- name: region
in: body
type: string
description: "Region."
- name: ta_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-metrics
type: call
call: linkedin.get-brand-metrics
with:
week: "{{week}}"
region: "{{region}}"
- name: get-reqs
type: call
call: workday.get-open-reqs
with:
region: "{{region}}"
- name: post-digest
type: call
call: msteams.post-channel
with:
channel_id: "{{ta_channel_id}}"
text: "Talent Brand: {{week}} ({{region}}). Impressions: {{get-metrics.impressions}} | Open reqs: {{get-reqs.count}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: analytics
path: "/organizationalEntityShareStatistics"
operations:
- name: get-brand-metrics
method: GET
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Recruiting/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: requisitions
path: "/job-requisitions"
operations:
- name: get-open-reqs
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Loan Origination Document Collection
▼
banking lending salesforce servicenow document-management
Collects loan origination documents by tracking submission status in Salesforce, sending reminders via email, and logging progress in ServiceNow.
naftiko: "0.5"
info:
label: "Loan Origination Document Collection"
description: "Collects loan origination documents by tracking submission status in Salesforce, sending reminders via email, and logging progress in ServiceNow."
tags:
- banking
- lending
- salesforce
- servicenow
- document-management
capability:
exposes:
- type: mcp
namespace: lending-ops
port: 8080
tools:
- name: collect-loan-documents
description: "Given a loan application ID, check document status in Salesforce, send reminders for missing docs, and log progress in ServiceNow."
inputParameters:
- name: application_id
in: body
type: string
description: "Loan application ID."
- name: applicant_email
in: body
type: string
description: "Applicant email."
- name: lo_upn
in: body
type: string
description: "Loan officer UPN."
steps:
- name: check-docs
type: call
call: sf.get-doc-status
with:
application_id: "{{application_id}}"
- name: send-reminder
type: call
call: msgraph.send-mail
with:
to: "{{applicant_email}}"
subject: "Documents Needed: Loan Application {{application_id}}"
body: "Missing: {{check-docs.missing_documents}}"
- name: log-progress
type: call
call: snow.update-task
with:
short_description: "Doc collection: {{application_id}}"
description: "Complete: {{check-docs.complete_count}} | Missing: {{check-docs.missing_count}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: applications
path: "/sobjects/Loan_Application__c/{{application_id}}"
inputParameters:
- name: application_id
in: path
operations:
- name: get-doc-status
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@bofa.com/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_loan_task"
operations:
- name: update-task
method: POST
Loan Origination Document Tracker
▼
banking lending salesforce servicenow document-management
Tracks loan document collection by checking Salesforce, sending reminders, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Loan Origination Document Tracker"
description: "Tracks loan document collection by checking Salesforce, sending reminders, and logging in ServiceNow."
tags:
- banking
- lending
- salesforce
- servicenow
- document-management
capability:
exposes:
- type: mcp
namespace: lending-ops
port: 8080
tools:
- name: track-loan-documents
description: "Given a loan application ID, check document status, send reminders, and log progress."
inputParameters:
- name: application_id
in: body
type: string
description: "Application ID."
- name: applicant_email
in: body
type: string
description: "Applicant email."
- name: lo_upn
in: body
type: string
description: "Loan officer UPN."
steps:
- name: check-docs
type: call
call: sf.get-doc-status
with:
application_id: "{{application_id}}"
- name: send-reminder
type: call
call: msgraph.send-mail
with:
to: "{{applicant_email}}"
subject: "Documents Needed: {{application_id}}"
body: "Missing: {{check-docs.missing_documents}}"
- name: log-progress
type: call
call: snow.update-task
with:
short_description: "Docs: {{application_id}}"
description: "Complete: {{check-docs.complete_count}}"
consumes:
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: applications
path: "/sobjects/Loan_Application__c/{{application_id}}"
operations:
- name: get-doc-status
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@bofa.com/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_loan_task"
operations:
- name: update-task
method: POST
Market Risk Daily VaR Report
▼
banking market-risk trading snowflake reporting
Generates a daily Value-at-Risk report by pulling positions from Snowflake, computing VaR, and distributing to risk management via Teams.
naftiko: "0.5"
info:
label: "Market Risk Daily VaR Report"
description: "Generates a daily Value-at-Risk report by pulling positions from Snowflake, computing VaR, and distributing to risk management via Teams."
tags:
- banking
- market-risk
- trading
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: risk-ops
port: 8080
tools:
- name: generate-var-report
description: "Given a trading desk and report date, pull positions from Snowflake, compute VaR metrics, and post to the risk channel."
inputParameters:
- name: trading_desk
in: body
type: string
description: "Trading desk name."
- name: report_date
in: body
type: string
description: "Report date."
- name: risk_channel_id
in: body
type: string
description: "Risk Teams channel."
steps:
- name: get-positions
type: call
call: snowflake.query-positions
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: compute-var
type: call
call: snowflake.compute-var
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{risk_channel_id}}"
text: "Daily VaR: {{trading_desk}} — {{report_date}}. VaR(95): ${{compute-var.var_95}} | VaR(99): ${{compute-var.var_99}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-positions
method: POST
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: compute-var
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Market Risk Daily VaR Reporter
▼
banking market-risk trading snowflake reporting
Generates a daily VaR report by pulling positions from Snowflake, computing VaR, and posting to Teams.
naftiko: "0.5"
info:
label: "Market Risk Daily VaR Reporter"
description: "Generates a daily VaR report by pulling positions from Snowflake, computing VaR, and posting to Teams."
tags:
- banking
- market-risk
- trading
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: risk-ops
port: 8080
tools:
- name: generate-var-report
description: "Given a trading desk and date, pull positions, compute VaR, and post to the risk channel."
inputParameters:
- name: trading_desk
in: body
type: string
description: "Trading desk."
- name: report_date
in: body
type: string
description: "Report date."
- name: risk_channel_id
in: body
type: string
description: "Risk channel."
steps:
- name: get-positions
type: call
call: snowflake.query-positions
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: compute-var
type: call
call: snowflake.compute-var
with:
desk: "{{trading_desk}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{risk_channel_id}}"
text: "VaR: {{trading_desk}} — {{report_date}}. VaR(95): ${{compute-var.var_95}} | VaR(99): ${{compute-var.var_99}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-positions
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
New Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow microsoft-graph microsoft-teams
When a new hire is created in Workday, provisions an Active Directory account via Microsoft Graph, opens a ServiceNow IT onboarding ticket, and sends a Microsoft Teams welcome message to the new employee.
naftiko: "0.5"
info:
label: "New Employee Onboarding Orchestrator"
description: "When a new hire is created in Workday, provisions an Active Directory account via Microsoft Graph, opens a ServiceNow IT onboarding ticket, and sends a Microsoft Teams welcome message to the new employee."
tags:
- hr
- onboarding
- workday
- servicenow
- microsoft-graph
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-employee-onboarding
description: "Given a Workday employee ID and start date, provision an Active Directory account via Microsoft Graph, open a ServiceNow IT onboarding ticket, and send a Teams welcome message to the new hire."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire. Format: WID-XXXXXXXX."
- name: start_date
in: body
type: string
description: "The employee's first day in ISO 8601 format (YYYY-MM-DD)."
- name: business_line
in: body
type: string
description: "The Bank of America business line the employee is joining, e.g. 'Global Markets', 'Consumer Banking'."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: provision-ad
type: call
call: "msgraph.create-user"
with:
displayName: "{{get-worker.full_name}}"
userPrincipalName: "{{get-worker.work_email}}"
department: "{{business_line}}"
- name: create-it-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "IT Onboarding: {{get-worker.full_name}} — starts {{start_date}}"
category: "hr_onboarding"
assignment_group: "IT_Onboarding"
- name: send-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-worker.work_email}}"
message: "Welcome to Bank of America, {{get-worker.first_name}}! Your IT setup ticket is {{create-it-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bankofamerica/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Okta Access Certification Workflow
▼
identity security okta microsoft-teams access-review compliance
Retrieves all Okta application assignments for a given user and posts a formatted access summary to the Cybersecurity Teams channel for quarterly access certification review.
naftiko: "0.5"
info:
label: "Okta Access Certification Workflow"
description: "Retrieves all Okta application assignments for a given user and posts a formatted access summary to the Cybersecurity Teams channel for quarterly access certification review."
tags:
- identity
- security
- okta
- microsoft-teams
- access-review
- compliance
capability:
exposes:
- type: mcp
namespace: access-certification
port: 8080
tools:
- name: certify-user-access
description: "Given an Okta user login, retrieve all application assignments and group memberships, and post a structured access report to the Cybersecurity Teams channel for certification."
inputParameters:
- name: user_login
in: body
type: string
description: "The Okta user login (email) to certify access for."
steps:
- name: get-user-apps
type: call
call: "okta.list-user-apps"
with:
user_login: "{{user_login}}"
- name: get-user-groups
type: call
call: "okta.list-user-groups"
with:
user_login: "{{user_login}}"
- name: post-cert-report
type: call
call: "msteams.post-channel-message"
with:
channel: "cybersecurity-access-certs"
message: "Access cert for {{user_login}}: {{get-user-apps.count}} apps | {{get-user-groups.count}} groups | Apps: {{get-user-apps.names}}"
consumes:
- type: http
namespace: okta
baseUri: "https://bankofamerica.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: user-apps
path: "/users/{{user_login}}/appLinks"
inputParameters:
- name: user_login
in: path
operations:
- name: list-user-apps
method: GET
- name: user-groups
path: "/users/{{user_login}}/groups"
inputParameters:
- name: user_login
in: path
operations:
- name: list-user-groups
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Okta MFA Enrollment Compliance Audit
▼
banking security okta mfa servicenow compliance
Audits MFA enrollment by querying Okta for unenrolled users, creating compliance tasks in ServiceNow, and notifying IT security via Teams.
naftiko: "0.5"
info:
label: "Okta MFA Enrollment Compliance Audit"
description: "Audits MFA enrollment by querying Okta for unenrolled users, creating compliance tasks in ServiceNow, and notifying IT security via Teams."
tags:
- banking
- security
- okta
- mfa
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: mfa-ops
port: 8080
tools:
- name: audit-mfa-compliance
description: "Query Okta for users without MFA, create a compliance task in ServiceNow, and notify IT security in Teams."
inputParameters:
- name: department
in: body
type: string
description: "Department to audit."
