Bosch Capabilities
Naftiko 0.5 capability definitions for Bosch - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Access Certification Campaign Orchestrator
▼
security okta snowflake jira
Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task.
naftiko: "0.5"
info:
label: "Access Certification Campaign Orchestrator"
description: "Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task."
tags:
- security
- okta
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: access-orchestrate
description: "Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "okta.get-user-groups"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
AI-Assisted Document Summarization
▼
ai automation anthropic microsoft-teams document-management
Accepts a document or text payload, sends it to Anthropic Claude for structured summarization, and posts the summary to a specified Microsoft Teams channel or email recipient.
naftiko: "0.5"
info:
label: "AI-Assisted Document Summarization"
description: "Accepts a document or text payload, sends it to Anthropic Claude for structured summarization, and posts the summary to a specified Microsoft Teams channel or email recipient."
tags:
- ai
- automation
- anthropic
- microsoft-teams
- document-management
capability:
exposes:
- type: mcp
namespace: ai-assist
port: 8080
tools:
- name: summarize-document
description: "Given a document text and target audience (e.g. executive, technical, legal), call Anthropic Claude to generate a structured summary tailored to the audience, then post the result to a Microsoft Teams channel. Use to accelerate review of engineering specs, procurement documents, or legal agreements."
inputParameters:
- name: document_text
in: body
type: string
description: "The full text content of the document to summarize."
- name: audience
in: body
type: string
description: "Target audience for the summary: executive, technical, or legal."
- name: recipient_upn
in: body
type: string
description: "UPN of the recipient to send the summary to via Microsoft Teams."
steps:
- name: generate-summary
type: call
call: "anthropic.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 1024
system: "You are a document summarization assistant for Bosch. Produce a concise, structured summary for a {{audience}} audience."
user_message: "{{document_text}}"
- name: send-summary
type: call
call: "msteams-ai.send-message"
with:
recipient_upn: "{{recipient_upn}}"
text: "Document Summary ({{audience}} audience):\n\n{{generate-summary.content}}"
consumes:
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: msteams-ai
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
AI-Powered ServiceNow Ticket Triage
▼
ai itsm incident-response anthropic servicenow microsoft-teams
When a new ServiceNow incident arrives without assignment, uses Anthropic Claude to classify the issue category and recommended assignment group, then updates the ticket and notifies the assigned team in Microsoft Teams.
naftiko: "0.5"
info:
label: "AI-Powered ServiceNow Ticket Triage"
description: "When a new ServiceNow incident arrives without assignment, uses Anthropic Claude to classify the issue category and recommended assignment group, then updates the ticket and notifies the assigned team in Microsoft Teams."
tags:
- ai
- itsm
- incident-response
- anthropic
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ai-triage
port: 8080
tools:
- name: triage-incident-with-ai
description: "Given a ServiceNow incident number, retrieve the incident description, send it to Anthropic Claude for category classification and assignment group recommendation, then update the incident and notify the recommended group in Microsoft Teams."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number to triage, e.g. INC0012345."
steps:
- name: get-incident
type: call
call: "servicenow-triage.get-incident"
with:
number: "{{incident_number}}"
- name: classify-incident
type: call
call: "anthropic-triage.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 256
system: "You are an ITSM triage assistant for Bosch. Given an incident description, respond with JSON containing category (string) and assignment_group (string) only."
user_message: "Incident: {{get-incident.short_description}}\n\nDescription: {{get-incident.description}}"
- name: update-incident
type: call
call: "servicenow-triage.update-incident"
with:
number: "{{incident_number}}"
category: "{{classify-incident.category}}"
assignment_group: "{{classify-incident.assignment_group}}"
work_notes: "AI triage classification applied. Recommended category: {{classify-incident.category}}, group: {{classify-incident.assignment_group}}."
consumes:
- type: http
namespace: servicenow-triage
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{number}}"
inputParameters:
- name: number
in: path
operations:
- name: get-incident
method: GET
- name: update-incident
method: PATCH
- type: http
namespace: anthropic-triage
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
APM Latency Alert Handler
▼
monitoring datadog jira microsoft-teams
When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams.
naftiko: "0.5"
info:
label: "APM Latency Alert Handler"
description: "When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams."
tags:
- monitoring
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: apm-orchestrate
description: "When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "datadog.get-monitor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Azure AD User Lookup
▼
identity azure microsoft-graph
Retrieves an Azure AD user profile by UPN.
naftiko: "0.5"
info:
label: "Azure AD User Lookup"
description: "Retrieves an Azure AD user profile by UPN."
tags:
- identity
- azure
- microsoft-graph
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-azure-ad-user
description: "Retrieves an Azure AD user profile by UPN."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "msgraph.get-user"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: get-user
path: "/users/{{{{upn}}}}"
operations:
- name: get-user
method: GET
Azure Resource Group Cost Lookup
▼
cloud azure cost-management
Retrieves the current month cost summary for an Azure resource group.
naftiko: "0.5"
info:
label: "Azure Resource Group Cost Lookup"
description: "Retrieves the current month cost summary for an Azure resource group."
tags:
- cloud
- azure
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: get-resource-group-cost
description: "Retrieves the current month cost summary for an Azure resource group."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "azure.get-cost-summary"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: get-cost-summary
path: "/subscriptions/{{{{subscription_id}}}}/resourceGroups/{{{{resource_group}}}}/providers/Microsoft.CostManagement/query"
operations:
- name: get-cost-summary
method: POST
Azure Resource Provisioning Request
▼
cloud infrastructure azure terraform jira microsoft-teams
Accepts a cloud resource provisioning request from Jira, validates quota in Azure, applies infrastructure via Terraform Cloud, and posts completion status to the requesting team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Azure Resource Provisioning Request"
description: "Accepts a cloud resource provisioning request from Jira, validates quota in Azure, applies infrastructure via Terraform Cloud, and posts completion status to the requesting team in Microsoft Teams."
tags:
- cloud
- infrastructure
- azure
- terraform
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cloud-provisioning
port: 8080
tools:
- name: provision-azure-resource
description: "Given a Jira provisioning request ticket, resource type, and Azure subscription ID, trigger a Terraform Cloud workspace run to provision the resource and update the Jira ticket with the result."
inputParameters:
- name: jira_ticket
in: body
type: string
description: "Jira issue key for the provisioning request, e.g. INFRA-1234."
- name: workspace_name
in: body
type: string
description: "Terraform Cloud workspace name to run for provisioning."
- name: subscription_id
in: body
type: string
description: "Azure subscription ID to provision resources into."
steps:
- name: trigger-terraform-run
type: call
call: "terraform.create-run"
with:
workspace_name: "{{workspace_name}}"
message: "Provisioning triggered by Jira {{jira_ticket}}"
- name: update-jira-ticket
type: call
call: "jira-infra.update-issue"
with:
issueKey: "{{jira_ticket}}"
status: "In Progress"
comment: "Terraform Cloud run {{trigger-terraform-run.id}} started for workspace {{workspace_name}} in Azure subscription {{subscription_id}}."
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: create-run
method: POST
- type: http
namespace: jira-infra
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issueKey}}"
inputParameters:
- name: issueKey
in: path
operations:
- name: update-issue
method: PUT
Backlog Grooming Summary Generator
▼
devops jira confluence microsoft-teams
Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams.
naftiko: "0.5"
info:
label: "Backlog Grooming Summary Generator"
description: "Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams."
tags:
- devops
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: backlog-orchestrate
description: "Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "jira.create-issue"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "confluence.create-page"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: confluence
baseUri: "https://bosch.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Benefits Enrollment Verification
▼
hr workday sap microsoft-teams
Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation.
naftiko: "0.5"
info:
label: "Benefits Enrollment Verification"
description: "Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation."
tags:
- hr
- workday
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: benefits-orchestrate
description: "Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
BI Refresh Failure Escalation
▼
analytics power-bi jira microsoft-teams
Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification.
naftiko: "0.5"
info:
label: "BI Refresh Failure Escalation"
description: "Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification."
tags:
- analytics
- power-bi
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: bi-orchestrate
description: "Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Branch Policy Enforcement Orchestrator
▼
devops github servicenow microsoft-teams
Audits GitHub repos for branch protection, applies policies, and reports via Teams.
naftiko: "0.5"
info:
label: "Branch Policy Enforcement Orchestrator"
description: "Audits GitHub repos for branch protection, applies policies, and reports via Teams."
tags:
- devops
- github
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: branch-orchestrate
description: "Audits GitHub repos for branch protection, applies policies, and reports via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
CI/CD Pipeline Failure Response
▼
devops ci-cd github jira datadog microsoft-teams incident-response
When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts a Datadog event marker, and alerts the engineering channel in Microsoft Teams.
naftiko: "0.5"
info:
label: "CI/CD Pipeline Failure Response"
description: "When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts a Datadog event marker, and alerts the engineering channel in Microsoft Teams."
tags:
- devops
- ci-cd
- github
- jira
- datadog
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: devops-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions workflow run failure, create a Datadog event marker, open a Jira bug for the engineering team, and post an alert to the Microsoft Teams engineering channel. Use this to automate post-failure triage."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository name in owner/repo format."
- name: workflow_name
in: body
type: string
description: "The name of the failed GitHub Actions workflow."
- name: branch
in: body
type: string
description: "The branch on which the failure occurred."
- name: run_id
in: body
type: string
description: "The GitHub Actions run ID of the failed workflow."
- name: commit_sha
in: body
type: string
description: "The commit SHA that triggered the failed run."
steps:
- name: create-datadog-event
type: call
call: "datadog.create-event"
with:
title: "CI Failure: {{workflow_name}} on {{branch}}"
text: "Repository: {{repo_name}} | Commit: {{commit_sha}} | Run: {{run_id}}"
alert_type: "error"
tags: "env:ci,repo:{{repo_name}}"
- name: create-jira-bug
type: call
call: "jira-devops.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{repo_name}} / {{branch}} — {{workflow_name}}"
description: "Pipeline failure on branch {{branch}}. Commit: {{commit_sha}}. Run ID: {{run_id}}. Datadog event: {{create-datadog-event.id}}."
- name: notify-engineering
type: call
call: "msteams-devops.post-channel-message"
with:
channel_id: "$secrets.teams_engineering_channel_id"
text: "Pipeline Failure: {{repo_name}} | Branch: {{branch}} | Workflow: {{workflow_name}} | Jira: {{create-jira-bug.key}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira-devops
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-devops
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Cloud Cost Review Orchestrator
▼
finops azure snowflake jira microsoft-teams
Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams.
naftiko: "0.5"
info:
label: "Cloud Cost Review Orchestrator"
description: "Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams."
tags:
- finops
- azure
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: cloud-orchestrate
description: "Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Compensation Change Approval Workflow
▼
hr workday sap microsoft-teams
Processes compensation change with Workday data, SAP budget check, and Teams approval notification.
naftiko: "0.5"
info:
label: "Compensation Change Approval Workflow"
description: "Processes compensation change with Workday data, SAP budget check, and Teams approval notification."
tags:
- hr
- workday
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: compensation-orchestrate
description: "Processes compensation change with Workday data, SAP budget check, and Teams approval notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Compliance Report Generator
▼
compliance splunk snowflake power-bi
Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report.
naftiko: "0.5"
info:
label: "Compliance Report Generator"
description: "Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report."
tags:
- compliance
- splunk
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: compliance
port: 8080
tools:
- name: compliance-orchestrate
description: "Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "splunk.run-search"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.bosch.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
Confluence Knowledge Base Article Publication
▼
knowledge-management jira confluence microsoft-teams documentation
When a Jira story is resolved with documentation required, creates a Confluence knowledge base article from the resolution notes and notifies the documentation team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Confluence Knowledge Base Article Publication"
description: "When a Jira story is resolved with documentation required, creates a Confluence knowledge base article from the resolution notes and notifies the documentation team in Microsoft Teams."
tags:
- knowledge-management
- jira
- confluence
- microsoft-teams
- documentation
capability:
exposes:
- type: mcp
namespace: knowledge-ops
port: 8080
tools:
- name: publish-kb-article
description: "Given a Jira issue key and Confluence space key, retrieve the Jira resolution notes and create a Confluence knowledge base article with the content, then notify the documentation team in Microsoft Teams."
inputParameters:
- name: jira_issue_key
in: body
type: string
description: "Jira issue key whose resolution notes will become the KB article."