- name: security_lead_upn
in: body
type: string
description: "UPN of security lead."
steps:
- name: get-unenrolled
type: call
call: okta.list-unenrolled
with:
department: "{{department}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "MFA non-compliance: {{department}}"
description: "Unenrolled: {{get-unenrolled.count}}"
- name: notify-lead
type: call
call: msteams.send-message
with:
recipient_upn: "{{security_lead_upn}}"
text: "MFA audit: {{department}} — {{get-unenrolled.count}} unenrolled. Task: {{create-task.number}}"
consumes:
- type: http
namespace: okta
baseUri: "https://bofa.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users?filter=profile.department eq \"{{department}}\""
inputParameters:
- name: department
in: query
operations:
- name: list-unenrolled
method: GET
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_compliance_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Okta User Account Status Lookup
▼
banking security okta identity lookup
Looks up an Okta user by email and returns the account status, last login timestamp, and MFA enrollment state.
naftiko: "0.5"
info:
label: "Okta User Account Status Lookup"
description: "Looks up an Okta user by email and returns the account status, last login timestamp, and MFA enrollment state."
tags:
- banking
- security
- okta
- identity
- lookup
capability:
exposes:
- type: mcp
namespace: identity-ops
port: 8080
tools:
- name: get-user-status
description: "Given a user email, return the Okta account status, last login, and MFA enrollment status."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address."
call: okta.get-user
with:
login: "{{user_email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: last_login
type: string
mapping: "$.lastLogin"
consumes:
- namespace: okta
type: http
baseUri: "https://bofa.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: identity-ops
path: "/{{id}}"
operations:
- name: get-user
method: GET
PagerDuty On-Call Engineer Lookup
▼
itsm pagerduty on-call incident-response lookup
Retrieves the current on-call engineer for a given PagerDuty escalation policy to support incident routing and stakeholder communication.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Engineer Lookup"
description: "Retrieves the current on-call engineer for a given PagerDuty escalation policy to support incident routing and stakeholder communication."
tags:
- itsm
- pagerduty
- on-call
- incident-response
- lookup
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-current-oncall
description: "Given a PagerDuty escalation policy ID, return the name and email of the currently on-call engineer. Use when routing critical banking platform incidents."
inputParameters:
- name: escalation_policy_id
in: body
type: string
description: "The PagerDuty escalation policy ID for the relevant banking system team."
call: "pagerduty.get-oncall"
with:
escalation_policy_id: "{{escalation_policy_id}}"
outputParameters:
- name: oncall_name
type: string
mapping: "$.oncalls[0].user.summary"
- name: oncall_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
PagerDuty On-Call Schedule Lookup
▼
banking it-operations pagerduty incident-management lookup
Retrieves the current on-call engineer for a PagerDuty schedule.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Lookup"
description: "Retrieves the current on-call engineer for a PagerDuty schedule."
tags:
- banking
- it-operations
- pagerduty
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: incident-ops
port: 8080
tools:
- name: get-on-call
description: "Given a PagerDuty schedule ID, return the currently on-call user name and email."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID."
call: pagerduty.get-oncall
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user_name
type: string
mapping: "$.oncalls[0].user.name"
- name: user_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- namespace: pagerduty
type: http
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incident-ops
path: "/{{id}}"
operations:
- name: get-oncall
method: GET
Payroll Headcount and Cost Center Report
▼
hr finance payroll headcount adp sharepoint microsoft-teams
Exports current headcount and salary band data from ADP by cost center, posts the report to SharePoint, and sends a summary digest to the HR Finance Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Payroll Headcount and Cost Center Report"
description: "Exports current headcount and salary band data from ADP by cost center, posts the report to SharePoint, and sends a summary digest to the HR Finance Microsoft Teams channel."
tags:
- hr
- finance
- payroll
- headcount
- adp
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-finance
port: 8080
tools:
- name: get-payroll-headcount-snapshot
description: "Export headcount and cost center data from ADP for a given report month, upload the report to SharePoint, and post a summary to the HR Finance Teams channel."
inputParameters:
- name: report_month
in: body
type: string
description: "The month to report on in YYYY-MM format, e.g. '2026-03'."
- name: division
in: body
type: string
description: "Bank of America division to filter by, e.g. 'Global Banking', 'Merrill Lynch'."
steps:
- name: export-headcount
type: call
call: "adp.export-workers"
with:
asOfDate: "{{report_month}}"
division: "{{division}}"
- name: upload-report
type: call
call: "sharepoint.upload-file"
with:
site_id: "hr-finance"
folder: "Headcount/{{report_month}}"
filename: "headcount-{{division}}-{{report_month}}.csv"
content: "{{export-headcount.csv_data}}"
- name: post-digest
type: call
call: "msteams.post-channel-message"
with:
channel: "hr-finance-reporting"
message: "Headcount snapshot for {{division}} ({{report_month}}): {{export-headcount.total_count}} employees. Report uploaded to SharePoint."
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: workers-export
path: "/hr/v2/workers/export"
operations:
- name: export-workers
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/sites/{{site_id}}/drive/root:/{{folder}}/{{filename}}:/content"
inputParameters:
- name: site_id
in: path
- name: folder
in: path
- name: filename
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Power BI Dataset Refresh Status Check
▼
banking analytics power-bi reporting lookup
Checks the refresh status of a Power BI dataset and returns the last refresh time and status.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Status Check"
description: "Checks the refresh status of a Power BI dataset and returns the last refresh time and status."
tags:
- banking
- analytics
- power-bi
- reporting
- lookup
capability:
exposes:
- type: mcp
namespace: bi-ops
port: 8080
tools:
- name: get-dataset-refresh
description: "Given a Power BI dataset ID, return the last refresh timestamp and status."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset GUID."
call: pbi.get-refresh
with:
datasetId: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].status"
- name: end_time
type: string
mapping: "$.value[0].endTime"
consumes:
- namespace: pbi
type: http
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: bi-ops
path: "/{{id}}"
operations:
- name: get-refresh
method: GET
Power BI Executive Dashboard Refresh
▼
analytics power-bi microsoft-teams reporting finance
Triggers a Power BI dataset refresh for the Bank of America executive financial dashboard and posts status to the Finance Reporting Teams channel.
naftiko: "0.5"
info:
label: "Power BI Executive Dashboard Refresh"
description: "Triggers a Power BI dataset refresh for the Bank of America executive financial dashboard and posts status to the Finance Reporting Teams channel."
tags:
- analytics
- power-bi
- microsoft-teams
- reporting
- finance
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: trigger-executive-dashboard-refresh
description: "Given a Power BI workspace ID and dataset ID, trigger a dataset refresh and notify the Finance Reporting Teams channel with the status and completion time."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Power BI workspace ID containing the dataset."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID to refresh."
steps:
- name: trigger-refresh
type: call
call: "powerbi.trigger-refresh"
with:
workspace_id: "{{workspace_id}}"
dataset_id: "{{dataset_id}}"
- name: notify-finance
type: call
call: "msteams.post-channel-message"
with:
channel: "finance-reporting"
message: "Power BI refresh triggered for dataset {{dataset_id}}. Status: {{trigger-refresh.status}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refreshes
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Quarterly Financial Report Generator
▼
banking finance analytics snowflake power-bi reporting
Generates a quarterly financial report by querying Snowflake for KPIs, refreshing Power BI dashboards, and distributing via email to the executive team.
naftiko: "0.5"
info:
label: "Quarterly Financial Report Generator"
description: "Generates a quarterly financial report by querying Snowflake for KPIs, refreshing Power BI dashboards, and distributing via email to the executive team."
tags:
- banking
- finance
- analytics
- snowflake
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: finance-reporting
port: 8080
tools:
- name: generate-financial-report
description: "Given a reporting quarter, query Snowflake for financial KPIs, trigger a Power BI refresh, and email the report link to executives."
inputParameters:
- name: quarter
in: body
type: string
description: "Reporting quarter."
- name: exec_dl
in: body
type: string
description: "Executive distribution list email."
steps:
- name: query-kpis
type: call
call: snowflake.run-query
with:
query: "SELECT * FROM financial_kpis WHERE quarter='{{quarter}}'"
- name: refresh-pbi
type: call
call: powerbi.trigger-refresh
with:
datasetId: "financial-dashboard"
- name: send-report
type: call
call: msgraph.send-mail
with:
to: "{{exec_dl}}"
subject: "Financial Report — {{quarter}}"
body: "Revenue: {{query-kpis.revenue}} | Expenses: {{query-kpis.expenses}}. Dashboard refreshed."