- name: confluence_space_key
in: body
type: string
description: "Confluence space key where the article will be published."
- name: parent_page_id
in: body
type: string
description: "Confluence parent page ID under which the article is created."
steps:
- name: get-jira-issue
type: call
call: "jira-kb.get-issue"
with:
issueKey: "{{jira_issue_key}}"
- name: create-confluence-page
type: call
call: "confluence.create-page"
with:
spaceKey: "{{confluence_space_key}}"
parentId: "{{parent_page_id}}"
title: "KB: {{get-jira-issue.fields.summary}}"
body: "{{get-jira-issue.fields.resolution.description}}"
- name: notify-doc-team
type: call
call: "msteams-kb.send-message"
with:
recipient_upn: "documentation@bosch.com"
text: "KB article published from Jira {{jira_issue_key}}: '{{get-jira-issue.fields.summary}}'. Confluence page ID: {{create-confluence-page.id}}."
consumes:
- type: http
namespace: jira-kb
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issueKey}}"
inputParameters:
- name: issueKey
in: path
operations:
- name: get-issue
method: GET
- type: http
namespace: confluence
baseUri: "https://bosch.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams-kb
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Confluence Page Lookup
▼
knowledge-management confluence documentation
Retrieves a Confluence page by ID.
naftiko: "0.5"
info:
label: "Confluence Page Lookup"
description: "Retrieves a Confluence page by ID."
tags:
- knowledge-management
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: knowledge
port: 8080
tools:
- name: get-confluence-page
description: "Retrieves a Confluence page by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "confluence.get-page"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: confluence
baseUri: "https://bosch.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: get-page
path: "/content/{{{{page_id}}}}?expand=body.storage,version"
operations:
- name: get-page
method: GET
Contract Milestone Billing Workflow
▼
finance sap microsoft-teams
Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams.
naftiko: "0.5"
info:
label: "Contract Milestone Billing Workflow"
description: "Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams."
tags:
- finance
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: contract-orchestrate
description: "Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Contract Renewal Alert Workflow
▼
sales salesforce snowflake jira
Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task.
naftiko: "0.5"
info:
label: "Contract Renewal Alert Workflow"
description: "Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task."
tags:
- sales
- salesforce
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: sales
port: 8080
tools:
- name: contract-orchestrate
description: "Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "salesforce.get-opportunity"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: get-opportunity
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Contractor Access Provisioning Workflow
▼
security azure okta servicenow
Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket.
naftiko: "0.5"
info:
label: "Contractor Access Provisioning Workflow"
description: "Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket."
tags:
- security
- azure
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: contractor-orchestrate
description: "Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
CrowdStrike Endpoint Status Lookup
▼
security crowdstrike endpoint
Queries CrowdStrike Falcon for endpoint details by device ID.
naftiko: "0.5"
info:
label: "CrowdStrike Endpoint Status Lookup"
description: "Queries CrowdStrike Falcon for endpoint details by device ID."
tags:
- security
- crowdstrike
- endpoint
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: get-endpoint-status
description: "Queries CrowdStrike Falcon for endpoint details by device ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "crowdstrike.get-device"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: get-device
path: "/devices/entities/devices/v2?ids={{{{device_id}}}}"
operations:
- name: get-device
method: GET
Customer Support Ticket Escalation
▼
itsm customer-support servicenow jira microsoft-teams escalation
When a ServiceNow customer support case exceeds its SLA threshold, escalates by creating a Jira escalation issue, notifying the responsible team in Microsoft Teams, and updating the case priority.
naftiko: "0.5"
info:
label: "Customer Support Ticket Escalation"
description: "When a ServiceNow customer support case exceeds its SLA threshold, escalates by creating a Jira escalation issue, notifying the responsible team in Microsoft Teams, and updating the case priority."
tags:
- itsm
- customer-support
- servicenow
- jira
- microsoft-teams
- escalation
capability:
exposes:
- type: mcp
namespace: support-escalation
port: 8080
tools:
- name: escalate-support-case
description: "Given a ServiceNow case number and breach reason, update the case priority to Critical, create a Jira escalation issue, and alert the support lead in Microsoft Teams. Use this when an SLA is breached or a customer escalation is received."
inputParameters:
- name: case_number
in: body
type: string
description: "The ServiceNow case or incident number to escalate."
- name: breach_reason
in: body
type: string
description: "Short description of why the case is being escalated."
- name: team_lead_upn
in: body
type: string
description: "UPN of the support team lead to notify in Microsoft Teams."
steps:
- name: update-case-priority
type: call
call: "servicenow-escalate.update-incident"
with:
number: "{{case_number}}"
priority: "1"
escalation: "1"
- name: create-jira-issue
type: call
call: "jira.create-issue"
with:
project_key: "SUPPORT"
issuetype: "Bug"
summary: "[Escalation] ServiceNow {{case_number}}: {{breach_reason}}"
priority: "Critical"
- name: notify-team-lead
type: call
call: "msteams-escalate.send-message"
with:
recipient_upn: "{{team_lead_upn}}"
text: "SLA Breach Escalation: Case {{case_number}} escalated to Critical. Jira issue: {{create-jira-issue.key}}. Reason: {{breach_reason}}."
consumes:
- type: http
namespace: servicenow-escalate
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{number}}"
inputParameters:
- name: number
in: path
operations:
- name: update-incident
method: PATCH
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-escalate
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Data Quality Alert Workflow
▼
data snowflake servicenow microsoft-teams
Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams.
naftiko: "0.5"
info:
label: "Data Quality Alert Workflow"
description: "Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams."
tags:
- data
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data
port: 8080
tools:
- name: data-orchestrate
description: "Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Datadog Infrastructure Cost Anomaly Responder
▼
cloud observability cost-management datadog azure servicenow microsoft-teams
When Datadog detects an anomalous infrastructure metric spike on Azure, creates a ServiceNow change request for investigation and notifies the cloud team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Cost Anomaly Responder"
description: "When Datadog detects an anomalous infrastructure metric spike on Azure, creates a ServiceNow change request for investigation and notifies the cloud team in Microsoft Teams."
tags:
- cloud
- observability
- cost-management
- datadog
- azure
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cloud-ops
port: 8080
tools:
- name: respond-to-cost-anomaly
description: "Given a Datadog anomaly alert ID, resource group, and cost deviation, create a ServiceNow change request for investigation and notify the cloud platform team in Microsoft Teams. Use when Azure spend deviates significantly from forecast."
inputParameters:
- name: anomaly_alert_id
in: body
type: string
description: "The Datadog anomaly detection alert ID."