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@bofa.com/sendMail"
operations:
- name: send-mail
method: POST
Refinitiv FX Rate Lookup
▼
banking refinitiv foreign-exchange trading lookup
Retrieves the current foreign exchange rate from Refinitiv for a specified currency pair.
naftiko: "0.5"
info:
label: "Refinitiv FX Rate Lookup"
description: "Retrieves the current foreign exchange rate from Refinitiv for a specified currency pair."
tags:
- banking
- refinitiv
- foreign-exchange
- trading
- lookup
capability:
exposes:
- type: mcp
namespace: fx-ops
port: 8080
tools:
- name: get-fx-rate
description: "Given a currency pair, return the current bid, ask, and mid rates."
inputParameters:
- name: currency_pair
in: body
type: string
description: "Currency pair, e.g. EURUSD."
call: refinitiv.get-fx-rate
with:
pair: "{{currency_pair}}"
outputParameters:
- name: bid
type: number
mapping: "$.data[0].bid"
- name: ask
type: number
mapping: "$.data[0].ask"
- name: mid
type: number
mapping: "$.data[0].mid"
consumes:
- namespace: refinitiv
type: http
baseUri: "https://api.refinitiv.com/data/pricing/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: quotes
path: "/quotes/{{pair}}"
operations:
- name: get-fx-rate
method: GET
Regulatory Capital Adequacy Check
▼
banking regulatory capital snowflake sap compliance
Checks regulatory capital adequacy by pulling risk-weighted assets from Snowflake, comparing against SAP capital accounts, and reporting to compliance.
naftiko: "0.5"
info:
label: "Regulatory Capital Adequacy Check"
description: "Checks regulatory capital adequacy by pulling risk-weighted assets from Snowflake, comparing against SAP capital accounts, and reporting to compliance."
tags:
- banking
- regulatory
- capital
- snowflake
- sap
- compliance
capability:
exposes:
- type: mcp
namespace: capital-ops
port: 8080
tools:
- name: check-capital-adequacy
description: "Given a reporting date, pull RWA from Snowflake, compare with SAP capital, and notify the compliance team in Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: compliance_channel_id
in: body
type: string
description: "Compliance Teams channel."
steps:
- name: get-rwa
type: call
call: snowflake.query-rwa
with:
date: "{{report_date}}"
- name: get-capital
type: call
call: sap-fi.get-capital-accounts
with:
date: "{{report_date}}"
- name: notify-compliance
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Capital adequacy: RWA: ${{get-rwa.total}} | Capital: ${{get-capital.total}} | Ratio: {{get-capital.ratio}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-rwa
method: POST
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: capital
path: "/A_JournalEntry?$filter=PostingDate eq '{{date}}'"
inputParameters:
- name: date
in: query
operations:
- name: get-capital-accounts
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Regulatory Capital Adequacy Reporter
▼
banking regulatory capital snowflake sap compliance
Checks capital adequacy by pulling RWA from Snowflake, comparing SAP capital, and reporting to compliance.
naftiko: "0.5"
info:
label: "Regulatory Capital Adequacy Reporter"
description: "Checks capital adequacy by pulling RWA from Snowflake, comparing SAP capital, and reporting to compliance."
tags:
- banking
- regulatory
- capital
- snowflake
- sap
- compliance
capability:
exposes:
- type: mcp
namespace: capital-ops
port: 8080
tools:
- name: check-capital
description: "Given a report date, pull RWA from Snowflake, compare with SAP capital, and notify compliance."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: compliance_channel_id
in: body
type: string
description: "Compliance channel."
steps:
- name: get-rwa
type: call
call: snowflake.query-rwa
with:
date: "{{report_date}}"
- name: get-capital
type: call
call: sap-fi.get-capital
with:
date: "{{report_date}}"
- name: notify
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Capital adequacy: RWA: ${{get-rwa.total}} | Capital: ${{get-capital.total}} | Ratio: {{get-capital.ratio}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-rwa
method: POST
- type: http
namespace: sap-fi
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: capital
path: "/A_JournalEntry"
operations:
- name: get-capital
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Regulatory Filing Deadline Monitor
▼
banking compliance regulatory snowflake servicenow
Monitors regulatory filing deadlines by querying Snowflake, checking preparation status in ServiceNow, and alerting the compliance team in Teams.
naftiko: "0.5"
info:
label: "Regulatory Filing Deadline Monitor"
description: "Monitors regulatory filing deadlines by querying Snowflake, checking preparation status in ServiceNow, and alerting the compliance team in Teams."
tags:
- banking
- compliance
- regulatory
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: regulatory-ops
port: 8080
tools:
- name: track-filing-deadlines
description: "Given a jurisdiction and filing type, check the filing calendar in Snowflake, verify status in ServiceNow, and alert the compliance channel in Teams."
inputParameters:
- name: jurisdiction
in: body
type: string
description: "Jurisdiction."
- name: filing_type
in: body
type: string
description: "Filing type."
- name: compliance_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-deadlines
type: call
call: snowflake.query-filings
with:
jurisdiction: "{{jurisdiction}}"
- name: check-status
type: call
call: snow.get-filing-status
with:
jurisdiction: "{{jurisdiction}}"
- name: alert-team
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Filing deadline: {{filing_type}} for {{jurisdiction}} — Due: {{get-deadlines.next_deadline}} | Status: {{check-status.status}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-filings
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: filings
path: "/table/u_regulatory_filing?sysparm_query=jurisdiction={{jurisdiction}}"
inputParameters:
- name: jurisdiction
in: query
operations:
- name: get-filing-status
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
SailPoint Identity Governance Lookup
▼
banking security sailpoint identity-governance lookup
Looks up a user identity in SailPoint and returns current entitlements and certification status.
naftiko: "0.5"
info:
label: "SailPoint Identity Governance Lookup"
description: "Looks up a user identity in SailPoint and returns current entitlements and certification status."
tags:
- banking
- security
- sailpoint
- identity-governance
- lookup
capability:
exposes:
- type: mcp
namespace: iam-ops
port: 8080
tools:
- name: get-identity-access
description: "Given a SailPoint identity alias, return the display name, entitlement count, and last certification date."
inputParameters:
- name: identity_alias
in: body
type: string
description: "SailPoint identity alias or email."
call: sailpoint.get-identity
with:
alias: "{{identity_alias}}"
outputParameters:
- name: display_name
type: string
mapping: "$.displayName"
- name: entitlement_count
type: integer
mapping: "$.entitlementCount"
consumes:
- namespace: sailpoint
type: http
baseUri: "https://bofa.api.identitynow.com/v3"
authentication:
type: bearer
token: "$secrets.sailpoint_token"
resources:
- name: iam-ops
path: "/{{id}}"
operations:
- name: get-identity
method: GET
Salesforce Account Health Enrichment
▼
banking crm salesforce snowflake sap
Enriches Salesforce account health scores by pulling data from Snowflake, checking billing in SAP, and updating the Salesforce record.
naftiko: "0.5"
info:
label: "Salesforce Account Health Enrichment"
description: "Enriches Salesforce account health scores by pulling data from Snowflake, checking billing in SAP, and updating the Salesforce record."
tags:
- banking
- crm
- salesforce
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: account-ops
port: 8080
tools:
- name: enrich-account-health
description: "Given a Salesforce account ID, pull performance data from Snowflake, check billing in SAP, and update the health score in Salesforce."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: account_manager_upn
in: body
type: string
description: "UPN of account manager."
steps:
- name: get-data
type: call
call: snowflake.query-account-data
with:
account_id: "{{account_id}}"
- name: get-billing
type: call
call: sap-fi.get-ar-aging
with:
account_id: "{{account_id}}"
- name: update-sf
type: call
call: sf.update-health-score
with:
account_id: "{{account_id}}"
score: "{{get-data.health_score}}"
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient_upn: "{{account_manager_upn}}"
text: "Account health updated: {{account_id}}. Score: {{get-data.health_score}} | AR: {{get-billing.days_outstanding}} days"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-account-data
method: POST
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: ar
path: "/A_JournalEntry?$filter=AccountID eq '{{account_id}}'"
inputParameters:
- name: account_id
in: query
operations:
- name: get-ar-aging
method: GET
- type: http
namespace: sf
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-health-score
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Salesforce Client Account Enrichment
▼
crm salesforce microsoft-teams client-management wealth-management
Enriches a Salesforce client account record with updated relationship manager assignment, segment classification, and AUM data, then syncs the update status to the Relationship Management Teams channel.
naftiko: "0.5"
info:
label: "Salesforce Client Account Enrichment"
description: "Enriches a Salesforce client account record with updated relationship manager assignment, segment classification, and AUM data, then syncs the update status to the Relationship Management Teams channel."
tags:
- crm
- salesforce
- microsoft-teams
- client-management
- wealth-management
capability:
exposes:
- type: mcp
namespace: client-management
port: 8080
tools:
- name: enrich-client-account
description: "Given a Salesforce account ID, relationship manager ID, segment, and AUM value, update the client account record and notify the Relationship Management Teams channel of the change."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID to enrich."
- name: relationship_manager_id
in: body
type: string
description: "The Salesforce user ID of the assigned relationship manager."
- name: client_segment
in: body
type: string
description: "Client segment classification: 'Mass Affluent', 'High Net Worth', 'Ultra High Net Worth', 'Institutional'."
- name: aum_usd
in: body
type: number
description: "Total assets under management for the client in USD."
steps:
- name: update-account
type: call
call: "salesforce.update-account"
with:
account_id: "{{account_id}}"
owner_id: "{{relationship_manager_id}}"
segment: "{{client_segment}}"
aum: "{{aum_usd}}"
- name: notify-rm-channel
type: call
call: "msteams.post-channel-message"
with:
channel: "relationship-management"
message: "Client account {{account_id}} updated: Segment {{client_segment}} | AUM ${{aum_usd}} | RM: {{relationship_manager_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bankofamerica.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Salesforce Client Account Lookup
▼
banking banking salesforce relationship-management lookup
Retrieves a client account from Salesforce by account ID, returning relationship manager, account tier, and total assets under management.
naftiko: "0.5"
info:
label: "Salesforce Client Account Lookup"
description: "Retrieves a client account from Salesforce by account ID, returning relationship manager, account tier, and total assets under management."
tags:
- banking
- banking
- salesforce
- relationship-management
- lookup
capability:
exposes:
- type: mcp
namespace: client-ops
port: 8080
tools:
- name: get-client-account
description: "Given a Salesforce account ID, return the client name, relationship manager, account tier, and AUM."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: sf.get-account
with:
accountId: "{{account_id}}"
outputParameters:
- name: client_name
type: string
mapping: "$.Name"
- name: rm
type: string
mapping: "$.Owner.Name"
- name: tier
type: string
mapping: "$.Tier__c"
consumes:
- namespace: sf
type: http
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: client-ops
path: "/{{id}}"
operations:
- name: get-account
method: GET
Salesforce Client Opportunity Pipeline Digest
▼
sales crm salesforce microsoft-teams reporting finance
Queries Salesforce for open client opportunities closing in the current quarter, aggregates by relationship manager and product, and posts a pipeline digest to the Sales Leadership Teams channel.
naftiko: "0.5"
info:
label: "Salesforce Client Opportunity Pipeline Digest"
description: "Queries Salesforce for open client opportunities closing in the current quarter, aggregates by relationship manager and product, and posts a pipeline digest to the Sales Leadership Teams channel."
tags:
- sales
- crm
- salesforce
- microsoft-teams
- reporting
- finance
capability:
exposes:
- type: mcp
namespace: sales-pipeline
port: 8080
tools:
- name: digest-opportunity-pipeline
description: "Query Salesforce for opportunities closing this quarter, group by relationship manager and product type, and post a pipeline summary to the Sales Leadership Teams channel."