- name: resource_group
in: body
type: string
description: "The Azure resource group exhibiting the cost anomaly."
- name: deviation_percentage
in: body
type: number
description: "Percentage deviation from expected cost baseline."
steps:
- name: get-anomaly-details
type: call
call: "datadog-cloud.get-monitor"
with:
monitor_id: "{{anomaly_alert_id}}"
- name: create-change-request
type: call
call: "servicenow-cloud.create-change"
with:
short_description: "Cloud cost anomaly: {{resource_group}} ({{deviation_percentage}}% deviation)"
category: "infrastructure"
risk: "medium"
description: "Datadog anomaly {{anomaly_alert_id}} detected on Azure resource group {{resource_group}}. Cost deviation: {{deviation_percentage}}%."
- name: notify-cloud-team
type: call
call: "msteams-cloud.post-channel-message"
with:
channel_id: "$secrets.teams_cloud_channel_id"
text: "Cost Anomaly Detected: Resource Group {{resource_group}} | Deviation: {{deviation_percentage}}% | Change Request: {{create-change-request.number}}"
consumes:
- type: http
namespace: datadog-cloud
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow-cloud
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams-cloud
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Datadog Service Health Check
▼
monitoring datadog observability
Queries Datadog for the current health status of a monitored service.
naftiko: "0.5"
info:
label: "Datadog Service Health Check"
description: "Queries Datadog for the current health status of a monitored service."
tags:
- monitoring
- datadog
- observability
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: "Queries Datadog for the current health status of a monitored service."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "datadog.get-monitor"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: get-monitor
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Delivery Schedule Monitor and Alert
▼
logistics sap jira microsoft-teams
Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams.
naftiko: "0.5"
info:
label: "Delivery Schedule Monitor and Alert"
description: "Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams."
tags:
- logistics
- sap
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: delivery-orchestrate
description: "Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Dependabot to Jira Task Bridge
▼
devops github jira microsoft-teams
Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams.
naftiko: "0.5"
info:
label: "Dependabot to Jira Task Bridge"
description: "Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams."
tags:
- devops
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: dependabot-orchestrate
description: "Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Device Compliance Remediation
▼
security crowdstrike servicenow microsoft-teams
Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams.
naftiko: "0.5"
info:
label: "Device Compliance Remediation"
description: "Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams."
tags:
- security
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: device-orchestrate
description: "Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "crowdstrike.get-device"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Employee Offboarding Workflow
▼
hr offboarding sap-successfactors okta servicenow microsoft-teams
When an employee termination is initiated in SAP SuccessFactors, suspends Okta access, creates a ServiceNow offboarding ticket, and notifies the manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "Employee Offboarding Workflow"
description: "When an employee termination is initiated in SAP SuccessFactors, suspends Okta access, creates a ServiceNow offboarding ticket, and notifies the manager via Microsoft Teams."
tags:
- hr
- offboarding
- sap-successfactors
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-employee-offboarding
description: "Given a SAP SuccessFactors employee ID and termination date, suspend the employee's Okta account, open a ServiceNow offboarding task, and notify the manager in Microsoft Teams."
inputParameters:
- name: employee_id
in: body
type: string
description: "The SAP SuccessFactors employee ID of the departing employee."
- name: termination_date
in: body
type: string
description: "The last working day in ISO 8601 format."
- name: manager_upn
in: body
type: string
description: "UPN of the employee's manager for Teams notification."
steps:
- name: get-employee
type: call
call: "successfactors-lookup.get-employee"
with:
userId: "{{employee_id}}"
- name: suspend-okta-user
type: call
call: "okta-offboard.suspend-user"
with:
userId: "{{get-employee.okta_id}}"
- name: create-offboarding-ticket
type: call
call: "servicenow-offboard.create-task"
with:
short_description: "Employee offboarding: {{get-employee.firstName}} {{get-employee.lastName}}"
category: "hr_offboarding"
assignment_group: "IT_Offboarding"
due_date: "{{termination_date}}"
- name: notify-manager
type: call
call: "msteams-offboard.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "Offboarding initiated for {{get-employee.firstName}} {{get-employee.lastName}} (last day: {{termination_date}}). ServiceNow task: {{create-offboarding-ticket.number}}."
consumes:
- type: http
namespace: successfactors-lookup
baseUri: "https://api4.successfactors.com/odata/v2"
authentication:
type: bearer
token: "$secrets.successfactors_token"
resources:
- name: employees
path: "/User('{{userId}}')"
inputParameters:
- name: userId
in: path
operations:
- name: get-employee
method: GET
- type: http
namespace: okta-offboard
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: user-lifecycle
path: "/users/{{userId}}/lifecycle/suspend"
inputParameters:
- name: userId
in: path
operations:
- name: suspend-user
method: POST
- type: http
namespace: servicenow-offboard
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams-offboard
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Employee Onboarding Orchestrator
▼
hr onboarding sap-successfactors servicenow okta microsoft-teams
When a new hire is created in SAP SuccessFactors, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Microsoft Teams welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "When a new hire is created in SAP SuccessFactors, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Microsoft Teams welcome message."
tags:
- hr
- onboarding
- sap-successfactors
- servicenow
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-employee-onboarding
description: "Given a SAP SuccessFactors employee ID and start date, orchestrate the full onboarding sequence: fetch employee profile, open a ServiceNow IT onboarding ticket, provision Okta access, and send a Microsoft Teams welcome message."
inputParameters:
- name: employee_id
in: body
type: string
description: "The SAP SuccessFactors employee ID for the new hire."