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: "Fiscal quarter to report on, e.g. '2026-Q1'."
- name: business_segment
in: body
type: string
description: "Bank of America business segment, e.g. 'Global Banking', 'Business Banking'."
steps:
- name: query-pipeline
type: call
call: "salesforce.query-opportunities"
with:
quarter: "{{fiscal_quarter}}"
segment: "{{business_segment}}"
- name: post-digest
type: call
call: "msteams.post-channel-message"
with:
channel: "sales-leadership"
message: "Q{{fiscal_quarter}} Pipeline ({{business_segment}}): {{query-pipeline.count}} opportunities | Total value: ${{query-pipeline.total_value}} | Weighted: ${{query-pipeline.weighted_value}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bankofamerica.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunity-query
path: "/query"
inputParameters:
- name: q
in: query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Salesforce Relationship Manager Assignment Lookup
▼
banking salesforce relationship-management lookup
Retrieves the assigned relationship manager for a client account from Salesforce.
naftiko: "0.5"
info:
label: "Salesforce Relationship Manager Assignment Lookup"
description: "Retrieves the assigned relationship manager for a client account from Salesforce."
tags:
- banking
- salesforce
- relationship-management
- lookup
capability:
exposes:
- type: mcp
namespace: rm-ops
port: 8080
tools:
- name: get-rm-assignment
description: "Given a client account ID, return the relationship manager name, email, and last contact date."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: sf.get-rm
with:
accountId: "{{account_id}}"
outputParameters:
- name: rm_name
type: string
mapping: "$.Owner.Name"
- name: rm_email
type: string
mapping: "$.Owner.Email"
- name: last_contact
type: string
mapping: "$.Last_Contact_Date__c"
consumes:
- namespace: sf
type: http
baseUri: "https://bofa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{accountId}}"
operations:
- name: get-rm
method: GET
Sanctions Screening Handler
▼
banking sanctions compliance snowflake servicenow
Screens customers against sanctions lists in Snowflake, logs in ServiceNow, and escalates matches.
naftiko: "0.5"
info:
label: "Sanctions Screening Handler"
description: "Screens customers against sanctions lists in Snowflake, logs in ServiceNow, and escalates matches."
tags:
- banking
- sanctions
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: sanctions-ops
port: 8080
tools:
- name: screen-sanctions
description: "Given a customer name and country, screen in Snowflake, log in ServiceNow, and notify compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: country
in: body
type: string
description: "Country."
- name: compliance_upn
in: body
type: string
description: "Compliance UPN."
steps:
- name: screen
type: call
call: snowflake.screen-sanctions
with:
customer: "{{customer_name}}"
country: "{{country}}"
- name: log
type: call
call: snow.create-record
with:
short_description: "Sanctions: {{customer_name}}"
description: "Matches: {{screen.match_count}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Sanctions: {{customer_name}} ({{country}}) — {{screen.match_count}} matches. SNOW: {{log.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: screen-sanctions
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: screening
path: "/table/u_sanctions_screening"
operations:
- name: create-record
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Sanctions Screening Workflow
▼
banking sanctions compliance snowflake servicenow
Screens customers against sanctions lists by querying Snowflake, logging results in ServiceNow, and escalating matches to the compliance team via Teams.
naftiko: "0.5"
info:
label: "Sanctions Screening Workflow"
description: "Screens customers against sanctions lists by querying Snowflake, logging results in ServiceNow, and escalating matches to the compliance team via Teams."
tags:
- banking
- sanctions
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: sanctions-ops
port: 8080
tools:
- name: screen-sanctions
description: "Given a customer name and country, run sanctions screening in Snowflake, log in ServiceNow, and escalate matches to compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: country
in: body
type: string
description: "Customer country."
- name: compliance_upn
in: body
type: string
description: "Compliance officer UPN."
steps:
- name: run-screening
type: call
call: snowflake.screen-sanctions
with:
customer: "{{customer_name}}"
country: "{{country}}"
- name: log-result
type: call
call: snow.create-screening-record
with:
short_description: "Sanctions: {{customer_name}} ({{country}})"
description: "Match count: {{run-screening.match_count}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Sanctions screening: {{customer_name}} ({{country}}) — Matches: {{run-screening.match_count}}. SNOW: {{log-result.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: screen-sanctions
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: screening
path: "/table/u_sanctions_screening"
operations:
- name: create-screening-record
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Concur Expense Report Approval Reminder
▼
finance expense-management sap-concur microsoft-teams approval
Queries SAP Concur for expense reports pending approval beyond the SLA threshold and sends reminder notifications to approving managers via Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Approval Reminder"
description: "Queries SAP Concur for expense reports pending approval beyond the SLA threshold and sends reminder notifications to approving managers via Microsoft Teams."
tags:
- finance
- expense-management
- sap-concur
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: expense-approvals
port: 8080
tools:
- name: send-expense-approval-reminders
description: "Query SAP Concur for expense reports in Pending Manager Approval status older than the specified threshold, then send a Teams reminder to the Finance Approvals channel."
inputParameters:
- name: days_pending
in: body
type: integer
description: "Days a report must be pending before sending a reminder. Default: 5."
steps:
- name: get-pending-reports
type: call
call: "concur.list-pending-reports"
with:
approvalStatus: "A_PEND"
daysOld: "{{days_pending}}"
- name: notify-approvers
type: call
call: "msteams.post-channel-message"
with:
channel: "finance-approvals"
message: "{{get-pending-reports.count}} expense reports pending approval for more than {{days_pending}} days. Please review in SAP Concur."
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports"
operations:
- name: list-pending-reports
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
SAP Concur Expense Report Status Lookup
▼
banking finance sap-concur expense-management lookup
Retrieves an SAP Concur expense report by ID, returning the total amount, approval status, and owner.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Status Lookup"
description: "Retrieves an SAP Concur expense report by ID, returning the total amount, approval status, and owner."
tags:
- banking
- finance
- sap-concur
- expense-management
- lookup
capability:
exposes:
- type: mcp
namespace: expense-ops
port: 8080
tools:
- name: get-expense-report
description: "Given a Concur report ID, return the total, currency, approval status, and submitter name."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID."
call: concur.get-report
with:
reportId: "{{report_id}}"
outputParameters:
- name: total
type: number
mapping: "$.Total"
- name: status
type: string
mapping: "$.ApprovalStatusName"
- name: owner
type: string
mapping: "$.OwnerName"
consumes:
- namespace: concur
type: http
baseUri: "https://api.bofa.com/v1"
authentication:
type: bearer
token: "$secrets.api_token"
resources:
- name: expense-ops
path: "/{{id}}"
operations:
- name: get-report
method: GET
SAP General Ledger Balance Check
▼
banking finance sap accounting lookup
Retrieves the current balance for a specified SAP general ledger account and company code.
naftiko: "0.5"
info:
label: "SAP General Ledger Balance Check"
description: "Retrieves the current balance for a specified SAP general ledger account and company code."
tags:
- banking
- finance
- sap
- accounting
- lookup
capability:
exposes:
- type: mcp
namespace: gl-ops
port: 8080
tools:
- name: get-gl-balance
description: "Given an SAP company code and GL account, return the current balance and currency."
inputParameters:
- name: company_code
in: body
type: string
description: "SAP company code."
- name: gl_account
in: body
type: string
description: "GL account number."
call: sap-fi.get-balance
with:
CompanyCode: "{{company_code}}"
GLAccount: "{{gl_account}}"
outputParameters:
- name: balance
type: number
mapping: "$.d.EndingBalanceAmtInCoCodeCrcy"
- name: currency
type: string
mapping: "$.d.CompanyCodeCurrency"
consumes:
- namespace: sap-fi
type: http
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: gl-ops
path: "/{{id}}"
operations:
- name: get-balance
method: GET
SAP Invoice Three-Way Match Workflow
▼
banking finance accounts-payable sap servicenow
Performs a three-way match on a vendor invoice by verifying the PO in SAP, confirming goods receipt, and routing for approval with Teams notification.
naftiko: "0.5"
info:
label: "SAP Invoice Three-Way Match Workflow"
description: "Performs a three-way match on a vendor invoice by verifying the PO in SAP, confirming goods receipt, and routing for approval with Teams notification."
tags:
- banking
- finance
- accounts-payable
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: ap-ops
port: 8080
tools:
- name: three-way-match
description: "Given an invoice and PO number, verify the PO in SAP, confirm goods receipt, create an approval in ServiceNow, and notify AP via Teams."
inputParameters:
- name: invoice_number
in: body
type: string
description: "Vendor invoice number."
- name: po_number
in: body
type: string
description: "SAP purchase order number."