- name: start_date
in: body
type: string
description: "The employee start date in ISO 8601 format, e.g. 2026-04-01."
steps:
- name: get-employee
type: call
call: "successfactors.get-employee"
with:
userId: "{{employee_id}}"
- name: create-onboarding-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-employee.firstName}} {{get-employee.lastName}}"
category: "hr_onboarding"
assignment_group: "IT_Onboarding"
- name: provision-okta
type: call
call: "okta.create-user"
with:
firstName: "{{get-employee.firstName}}"
lastName: "{{get-employee.lastName}}"
email: "{{get-employee.email}}"
department: "{{get-employee.department}}"
- name: send-teams-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-employee.email}}"
text: "Welcome to Bosch, {{get-employee.firstName}}! Your IT onboarding ticket is {{create-onboarding-ticket.number}}. Starting {{start_date}}."
consumes:
- type: http
namespace: successfactors
baseUri: "https://api4.successfactors.com/odata/v2"
authentication:
type: bearer
token: "$secrets.successfactors_token"
resources:
- name: employees
path: "/User('{{userId}}')"
inputParameters:
- name: userId
in: path
operations:
- name: get-employee
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
ETL Failure Recovery Workflow
▼
data snowflake jira microsoft-teams
Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams.
naftiko: "0.5"
info:
label: "ETL Failure Recovery Workflow"
description: "Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams."
tags:
- data
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data
port: 8080
tools:
- name: etl-orchestrate
description: "Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Financial Period Close Checklist
▼
finance period-close sap-s4hana microsoft-teams reporting
At the start of each financial period close, retrieves open items from SAP S/4HANA and posts a structured close checklist to Microsoft Teams for the finance team.
naftiko: "0.5"
info:
label: "Financial Period Close Checklist"
description: "At the start of each financial period close, retrieves open items from SAP S/4HANA and posts a structured close checklist to Microsoft Teams for the finance team."
tags:
- finance
- period-close
- sap-s4hana
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: finance-close
port: 8080
tools:
- name: trigger-period-close-checklist
description: "Given a fiscal period and company code, retrieve open journal entries and unposted items from SAP S/4HANA and post a period-close checklist summary to the finance Microsoft Teams channel."
inputParameters:
- name: fiscal_period
in: body
type: string
description: "The fiscal period in YYYYMM format, e.g. 202603."
- name: company_code
in: body
type: string
description: "SAP company code for Bosch entity, e.g. 0001."
steps:
- name: get-open-items
type: call
call: "sap-s4-close.get-open-items"
with:
CompanyCode: "{{company_code}}"
FiscalPeriod: "{{fiscal_period}}"
- name: post-checklist
type: call
call: "msteams-close.send-message"
with:
recipient_upn: "finance-close@bosch.com"
text: "Period Close Checklist — Period: {{fiscal_period}} | Company: {{company_code}} | Open items: {{get-open-items.count}}. Please review and post all pending entries."
consumes:
- type: http
namespace: sap-s4-close
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_JOURNALENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: open-items
path: "/A_JournalEntry"
inputParameters:
- name: CompanyCode
in: query
- name: FiscalPeriod
in: query
operations:
- name: get-open-items
method: GET
- type: http
namespace: msteams-close
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Firewall Policy Change Approval
▼
security palo-alto-networks servicenow microsoft-teams
Submits firewall policy change, creates ServiceNow change, and notifies security via Teams.
naftiko: "0.5"
info:
label: "Firewall Policy Change Approval"
description: "Submits firewall policy change, creates ServiceNow change, and notifies security via Teams."
tags:
- security
- palo-alto-networks
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: firewall-orchestrate
description: "Submits firewall policy change, creates ServiceNow change, and notifies security via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "paloalto.get-security-rule"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.bosch.com/restapi/v10.2"
authentication:
type: bearer
token: "$secrets.paloalto_token"
resources:
- name: security-rules
path: "/Policies/SecurityRules"
operations:
- name: get-security-rule
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
GitHub Deployment Notification
▼
devops ci-cd github datadog microsoft-teams deployment
When a GitHub Actions deployment to production completes successfully, creates a Datadog deployment marker and sends a release notification to the product team in Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub Deployment Notification"
description: "When a GitHub Actions deployment to production completes successfully, creates a Datadog deployment marker and sends a release notification to the product team in Microsoft Teams."
tags:
- devops
- ci-cd
- github
- datadog
- microsoft-teams
- deployment
capability:
exposes:
- type: mcp
namespace: deployment-notify
port: 8080
tools:
- name: notify-successful-deployment
description: "Given a GitHub repository, deployment ID, environment, and version tag, create a Datadog deployment marker for observability and send a formatted release notification to the Microsoft Teams product channel."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: deployment_id
in: body
type: string
description: "GitHub deployment ID."
- name: environment
in: body
type: string
description: "Deployment target environment, e.g. production."
- name: version_tag
in: body
type: string
description: "Release version tag, e.g. v2.4.1."
steps:
- name: create-deployment-marker
type: call
call: "datadog-deploy.create-event"
with:
title: "Deployment: {{repo_name}} {{version_tag}} to {{environment}}"
text: "Repository: {{repo_name}} | Version: {{version_tag}} | Environment: {{environment}} | Deployment ID: {{deployment_id}}"
alert_type: "success"
tags: "env:{{environment}},version:{{version_tag}}"
- name: notify-product-team
type: call
call: "msteams-deploy.post-channel-message"
with:
channel_id: "$secrets.teams_releases_channel_id"
text: "Deployment Successful: {{repo_name}} {{version_tag}} deployed to {{environment}}. Datadog marker: {{create-deployment-marker.id}}."
consumes:
- type: http
namespace: datadog-deploy
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: msteams-deploy
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
GitHub PR Security Review Orchestrator
▼
devops github crowdstrike
Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary.
naftiko: "0.5"
info:
label: "GitHub PR Security Review Orchestrator"
description: "Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary."
tags:
- devops
- github
- crowdstrike
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: github-orchestrate
description: "Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
GitHub Repository Compliance Check
▼
devops github compliance
Checks a GitHub repository for branch protection compliance.
naftiko: "0.5"
info:
label: "GitHub Repository Compliance Check"
description: "Checks a GitHub repository for branch protection compliance."
tags:
- devops
- github
- compliance
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: check-repo-compliance
description: "Checks a GitHub repository for branch protection compliance."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "github.get-branch-protection"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: get-branch-protection
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
GitHub Repository Security Policy Audit
▼
security devops github jira compliance
Scans GitHub repositories for missing branch protection rules and secret scanning settings, and creates Jira audit tickets for non-compliant repositories.
naftiko: "0.5"
info:
label: "GitHub Repository Security Policy Audit"
description: "Scans GitHub repositories for missing branch protection rules and secret scanning settings, and creates Jira audit tickets for non-compliant repositories."
tags:
- security
- devops
- github
- jira
- compliance
capability:
exposes:
- type: mcp
namespace: repo-audit
port: 8080
tools:
- name: audit-repo-security-policy
description: "Given a GitHub organization name and repository name, check branch protection rules and secret scanning enablement, then create a Jira compliance ticket if the repository is non-compliant with Bosch security policy."
inputParameters:
- name: org_name
in: body
type: string
description: "GitHub organization name."