- name: ap_manager_upn
in: body
type: string
description: "UPN of AP manager."
steps:
- name: verify-po
type: call
call: sap.get-po
with:
po_number: "{{po_number}}"
- name: check-gr
type: call
call: sap.get-goods-receipt
with:
po_number: "{{po_number}}"
- name: create-approval
type: call
call: snow.create-approval
with:
short_description: "Invoice approval: {{invoice_number}} — PO {{po_number}}"
description: "PO Amount: {{verify-po.total_amount}} | GR: {{check-gr.status}}"
- name: notify-ap
type: call
call: msteams.send-message
with:
recipient_upn: "{{ap_manager_upn}}"
text: "Three-way match: Invoice {{invoice_number}} — PO {{po_number}}. GR: {{check-gr.status}}. Approval: {{create-approval.number}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
- name: goods-receipts
path: "/A_PurchaseOrder('{{po_number}}')/to_GoodsReceipt"
inputParameters:
- name: po_number
in: path
operations:
- name: get-goods-receipt
method: GET
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: approvals
path: "/table/sysapproval_approver"
operations:
- name: create-approval
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Period-End Journal Entry Validation
▼
banking finance accounting sap snowflake
Validates period-end journal entries by pulling entries from SAP, cross-checking balances in Snowflake, and notifying the controller via Teams.
naftiko: "0.5"
info:
label: "SAP Period-End Journal Entry Validation"
description: "Validates period-end journal entries by pulling entries from SAP, cross-checking balances in Snowflake, and notifying the controller via Teams."
tags:
- banking
- finance
- accounting
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: gl-ops
port: 8080
tools:
- name: validate-journal-entries
description: "Given a company code and posting period, retrieve journal entries from SAP, validate against Snowflake, and notify the controller of discrepancies."
inputParameters:
- name: company_code
in: body
type: string
description: "SAP company code."
- name: posting_period
in: body
type: string
description: "Posting period."
- name: controller_upn
in: body
type: string
description: "UPN of controller."
steps:
- name: get-entries
type: call
call: sap-fi.get-journal-entries
with:
company_code: "{{company_code}}"
period: "{{posting_period}}"
- name: validate-balances
type: call
call: snowflake.check-recon
with:
company_code: "{{company_code}}"
period: "{{posting_period}}"
- name: notify-controller
type: call
call: msteams.send-message
with:
recipient_upn: "{{controller_upn}}"
text: "Period-end validation: {{company_code}} — {{posting_period}}. Entries: {{get-entries.count}} | Status: {{validate-balances.status}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: entries
path: "/A_JournalEntry?$filter=CompanyCode eq '{{company_code}}'"
inputParameters:
- name: company_code
in: query
operations:
- name: get-journal-entries
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-recon
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Vendor Master Data Lookup
▼
banking finance sap procurement lookup
Retrieves vendor master data from SAP by vendor number, returning company name, payment terms, and tax ID.
naftiko: "0.5"
info:
label: "SAP Vendor Master Data Lookup"
description: "Retrieves vendor master data from SAP by vendor number, returning company name, payment terms, and tax ID."
tags:
- banking
- finance
- sap
- procurement
- lookup
capability:
exposes:
- type: mcp
namespace: vendor-ops
port: 8080
tools:
- name: get-vendor
description: "Given an SAP vendor number, return the vendor name, payment terms, and tax ID."
inputParameters:
- name: vendor_number
in: body
type: string
description: "SAP vendor account number."
call: sap.get-vendor
with:
Supplier: "{{vendor_number}}"
outputParameters:
- name: vendor_name
type: string
mapping: "$.d.SupplierName"
- name: payment_terms
type: string
mapping: "$.d.PaymentTerms"
consumes:
- namespace: sap
type: http
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: vendor-ops
path: "/{{id}}"
operations:
- name: get-vendor
method: GET
ServiceNow Change Window Compliance Validator
▼
banking it-operations change-management servicenow datadog
Verifies that a change request falls within the approved window by checking ServiceNow, validating service health in Datadog, and notifying the CAB via Teams.
naftiko: "0.5"
info:
label: "ServiceNow Change Window Compliance Validator"
description: "Verifies that a change request falls within the approved window by checking ServiceNow, validating service health in Datadog, and notifying the CAB via Teams."
tags:
- banking
- it-operations
- change-management
- servicenow
- datadog
capability:
exposes:
- type: mcp
namespace: change-ops
port: 8080
tools:
- name: check-change-compliance
description: "Given a change request number and proposed date, verify window compliance in ServiceNow, check Datadog service health, and notify the CAB in Teams."
inputParameters:
- name: change_number
in: body
type: string
description: "Change request number."
- name: proposed_date
in: body
type: string
description: "Proposed date."
- name: cab_channel_id
in: body
type: string
description: "Teams channel ID for CAB."
steps:
- name: check-window
type: call
call: snow.get-change-window
with:
change_number: "{{change_number}}"
- name: check-health
type: call
call: datadog.get-status
with:
date: "{{proposed_date}}"
- name: notify-cab
type: call
call: msteams.post-channel
with:
channel_id: "{{cab_channel_id}}"
text: "Change compliance: {{change_number}} for {{proposed_date}}. Window: {{check-window.status}} | Health: {{check-health.overall}}"
consumes:
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request?sysparm_query=number={{change_number}}"
inputParameters:
- name: change_number
in: query
operations:
- name: get-change-window
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/groups"
operations:
- name: get-status
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
ServiceNow Incident Status Check
▼
banking it-operations servicenow incident-management lookup
Looks up a ServiceNow incident by number and returns current state, priority, and assigned group.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Check"
description: "Looks up a ServiceNow incident by number and returns current state, priority, and assigned group."
tags:
- banking
- it-operations
- servicenow
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: get-incident-status
description: "Given a ServiceNow incident number, return the state, priority, and assignment group."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: snow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
- name: assigned_to
type: string
mapping: "$.result.assignment_group.display_value"
consumes:
- namespace: snow
type: http
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: it-ops
path: "/{{id}}"
operations:
- name: get-incident
method: GET
ServiceNow IT Change Advisory Board Request
▼
itsm change-management servicenow microsoft-teams approval
Creates a ServiceNow change request for technology infrastructure changes at Bank of America, assigns it to the CAB review board, and notifies stakeholders via Microsoft Teams.
naftiko: "0.5"
info:
label: "ServiceNow IT Change Advisory Board Request"
description: "Creates a ServiceNow change request for technology infrastructure changes at Bank of America, assigns it to the CAB review board, and notifies stakeholders via Microsoft Teams."
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: submit-change-request
description: "Given a change title, description, risk level, and planned date, create a ServiceNow change request and notify the CAB via the Change Management Teams channel."
inputParameters:
- name: change_title
in: body
type: string
description: "Short description of the proposed infrastructure change."
- name: change_description
in: body
type: string
description: "Full description including what is changing, business justification, and rollback plan."
- name: risk_level
in: body
type: string
description: "Risk classification: 'low', 'medium', or 'high'."
- name: planned_date
in: body
type: string
description: "Planned implementation date in YYYY-MM-DD format."
steps:
- name: create-change
type: call
call: "servicenow.create-change"
with:
short_description: "{{change_title}}"
description: "{{change_description}}"
risk: "{{risk_level}}"
planned_start_date: "{{planned_date}}"
- name: notify-cab
type: call
call: "msteams.post-channel-message"
with:
channel: "change-advisory-board"
message: "New CAB request: {{change_title}} | Risk: {{risk_level}} | Planned: {{planned_date}} | SNOW: {{create-change.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
ServiceNow Trading Incident Lookup
▼
banking banking trading servicenow incident-management lookup
Looks up a trading platform incident in ServiceNow by incident number and returns status, severity, and affected trading system.
naftiko: "0.5"
info:
label: "ServiceNow Trading Incident Lookup"
description: "Looks up a trading platform incident in ServiceNow by incident number and returns status, severity, and affected trading system."
tags:
- banking
- banking
- trading
- servicenow
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: trading-ops
port: 8080
tools:
- name: get-trading-incident
description: "Given a ServiceNow incident number, return the incident state, severity, affected trading system, and resolution target."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: snow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: severity
type: string
mapping: "$.result.severity"
- name: system
type: string
mapping: "$.result.cmdb_ci.display_value"
consumes:
- namespace: snow
type: http
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: trading-ops
path: "/{{id}}"
operations:
- name: get-incident
method: GET
Snowflake Data Pipeline Failure Response
▼
banking data-engineering snowflake jira pagerduty
When a Snowflake pipeline fails, creates a Jira incident, pages the on-call engineer via PagerDuty, and notifies the pipeline owner in Teams.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Failure Response"
description: "When a Snowflake pipeline fails, creates a Jira incident, pages the on-call engineer via PagerDuty, and notifies the pipeline owner in Teams."
tags:
- banking
- data-engineering
- snowflake
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: data-reliability
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a Snowflake task name and error, create a Jira incident, trigger a PagerDuty alert, and notify the owner in Teams."
inputParameters:
- name: task_name
in: body
type: string
description: "Snowflake task name."
- name: error_message
in: body
type: string
description: "Error message."
- name: pipeline_owner
in: body
type: string
description: "Pipeline owner email."
steps:
- name: create-incident
type: call
call: jira.create-issue
with:
project: "DATA"
summary: "Pipeline failure: {{task_name}}"
description: "Error: {{error_message}}"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: "data-engineering"
title: "Pipeline failure: {{task_name}}"
- name: notify-owner
type: call
call: msteams.send-message
with:
recipient_upn: "{{pipeline_owner}}"
text: "Pipeline failure: {{task_name}}. Jira: {{create-incident.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bofa.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Snowflake Pipeline Job Status Lookup
▼
data analytics snowflake monitoring lookup
Looks up the most recent execution status of a named Snowflake task pipeline in the Bank of America data warehouse and returns run state, duration, and error message.
naftiko: "0.5"
info:
label: "Snowflake Pipeline Job Status Lookup"
description: "Looks up the most recent execution status of a named Snowflake task pipeline in the Bank of America data warehouse and returns run state, duration, and error message."
tags:
- data
- analytics
- snowflake
- monitoring
- lookup
capability:
exposes:
- type: mcp
namespace: data-pipeline-lookup
port: 8080
tools:
- name: get-pipeline-job-status
description: "Given a Snowflake database and task name, return the most recent task run state, scheduled time, completed time, and error message if failed."
inputParameters:
- name: database_name
in: body
type: string
description: "The Snowflake database name, e.g. 'BOA_RISK_PROD'."