- name: repo_name
in: body
type: string
description: "GitHub repository name to audit."
- name: default_branch
in: body
type: string
description: "The default branch to check for protection rules, e.g. main."
steps:
- name: get-branch-protection
type: call
call: "github-audit.get-branch-protection"
with:
owner: "{{org_name}}"
repo: "{{repo_name}}"
branch: "{{default_branch}}"
- name: create-compliance-ticket
type: call
call: "jira-audit.create-issue"
with:
project_key: "SEC"
issuetype: "Task"
summary: "Security Policy Audit: {{org_name}}/{{repo_name}}"
description: "Branch protection status for {{default_branch}} reviewed. Required checks: {{get-branch-protection.required_status_checks}}. Enforce admins: {{get-branch-protection.enforce_admins}}. Remediate any missing controls."
consumes:
- type: http
namespace: github-audit
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branch-protection
path: "/repos/{{owner}}/{{repo}}/branches/{{branch}}/protection"
inputParameters:
- name: owner
in: path
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: jira-audit
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
GitHub Security Vulnerability Alert Triage
▼
security devops github jira datadog microsoft-teams
When a critical Dependabot or code scanning alert is raised in GitHub, creates a Jira security issue, updates Datadog with a vulnerability event, and notifies the security team in Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub Security Vulnerability Alert Triage"
description: "When a critical Dependabot or code scanning alert is raised in GitHub, creates a Jira security issue, updates Datadog with a vulnerability event, and notifies the security team in Microsoft Teams."
tags:
- security
- devops
- github
- jira
- datadog
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: triage-security-alert
description: "Given a GitHub repository and security alert number, fetch the alert details, create a Jira security ticket, post a Datadog security event, and notify the security team via Microsoft Teams."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: alert_number
in: body
type: integer
description: "The GitHub Dependabot or code scanning alert number."
- name: severity
in: body
type: string
description: "Alert severity: critical, high, medium, or low."
steps:
- name: get-alert
type: call
call: "github.get-dependabot-alert"
with:
repo: "{{repo_name}}"
alert_number: "{{alert_number}}"
- name: create-security-ticket
type: call
call: "jira-security.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "[Security] {{severity}} vulnerability in {{repo_name}}: {{get-alert.security_advisory.summary}}"
priority: "{{severity}}"
- name: post-security-event
type: call
call: "datadog-security.create-event"
with:
title: "Security Alert: {{repo_name}} — {{severity}}"
text: "CVE: {{get-alert.security_advisory.cve_id}} | Package: {{get-alert.dependency.package.name}} | Jira: {{create-security-ticket.key}}"
alert_type: "warning"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dependabot-alerts
path: "/repos/{{repo}}/dependabot/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: jira-security
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog-security
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
Goods Receipt to Quality Inspection
▼
logistics sap servicenow microsoft-teams
Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams.
naftiko: "0.5"
info:
label: "Goods Receipt to Quality Inspection"
description: "Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams."
tags:
- logistics
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: goods-orchestrate
description: "Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Headcount Forecast Report Generator
▼
hr snowflake power-bi microsoft-teams
Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams.
naftiko: "0.5"
info:
label: "Headcount Forecast Report Generator"
description: "Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams."
tags:
- hr
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: headcount-orchestrate
description: "Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Incident to Problem Escalation Workflow
▼
itsm servicenow splunk jira
Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks.
naftiko: "0.5"
info:
label: "Incident to Problem Escalation Workflow"
description: "Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks."
tags:
- itsm
- servicenow
- splunk
- jira
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: incident-orchestrate
description: "Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "splunk.run-search"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.bosch.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Intercompany Transfer Orchestrator
▼
logistics sap snowflake microsoft-teams
Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams.
naftiko: "0.5"
info:
label: "Intercompany Transfer Orchestrator"
description: "Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams."
tags:
- logistics
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: intercompany-orchestrate
description: "Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Invoice Three-Way Match Orchestrator
▼
finance sap servicenow
Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow.
naftiko: "0.5"
info:
label: "Invoice Three-Way Match Orchestrator"
description: "Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow."
tags:
- finance
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: invoice-orchestrate
description: "Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
IoT Device Anomaly Alert and Work Order
▼
iot manufacturing azure sap-pm microsoft-teams field-service
When a connected Bosch IoT device reports an anomalous sensor reading via Azure IoT Hub, creates a SAP PM work order and notifies the field service team in Microsoft Teams.
naftiko: "0.5"
info:
label: "IoT Device Anomaly Alert and Work Order"
description: "When a connected Bosch IoT device reports an anomalous sensor reading via Azure IoT Hub, creates a SAP PM work order and notifies the field service team in Microsoft Teams."
tags:
- iot
- manufacturing
- azure
- sap-pm
- microsoft-teams
- field-service
capability:
exposes:
- type: mcp
namespace: iot-ops
port: 8080
tools:
- name: handle-iot-anomaly
description: "Given an IoT device ID, sensor type, anomaly value, and plant code, create a SAP PM work order for field service inspection and notify the field service manager in Microsoft Teams. Use when connected device sensor readings cross defined thresholds."
inputParameters:
- name: device_id
in: body
type: string
description: "The Azure IoT Hub device ID reporting the anomaly."
- name: sensor_type
in: body
type: string
description: "Type of sensor reporting anomaly: temperature, vibration, pressure, etc."
- name: anomaly_value
in: body
type: string
description: "The anomalous sensor reading value with unit."
- name: plant_code
in: body
type: string
description: "SAP plant code associated with the device location."
- name: manager_upn
in: body
type: string
description: "UPN of the field service manager to notify."
steps:
- name: create-wo
type: call
call: "sap-pm-iot.create-work-order"
with:
Equipment: "{{device_id}}"
MaintenanceActivityType: "predictive"
MaintPlant: "{{plant_code}}"
MaintenanceOrderDesc: "IoT anomaly: {{sensor_type}} reading {{anomaly_value}} on device {{device_id}}"
- name: notify-field-service
type: call
call: "msteams-iot.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "IoT Anomaly Detected: Device {{device_id}} | Sensor: {{sensor_type}} | Value: {{anomaly_value}} | Plant: {{plant_code}} | SAP WO: {{create-wo.MaintenanceOrder}}. Field inspection required."
consumes:
- type: http
namespace: sap-pm-iot
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_MAINTENANCEORDER_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: work-orders
path: "/MaintenanceOrder"
operations:
- name: create-work-order
method: POST
- type: http
namespace: msteams-iot
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Jira Issue Detail Lookup
▼
devops jira project-management
Retrieves a Jira issue by key, returning summary, status, and assignee.
naftiko: "0.5"
info:
label: "Jira Issue Detail Lookup"
description: "Retrieves a Jira issue by key, returning summary, status, and assignee."
tags:
- devops
- jira
- project-management
capability:
exposes:
- type: mcp
namespace: project-management
port: 8080
tools:
- name: get-jira-issue
description: "Retrieves a Jira issue by key, returning summary, status, and assignee."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "jira.get-issue"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: get-issue
path: "/issue/{{{{issue_key}}}}"
operations:
- name: get-issue
method: GET
Jira Sprint Velocity and Quality Report
▼
devops engineering jira datadog microsoft-teams reporting
At the end of each sprint, computes velocity and bug density from Jira, queries Datadog for deployment frequency, and publishes an engineering health digest to Microsoft Teams.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity and Quality Report"
description: "At the end of each sprint, computes velocity and bug density from Jira, queries Datadog for deployment frequency, and publishes an engineering health digest to Microsoft Teams."
tags:
- devops
- engineering
- jira
- datadog
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: engineering-reporting
port: 8080
tools:
- name: digest-sprint-metrics
description: "Given a Jira project key and sprint ID, retrieve completed story points, bug count, and Datadog deployment frequency for the sprint period, then post an engineering health summary to the team's Microsoft Teams channel."
inputParameters:
- name: project_key
in: body
type: string
description: "Jira project key, e.g. ENG."
- name: sprint_id
in: body
type: string
description: "Jira sprint ID number."
- name: sprint_name
in: body
type: string
description: "Human-readable sprint name for the digest header."
steps:
- name: get-sprint-issues
type: call
call: "jira-sprint.search-issues"
with:
jql: "project={{project_key}} AND sprint={{sprint_id}} AND status=Done"
- name: get-deployment-events
type: call
call: "datadog-sprint.get-events"
with:
tags: "env:production,project:{{project_key}}"
- name: post-sprint-digest
type: call
call: "msteams-sprint.post-channel-message"
with:
channel_id: "$secrets.teams_engineering_channel_id"
text: "Sprint Digest: {{sprint_name}} | Completed Issues: {{get-sprint-issues.total}} | Deployments: {{get-deployment-events.total}} | Review retrospective and plan next sprint."
consumes:
- type: http
namespace: jira-sprint
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/search"
inputParameters:
- name: jql
in: query
operations:
- name: search-issues
method: GET
- type: http
namespace: datadog-sprint
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
inputParameters:
- name: tags
in: query
operations:
- name: get-events
method: GET
- type: http
namespace: msteams-sprint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Knowledge Article Auto-Publisher
▼
itsm servicenow microsoft-teams
Generates ServiceNow knowledge article from resolved incident and shares via Teams.
naftiko: "0.5"
info:
label: "Knowledge Article Auto-Publisher"
description: "Generates ServiceNow knowledge article from resolved incident and shares via Teams."
tags:
- itsm
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: knowledge-orchestrate
description: "Generates ServiceNow knowledge article from resolved incident and shares via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
License Reconciliation Workflow
▼
identity azure snowflake servicenow
Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task.
naftiko: "0.5"
info:
label: "License Reconciliation Workflow"
description: "Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task."
tags:
- identity
- azure
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: license-orchestrate
description: "Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Major Incident Communication Orchestrator
▼
itsm servicenow microsoft-teams
Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates.
naftiko: "0.5"
info:
label: "Major Incident Communication Orchestrator"
description: "Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates."
tags:
- itsm
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: major-orchestrate
description: "Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Manufacturing Equipment Maintenance Work Order
▼
manufacturing maintenance sap-pm servicenow microsoft-teams iot
When a predictive maintenance alert fires in SAP PM, creates a ServiceNow work order for the plant maintenance team and notifies the plant manager in Microsoft Teams.
naftiko: "0.5"
info:
label: "Manufacturing Equipment Maintenance Work Order"
description: "When a predictive maintenance alert fires in SAP PM, creates a ServiceNow work order for the plant maintenance team and notifies the plant manager in Microsoft Teams."
tags:
- manufacturing
- maintenance
- sap-pm
- servicenow
- microsoft-teams
- iot
capability:
exposes:
- type: mcp
namespace: plant-maintenance
port: 8080
tools:
- name: create-maintenance-work-order
description: "Given a SAP equipment ID, maintenance alert type, and plant code, create a SAP PM work order, open a ServiceNow maintenance task, and notify the plant manager via Microsoft Teams. Use when predictive or preventive maintenance thresholds are breached."
inputParameters:
- name: equipment_id
in: body
type: string
description: "SAP equipment number for the asset requiring maintenance."
- name: alert_type
in: body
type: string
description: "Type of maintenance alert: predictive, preventive, or breakdown."
- name: plant_code
in: body
type: string
description: "SAP plant code where the equipment is located."