- name: task_name
in: body
type: string
description: "The Snowflake task name to query status for."
call: "snowflake.get-task-history"
with:
database: "{{database_name}}"
task_name: "{{task_name}}"
outputParameters:
- name: state
type: string
mapping: "$.data[0].STATE"
- name: scheduled_time
type: string
mapping: "$.data[0].SCHEDULED_TIME"
- name: completed_time
type: string
mapping: "$.data[0].COMPLETED_TIME"
- name: error_message
type: string
mapping: "$.data[0].ERROR_MESSAGE"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bankofamerica.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/{{database}}/schemas/information_schema/task_history"
inputParameters:
- name: database
in: path
operations:
- name: get-task-history
method: GET
Snowflake Risk Data Warehouse Quality Check
▼
data analytics snowflake data-quality risk finance
Runs data quality validation queries against Bank of America's Snowflake risk data warehouse to detect anomalies, nulls, and stale data, posting results to the Risk Analytics Teams channel.
naftiko: "0.5"
info:
label: "Snowflake Risk Data Warehouse Quality Check"
description: "Runs data quality validation queries against Bank of America's Snowflake risk data warehouse to detect anomalies, nulls, and stale data, posting results to the Risk Analytics Teams channel."
tags:
- data
- analytics
- snowflake
- data-quality
- risk
- finance
capability:
exposes:
- type: mcp
namespace: risk-data
port: 8080
tools:
- name: run-risk-data-quality-check
description: "Given a Snowflake table name and check date, execute data quality validation SQL and post a pass/fail quality report to the Risk Analytics Teams channel."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table, e.g. 'BOA_RISK_PROD.CREDIT.LOAN_POSITIONS'."
- name: check_date
in: body
type: string
description: "The business date to validate in YYYY-MM-DD format."
steps:
- name: run-dq-check
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT COUNT(*) as total, COUNT_IF(exposure IS NULL) as null_exposure FROM {{table_name}} WHERE position_date = '{{check_date}}'"
- name: post-results
type: call
call: "msteams.post-channel-message"
with:
channel: "risk-analytics"
message: "DQ check on {{table_name}} for {{check_date}}: {{run-dq-check.total}} rows, {{run-dq-check.null_exposure}} null exposures"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bankofamerica.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Snowflake Table Row Count Check
▼
banking data-engineering snowflake analytics lookup
Queries Snowflake to return the row count and last update timestamp for a specified data table.
naftiko: "0.5"
info:
label: "Snowflake Table Row Count Check"
description: "Queries Snowflake to return the row count and last update timestamp for a specified data table."
tags:
- banking
- data-engineering
- snowflake
- analytics
- lookup
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: get-table-stats
description: "Given a Snowflake table name, return the row count and last DML timestamp."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table name."
call: snowflake.query-stats
with:
table: "{{table_name}}"
outputParameters:
- name: row_count
type: integer
mapping: "$.data[0].ROW_COUNT"
- name: last_altered
type: string
mapping: "$.data[0].LAST_ALTERED"
consumes:
- namespace: snowflake
type: http
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: data-ops
path: "/{{id}}"
operations:
- name: query-stats
method: GET
Splunk Security Event Query
▼
banking security splunk siem lookup
Runs a Splunk search for security events matching a query and returns the result count.
naftiko: "0.5"
info:
label: "Splunk Security Event Query"
description: "Runs a Splunk search for security events matching a query and returns the result count."
tags:
- banking
- security
- splunk
- siem
- lookup
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: search-security-events
description: "Given a Splunk search query, execute the search and return the result count and top events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk search query string."
call: splunk.run-search
with:
search: "{{search_query}}"
outputParameters:
- name: result_count
type: integer
mapping: "$.resultCount"
consumes:
- namespace: splunk
type: http
baseUri: "https://bofa-splunk.splunkcloud.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: security-ops
path: "/{{id}}"
operations:
- name: run-search
method: GET
Terraform Cloud Infrastructure Provisioning Trigger
▼
cloud infrastructure terraform microsoft-teams devops provisioning
Triggers a Terraform Cloud workspace run for cloud infrastructure provisioning or updates, and notifies the Platform Engineering team in Microsoft Teams with the run status.
naftiko: "0.5"
info:
label: "Terraform Cloud Infrastructure Provisioning Trigger"
description: "Triggers a Terraform Cloud workspace run for cloud infrastructure provisioning or updates, and notifies the Platform Engineering team in Microsoft Teams with the run status."
tags:
- cloud
- infrastructure
- terraform
- microsoft-teams
- devops
- provisioning
capability:
exposes:
- type: mcp
namespace: infra-provisioning
port: 8080
tools:
- name: trigger-terraform-run
description: "Given a Terraform Cloud workspace ID and a descriptive message, trigger an infrastructure plan-and-apply run and notify the Platform Engineering Teams channel."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Terraform Cloud workspace ID to run against."
- name: run_message
in: body
type: string
description: "Description of the infrastructure change, e.g. 'Scale EKS node group for transaction processing'."
steps:
- name: trigger-run
type: call
call: "terraform.create-run"
with:
workspace_id: "{{workspace_id}}"
message: "{{run_message}}"
- name: notify-platform
type: call
call: "msteams.post-channel-message"
with:
channel: "platform-engineering"
message: "Terraform run triggered: {{run_message}} | Workspace: {{workspace_id}} | Run: {{trigger-run.id}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: create-run
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Terraform Drift Detection and Remediation
▼
banking devops terraform jira infrastructure
Detects Terraform state drift, creates a Jira remediation ticket, and alerts the platform team in Teams.
naftiko: "0.5"
info:
label: "Terraform Drift Detection and Remediation"
description: "Detects Terraform state drift, creates a Jira remediation ticket, and alerts the platform team in Teams."
tags:
- banking
- devops
- terraform
- jira
- infrastructure
capability:
exposes:
- type: mcp
namespace: platform-drift
port: 8080
tools:
- name: handle-terraform-drift
description: "Given a Terraform workspace, check for drift, create a Jira ticket if detected, and notify platform engineering in Teams."
inputParameters:
- name: workspace_name
in: body
type: string
description: "Terraform workspace name."
- name: platform_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: check-drift
type: call
call: tfc.run-plan
with:
workspace: "{{workspace_name}}"
- name: create-ticket
type: call
call: jira.create-issue
with:
project: "PLATFORM"
summary: "Drift detected: {{workspace_name}}"
description: "Changes: {{check-drift.resource_changes}}"
- name: notify-team
type: call
call: msteams.post-channel
with:
channel_id: "{{platform_channel_id}}"
text: "Terraform drift: {{workspace_name}} — {{check-drift.resource_changes}} changes. Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: tfc
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/workspaces/{{workspace}}/runs"
inputParameters:
- name: workspace
in: path
operations:
- name: run-plan
method: POST
- type: http
namespace: jira
baseUri: "https://bofa.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Terraform Workspace State Check
▼
banking devops terraform infrastructure lookup
Retrieves the current state of a Terraform Cloud workspace, returning last run status and resource count.
naftiko: "0.5"
info:
label: "Terraform Workspace State Check"
description: "Retrieves the current state of a Terraform Cloud workspace, returning last run status and resource count."
tags:
- banking
- devops
- terraform
- infrastructure
- lookup
capability:
exposes:
- type: mcp
namespace: infra-ops
port: 8080
tools:
- name: get-workspace-state
description: "Given a Terraform Cloud workspace name, return the last run status and managed resource count."
inputParameters:
- name: workspace_name
in: body
type: string
description: "Terraform Cloud workspace name."
call: tfc.get-workspace
with:
workspace: "{{workspace_name}}"
outputParameters:
- name: last_run_status
type: string
mapping: "$.data.attributes.latest-run.status"
- name: resource_count
type: integer
mapping: "$.data.attributes.resource-count"
consumes:
- namespace: tfc
type: http
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: infra-ops
path: "/{{id}}"
operations:
- name: get-workspace
method: GET
Third-Party Vendor Risk Assessment Workflow
▼
banking procurement risk-management sap-ariba servicenow
Performs a vendor risk assessment by pulling vendor details from SAP Ariba, checking compliance in ServiceNow GRC, and notifying procurement via Teams.
naftiko: "0.5"
info:
label: "Third-Party Vendor Risk Assessment Workflow"
description: "Performs a vendor risk assessment by pulling vendor details from SAP Ariba, checking compliance in ServiceNow GRC, and notifying procurement via Teams."
tags:
- banking
- procurement
- risk-management
- sap-ariba
- servicenow
capability:
exposes:
- type: mcp
namespace: vendor-risk
port: 8080
tools:
- name: assess-vendor-risk
description: "Given a vendor ID, retrieve the vendor profile from SAP Ariba, check GRC compliance in ServiceNow, and send the risk summary to procurement in Teams."
inputParameters:
- name: vendor_id
in: body
type: string
description: "SAP Ariba supplier ID."
- name: procurement_lead_upn
in: body
type: string
description: "UPN of procurement lead."
steps:
- name: get-vendor
type: call
call: ariba.get-supplier
with:
vendorId: "{{vendor_id}}"
- name: check-grc
type: call
call: snow.get-compliance
with:
vendor_name: "{{get-vendor.SupplierName}}"
- name: notify-lead
type: call
call: msteams.send-message
with:
recipient_upn: "{{procurement_lead_upn}}"
text: "Vendor Risk: {{get-vendor.SupplierName}} — GRC: {{check-grc.compliance_status}} | Score: {{check-grc.risk_score}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/supplier-management/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: suppliers
path: "/suppliers/{{vendorId}}"
inputParameters:
- name: vendorId
in: path
operations:
- name: get-supplier
method: GET
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: grc
path: "/table/sn_grc_profile?sysparm_query=name={{vendor_name}}"
inputParameters:
- name: vendor_name
in: query
operations:
- name: get-compliance
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Trade Settlement Exception Handler
▼
banking trading settlement snowflake servicenow
Handles trade settlement exceptions by pulling trade details from Snowflake, creating an exception ticket in ServiceNow, and notifying operations via Teams.
naftiko: "0.5"
info:
label: "Trade Settlement Exception Handler"
description: "Handles trade settlement exceptions by pulling trade details from Snowflake, creating an exception ticket in ServiceNow, and notifying operations via Teams."
tags:
- banking
- trading
- settlement
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: settlement-ops
port: 8080
tools:
- name: handle-settlement-exception
description: "Given a trade ID and exception type, pull details from Snowflake, create a ServiceNow ticket, and notify operations."
inputParameters:
- name: trade_id
in: body
type: string
description: "Trade ID."
- name: exception_type
in: body
type: string
description: "Exception type."
- name: ops_channel_id
in: body
type: string
description: "Operations Teams channel."
steps:
- name: get-trade
type: call
call: snowflake.get-trade-details
with:
trade_id: "{{trade_id}}"
- name: create-ticket
type: call
call: snow.create-exception
with:
short_description: "Settlement exception: {{trade_id}} — {{exception_type}}"
description: "Counterparty: {{get-trade.counterparty}} | Amount: {{get-trade.amount}}"
- name: notify-ops
type: call
call: msteams.post-channel
with:
channel_id: "{{ops_channel_id}}"
text: "Settlement exception: {{trade_id}} — {{exception_type}}. Counterparty: {{get-trade.counterparty}}. SNOW: {{create-ticket.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-trade-details
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: exceptions
path: "/table/u_trade_exception"
operations:
- name: create-exception
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Trade Settlement Exception Workflow
▼
banking trading settlement snowflake servicenow
Handles trade settlement exceptions by pulling details from Snowflake, creating a ServiceNow ticket, and notifying operations.
naftiko: "0.5"
info:
label: "Trade Settlement Exception Workflow"
description: "Handles trade settlement exceptions by pulling details from Snowflake, creating a ServiceNow ticket, and notifying operations."
tags:
- banking
- trading
- settlement
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: settlement-ops
port: 8080
tools:
- name: handle-settlement-exception
description: "Given a trade ID and exception type, pull details, create a ticket, and notify operations."
inputParameters:
- name: trade_id
in: body
type: string
description: "Trade ID."
- name: exception_type
in: body
type: string
description: "Exception type."
- name: ops_channel_id
in: body
type: string
description: "Operations channel."
steps:
- name: get-trade
type: call
call: snowflake.get-trade
with:
trade_id: "{{trade_id}}"
- name: create-ticket
type: call
call: snow.create-exception
with:
short_description: "Settlement: {{trade_id}} — {{exception_type}}"
description: "Counterparty: {{get-trade.counterparty}}"
- name: notify
type: call
call: msteams.post-channel
with:
channel_id: "{{ops_channel_id}}"
text: "Settlement exception: {{trade_id}} — {{exception_type}}. SNOW: {{create-ticket.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-trade
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: exceptions
path: "/table/u_trade_exception"
operations:
- name: create-exception
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Treasury Cash Position Daily Report
▼
banking treasury finance sap snowflake
Generates a daily treasury report by pulling SAP balances, Snowflake market rates, and posting to Teams.
naftiko: "0.5"
info:
label: "Treasury Cash Position Daily Report"
description: "Generates a daily treasury report by pulling SAP balances, Snowflake market rates, and posting to Teams."
tags:
- banking
- treasury
- finance
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: treasury-ops
port: 8080
tools:
- name: generate-cash-report
description: "Given a report date, pull cash balances from SAP, get market rates from Snowflake, and post to Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: treasury_channel_id
in: body
type: string
description: "Treasury channel."
steps:
- name: get-balances
type: call
call: sap-fi.get-cash
with:
date: "{{report_date}}"
- name: get-rates
type: call
call: snowflake.get-rates
with:
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{treasury_channel_id}}"
text: "Treasury {{report_date}}: Cash: ${{get-balances.total}} | Rates updated."
consumes:
- type: http
namespace: sap-fi
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: balances
path: "/A_JournalEntry"
operations:
- name: get-cash
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-rates
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Treasury Cash Position Report
▼
banking treasury finance sap snowflake
Generates a daily treasury cash position report by pulling balances from SAP, enriching with market rates from Snowflake, and distributing via Teams.
naftiko: "0.5"
info:
label: "Treasury Cash Position Report"
description: "Generates a daily treasury cash position report by pulling balances from SAP, enriching with market rates from Snowflake, and distributing via Teams."
tags:
- banking
- treasury
- finance
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: treasury-ops
port: 8080
tools:
- name: generate-cash-report
description: "Given a reporting date, pull cash balances from SAP, get market rates from Snowflake, and post the treasury report to Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: treasury_channel_id
in: body
type: string
description: "Treasury Teams channel."
steps:
- name: get-balances
type: call
call: sap-fi.get-cash-balances
with:
date: "{{report_date}}"
- name: get-rates
type: call
call: snowflake.get-market-rates
with:
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{treasury_channel_id}}"
text: "Treasury Report {{report_date}}: Cash: ${{get-balances.total}} | USD/EUR: {{get-rates.usd_eur}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: balances
path: "/A_JournalEntry?$filter=PostingDate eq '{{date}}'"
inputParameters:
- name: date
in: query
operations:
- name: get-cash-balances
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-market-rates
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Wire Transfer Fraud Screening Workflow
▼
banking fraud-detection payments snowflake sap
Screens wire transfers by checking patterns in Snowflake, creating a hold in SAP, and alerting the fraud team.
naftiko: "0.5"
info:
label: "Wire Transfer Fraud Screening Workflow"
description: "Screens wire transfers by checking patterns in Snowflake, creating a hold in SAP, and alerting the fraud team."
tags:
- banking
- fraud-detection
- payments
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: screen-wire-transfer
description: "Given a wire transfer ID and amount, check patterns in Snowflake, hold in SAP, and alert fraud team."
inputParameters:
- name: transfer_id
in: body
type: string
description: "Transfer ID."
- name: amount
in: body
type: number
description: "Amount."
- name: fraud_channel_id
in: body
type: string
description: "Fraud channel."
steps:
- name: check
type: call
call: snowflake.check-wire
with:
transfer_id: "{{transfer_id}}"
amount: "{{amount}}"
- name: hold
type: call
call: sap-fi.create-hold
with:
transfer_id: "{{transfer_id}}"
reason: "Screening: {{check.risk_level}}"
- name: alert
type: call
call: msteams.post-channel
with:
channel_id: "{{fraud_channel_id}}"
text: "Wire screening: {{transfer_id}} — ${{amount}}. Risk: {{check.risk_level}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-wire
method: POST
- type: http
namespace: sap-fi
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: holds
path: "/A_JournalEntry"
operations:
- name: create-hold
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Wire Transfer Fraud Screening
▼
banking fraud-detection payments snowflake sap
Screens wire transfers for fraud by checking transaction patterns in Snowflake, creating a hold in SAP if suspicious, and alerting the fraud team via Teams.
naftiko: "0.5"
info:
label: "Wire Transfer Fraud Screening"
description: "Screens wire transfers for fraud by checking transaction patterns in Snowflake, creating a hold in SAP if suspicious, and alerting the fraud team via Teams."
tags:
- banking
- fraud-detection
- payments
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: screen-wire-transfer
description: "Given a wire transfer ID and amount, check patterns in Snowflake, hold in SAP if suspicious, and alert the fraud team."
inputParameters:
- name: transfer_id
in: body
type: string
description: "Wire transfer ID."
- name: amount
in: body
type: number
description: "Transfer amount."
- name: fraud_channel_id
in: body
type: string
description: "Fraud team Teams channel."
steps:
- name: check-patterns
type: call
call: snowflake.check-wire-patterns
with:
transfer_id: "{{transfer_id}}"
amount: "{{amount}}"
- name: hold-payment
type: call
call: sap-fi.create-hold
with:
transfer_id: "{{transfer_id}}"
reason: "Fraud screening: {{check-patterns.risk_level}}"
- name: alert-fraud
type: call
call: msteams.post-channel
with:
channel_id: "{{fraud_channel_id}}"
text: "Wire screening: {{transfer_id}} — ${{amount}}. Risk: {{check-patterns.risk_level}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-wire-patterns
method: POST
- type: http
namespace: sap
baseUri: "https://bofa-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: holds
path: "/A_JournalEntry"
operations:
- name: create-hold
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Workday Absence Request Status Lookup
▼
hr workday absence-management lookup
Looks up the approval status, dates, and leave type of an employee absence request in Workday by request ID.
naftiko: "0.5"
info:
label: "Workday Absence Request Status Lookup"
description: "Looks up the approval status, dates, and leave type of an employee absence request in Workday by request ID."
tags:
- hr
- workday
- absence-management
- lookup
capability:
exposes:
- type: mcp
namespace: hr-absence
port: 8080
tools:
- name: get-absence-request-status
description: "Given a Workday absence request ID, return the current approval status, leave start/end dates, leave type, and approver name. Use for manager review or employee self-service."
inputParameters:
- name: absence_request_id
in: body
type: string
description: "The Workday absence request ID to look up."
call: "workday.get-absence-request"
with:
request_id: "{{absence_request_id}}"
outputParameters:
- name: status
type: string
mapping: "$.data.approvalStatus"
- name: start_date
type: string
mapping: "$.data.startDate"
- name: end_date
type: string
mapping: "$.data.endDate"
- name: leave_type
type: string
mapping: "$.data.leaveType"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: absence-requests
path: "/bankofamerica/absenceRequests/{{request_id}}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-absence-request
method: GET
Workday Benefits Enrollment Reminder Workflow
▼
banking hr benefits workday microsoft-graph servicenow
Sends benefits open enrollment reminders by querying Workday for incomplete enrollments, sending emails via Microsoft Graph, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Reminder Workflow"
description: "Sends benefits open enrollment reminders by querying Workday for incomplete enrollments, sending emails via Microsoft Graph, and logging in ServiceNow."
tags:
- banking
- hr
- benefits
- workday
- microsoft-graph
- servicenow
capability:
exposes:
- type: mcp
namespace: benefits-ops
port: 8080
tools:
- name: send-enrollment-reminders
description: "Given an enrollment period and deadline, query Workday for incomplete enrollments, send reminder emails, and log the outreach in ServiceNow."
inputParameters:
- name: enrollment_period
in: body
type: string
description: "Enrollment period."
- name: deadline_date
in: body
type: string
description: "Deadline in YYYY-MM-DD."
steps:
- name: get-incomplete
type: call
call: workday.get-incomplete-enrollment
with:
period: "{{enrollment_period}}"
- name: send-reminders
type: call
call: msgraph.send-bulk-mail
with:
subject: "Benefits Enrollment Deadline {{deadline_date}}"
body: "Please complete enrollment by {{deadline_date}}."
- name: log-outreach
type: call
call: snow.create-task
with:
short_description: "Benefits reminders: {{enrollment_period}}"
description: "Incomplete: {{get-incomplete.count}} | Deadline: {{deadline_date}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Benefits/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: enrollment
path: "/benefit-elections?status=incomplete"
operations:
- name: get-incomplete-enrollment
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/benefits@bofa.com/sendMail"
operations:
- name: send-bulk-mail
method: POST
- type: http
namespace: snow
baseUri: "https://bofa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_benefits_task"
operations:
- name: create-task
method: POST
Workday Contractor Status Lookup
▼
hr workday contractor-management lookup
Retrieves contractor engagement status from Workday, returning contract end date, rate, and hiring manager.
naftiko: "0.5"
info:
label: "Workday Contractor Status Lookup"
description: "Retrieves contractor engagement status from Workday, returning contract end date, rate, and hiring manager."
tags:
- hr
- workday
- contractor-management
- lookup
capability:
exposes:
- type: mcp
namespace: contractor-ops
port: 8080
tools:
- name: get-contractor-status
description: "Given a contractor worker ID, return the contract end date, billing rate, and hiring manager name."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday contingent worker ID."
call: workday.get-contingent-worker
with:
Worker_ID: "{{worker_id}}"
outputParameters:
- name: end_date
type: string
mapping: "$.Worker.Contract_End_Date"
- name: billing_rate
type: number
mapping: "$.Worker.Bill_Rate"
- name: manager
type: string
mapping: "$.Worker.Manager_Name"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: contingent-workers
path: "/contingent-workers/{{Worker_ID}}"
operations:
- name: get-contingent-worker
method: GET
Workday Employee Profile Lookup
▼
banking hr workday employee-management lookup
Retrieves an employee profile from Workday by employee ID, returning name, department, title, and manager.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves an employee profile from Workday by employee ID, returning name, department, title, and manager."
tags:
- banking
- hr
- workday
- employee-management
- lookup
capability:
exposes:
- type: mcp
namespace: hr-ops
port: 8080
tools:
- name: get-employee-profile
description: "Given a Workday employee ID, return the employee full name, department, job title, and manager name."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-worker
with:
Worker_ID: "{{employee_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.Worker.Worker_Data.Personal_Data.Name_Data.Legal_Name"
- name: department
type: string
mapping: "$.Worker.Worker_Data.Organization_Data.Organization_Name"
- name: title
type: string
mapping: "$.Worker.Worker_Data.Job_Data.Position_Data.Business_Title"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: hr-ops
path: "/{{id}}"
operations:
- name: get-worker
method: GET
Workday Open Position Count Check
▼
banking hr workday talent-acquisition lookup
Queries Workday for open positions by department, returning count and average days open.
naftiko: "0.5"
info:
label: "Workday Open Position Count Check"
description: "Queries Workday for open positions by department, returning count and average days open."
tags:
- banking
- hr
- workday
- talent-acquisition
- lookup
capability:
exposes:
- type: mcp
namespace: ta-ops
port: 8080
tools:
- name: get-open-positions
description: "Given a department name, return the open position count and average days since posting."
inputParameters:
- name: department
in: body
type: string
description: "Department name."
call: workday.get-requisitions
with:
department: "{{department}}"
outputParameters:
- name: open_count
type: integer
mapping: "$.total"
- name: avg_days_open
type: number
mapping: "$.averageDaysOpen"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: ta-ops
path: "/{{id}}"
operations:
- name: get-requisitions
method: GET
Workday Performance Calibration Report
▼
banking hr performance-management workday snowflake
Generates a performance calibration report by pulling ratings from Workday, aggregating in Snowflake, and distributing to HR leadership via Teams.
naftiko: "0.5"
info:
label: "Workday Performance Calibration Report"
description: "Generates a performance calibration report by pulling ratings from Workday, aggregating in Snowflake, and distributing to HR leadership via Teams."
tags:
- banking
- hr
- performance-management
- workday
- snowflake
capability:
exposes:
- type: mcp
namespace: perf-ops
port: 8080
tools:
- name: generate-calibration-report
description: "Given a review cycle and business unit, pull ratings from Workday, aggregate in Snowflake, and post to HR leadership channel."
inputParameters:
- name: review_cycle
in: body
type: string
description: "Review cycle ID."
- name: business_unit
in: body
type: string
description: "Business unit."
- name: hr_channel_id
in: body
type: string
description: "HR Teams channel ID."
steps:
- name: get-ratings
type: call
call: workday.get-performance-data
with:
cycle: "{{review_cycle}}"
bu: "{{business_unit}}"
- name: aggregate
type: call
call: snowflake.aggregate-ratings
with:
cycle: "{{review_cycle}}"
bu: "{{business_unit}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{hr_channel_id}}"
text: "Calibration: {{business_unit}} — {{review_cycle}}. Exceeds: {{aggregate.exceeds_pct}}% | Meets: {{aggregate.meets_pct}}%"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/bofa/Performance_Management/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: reviews
path: "/performance-reviews"
operations:
- name: get-performance-data
method: GET
- type: http
namespace: snowflake
baseUri: "https://bofa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: aggregate-ratings
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Workday Performance Review Cycle Launch
▼
hr performance workday servicenow microsoft-teams
Initiates the annual performance review cycle in Workday for a given division, creates ServiceNow tracking tasks for HR, and notifies managers via Microsoft Teams.
naftiko: "0.5"
info:
label: "Workday Performance Review Cycle Launch"
description: "Initiates the annual performance review cycle in Workday for a given division, creates ServiceNow tracking tasks for HR, and notifies managers via Microsoft Teams."
tags:
- hr
- performance
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-performance
port: 8080
tools:
- name: launch-performance-review-cycle
description: "Given a department ID and review year, start the Workday performance review process, create ServiceNow HR tracking tasks, and notify managers in Teams."
inputParameters:
- name: department_id
in: body
type: string
description: "The Workday organization unit ID for the performance review cycle."
- name: review_year
in: body
type: string
description: "The performance review year, e.g. '2026'."
steps:
- name: initiate-review
type: call
call: "workday.initiate-review"
with:
department_id: "{{department_id}}"
review_period: "{{review_year}}"
- name: create-hr-task
type: call
call: "servicenow.create-task"
with:
short_description: "Performance review {{review_year}} — {{department_id}}"
assignment_group: "HR_Operations"
due_date: "{{initiate-review.deadline}}"
- name: notify-managers
type: call
call: "msteams.post-channel-message"
with:
channel: "hr-announcements"
message: "Performance review cycle {{review_year}} launched for department {{department_id}}. Complete reviews by {{initiate-review.deadline}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: performance-reviews
path: "/bankofamerica/performanceReviews"
operations:
- name: initiate-review
method: POST
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Workday Role Change Access Provisioning
▼
hr identity workday okta servicenow role-change access-management
When an employee undergoes a role change in Workday, updates their Okta group memberships to match the new role profile and creates a ServiceNow task to confirm access provisioning.
naftiko: "0.5"
info:
label: "Workday Role Change Access Provisioning"
description: "When an employee undergoes a role change in Workday, updates their Okta group memberships to match the new role profile and creates a ServiceNow task to confirm access provisioning."
tags:
- hr
- identity
- workday
- okta
- servicenow
- role-change
- access-management
capability:
exposes:
- type: mcp
namespace: hr-access
port: 8080
tools:
- name: sync-role-change-access
description: "Given a Workday worker ID, new role, and old role, update Okta group memberships for the employee and create a ServiceNow provisioning confirmation task."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID for the employee with the role change."
- name: new_role
in: body
type: string
description: "The new job role from the BofA role catalogue."
- name: old_role
in: body
type: string
description: "The previous job role for de-provisioning reference."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: update-okta-groups
type: call
call: "okta.update-user-groups"
with:
user_login: "{{get-worker.work_email}}"
add_group: "{{new_role}}"
remove_group: "{{old_role}}"
- name: create-task
type: call
call: "servicenow.create-task"
with:
short_description: "Role change access update: {{get-worker.full_name}} — {{old_role}} to {{new_role}}"
assignment_group: "IT_Access_Management"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bankofamerica/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://bankofamerica.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: user-groups
path: "/users/{{user_login}}/groups"
inputParameters:
- name: user_login
in: path
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: servicenow
baseUri: "https://bankofamerica.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Zendesk Support Ticket Lookup
▼
customer-service zendesk support lookup
Retrieves a Zendesk support ticket by ID, returning subject, status, priority, and assignee.
naftiko: "0.5"
info:
label: "Zendesk Support Ticket Lookup"
description: "Retrieves a Zendesk support ticket by ID, returning subject, status, priority, and assignee."
tags:
- customer-service
- zendesk
- support
- lookup
capability:
exposes:
- type: mcp
namespace: support-ops
port: 8080
tools:
- name: get-support-ticket
description: "Given a Zendesk ticket ID, return the subject, status, priority, and assigned agent name."
inputParameters:
- name: ticket_id
in: body
type: string
description: "Zendesk ticket ID."
call: zendesk.get-ticket
with:
ticketId: "{{ticket_id}}"
outputParameters:
- name: subject
type: string
mapping: "$.ticket.subject"
- name: status
type: string
mapping: "$.ticket.status"
- name: priority
type: string
mapping: "$.ticket.priority"
consumes:
- namespace: zendesk
type: http
baseUri: "https://bofa.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{ticketId}}"
operations:
- name: get-ticket
method: GET