- name: manager_upn
in: body
type: string
description: "UPN of the plant manager to notify."
steps:
- name: create-sap-work-order
type: call
call: "sap-pm.create-work-order"
with:
Equipment: "{{equipment_id}}"
MaintenanceActivityType: "{{alert_type}}"
MaintPlant: "{{plant_code}}"
- name: create-snow-task
type: call
call: "servicenow-maint.create-task"
with:
short_description: "Maintenance required: Equipment {{equipment_id}} at plant {{plant_code}}"
category: "facility_maintenance"
assignment_group: "Plant_Maintenance"
description: "Alert type: {{alert_type}}. SAP work order: {{create-sap-work-order.MaintenanceOrder}}."
- name: notify-plant-manager
type: call
call: "msteams-maint.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "Maintenance Alert: Equipment {{equipment_id}} at plant {{plant_code}} requires {{alert_type}} maintenance. SAP WO: {{create-sap-work-order.MaintenanceOrder}} | SNOW: {{create-snow-task.number}}."
consumes:
- type: http
namespace: sap-pm
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_MAINTENANCEORDER_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: work-orders
path: "/MaintenanceOrder"
operations:
- name: create-work-order
method: POST
- type: http
namespace: servicenow-maint
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams-maint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Marketing Campaign Performance Digest
▼
marketing social linkedin meta microsoft-teams reporting
Aggregates campaign performance metrics from LinkedIn and Meta, compiles a structured summary, and posts a weekly digest to the marketing team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Marketing Campaign Performance Digest"
description: "Aggregates campaign performance metrics from LinkedIn and Meta, compiles a structured summary, and posts a weekly digest to the marketing team in Microsoft Teams."
tags:
- marketing
- social
- linkedin
- meta
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: marketing-reporting
port: 8080
tools:
- name: digest-campaign-performance
description: "Given a LinkedIn campaign group ID and Meta ad account ID, fetch performance metrics (impressions, clicks, spend, conversions) for both platforms and post a consolidated weekly digest to the marketing Microsoft Teams channel."
inputParameters:
- name: linkedin_campaign_group_id
in: body
type: string
description: "LinkedIn campaign group ID for the current campaign."
- name: meta_ad_account_id
in: body
type: string
description: "Meta Ads account ID (act_XXXXXXXX format)."
- name: date_range_start
in: body
type: string
description: "Start date for reporting in YYYY-MM-DD format."
- name: date_range_end
in: body
type: string
description: "End date for reporting in YYYY-MM-DD format."
steps:
- name: get-linkedin-metrics
type: call
call: "linkedin.get-campaign-analytics"
with:
campaignGroupId: "{{linkedin_campaign_group_id}}"
dateRangeStart: "{{date_range_start}}"
dateRangeEnd: "{{date_range_end}}"
- name: get-meta-metrics
type: call
call: "meta.get-ad-insights"
with:
adAccountId: "{{meta_ad_account_id}}"
since: "{{date_range_start}}"
until: "{{date_range_end}}"
- name: post-digest
type: call
call: "msteams-marketing.post-channel-message"
with:
channel_id: "$secrets.teams_marketing_channel_id"
text: "Weekly Campaign Digest ({{date_range_start}} to {{date_range_end}}): LinkedIn — Impressions: {{get-linkedin-metrics.impressionCount}}, Clicks: {{get-linkedin-metrics.clicks}} | Meta — Impressions: {{get-meta-metrics.impressions}}, Spend: {{get-meta-metrics.spend}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: campaign-analytics
path: "/adAnalytics"
inputParameters:
- name: campaignGroupId
in: query
- name: dateRangeStart
in: query
- name: dateRangeEnd
in: query
operations:
- name: get-campaign-analytics
method: GET
- type: http
namespace: meta
baseUri: "https://graph.facebook.com/v18.0"
authentication:
type: bearer
token: "$secrets.meta_access_token"
resources:
- name: ad-insights
path: "/{{adAccountId}}/insights"
inputParameters:
- name: adAccountId
in: path
- name: since
in: query
- name: until
in: query
operations:
- name: get-ad-insights
method: GET
- type: http
namespace: msteams-marketing
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Microsoft Teams Channel Notification
▼
collaboration microsoft-teams communication
Sends a notification message to a Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Microsoft Teams Channel Notification"
description: "Sends a notification message to a Microsoft Teams channel."
tags:
- collaboration
- microsoft-teams
- communication
capability:
exposes:
- type: mcp
namespace: collaboration
port: 8080
tools:
- name: send-channel-notification
description: "Sends a notification message to a Microsoft Teams channel."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "msteams.send-channel-message"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-channel-message
path: "/teams/{{{{team_id}}}}/channels/{{{{channel_id}}}}/messages"
operations:
- name: send-channel-message
method: POST
Monitoring Alert to Jira Bridge
▼
monitoring datadog jira microsoft-teams
When Datadog alert fires, creates Jira incident ticket and posts Teams notification.
naftiko: "0.5"
info:
label: "Monitoring Alert to Jira Bridge"
description: "When Datadog alert fires, creates Jira incident ticket and posts Teams notification."
tags:
- monitoring
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: monitoring-orchestrate
description: "When Datadog alert fires, creates Jira incident ticket and posts Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "datadog.get-monitor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Okta Identity Access Review
▼
identity security okta sap-successfactors access-review
Retrieves all active Okta user assignments for a target application, cross-references with SAP SuccessFactors active employees, and flags orphaned accounts for deprovisioning review.
naftiko: "0.5"
info:
label: "Okta Identity Access Review"
description: "Retrieves all active Okta user assignments for a target application, cross-references with SAP SuccessFactors active employees, and flags orphaned accounts for deprovisioning review."
tags:
- identity
- security
- okta
- sap-successfactors
- access-review
capability:
exposes:
- type: mcp
namespace: identity-review
port: 8080
tools:
- name: review-app-access
description: "Given an Okta application ID, retrieve all assigned users and compare against active SAP SuccessFactors employees. Creates a Jira access review ticket listing accounts that may be orphaned or inactive. Use for quarterly access reviews."
inputParameters:
- name: okta_app_id
in: body
type: string
description: "The Okta application ID to review assignments for."
- name: app_name
in: body
type: string
description: "Human-readable name of the application for the Jira ticket."
steps:
- name: get-app-users
type: call
call: "okta-review.get-app-users"
with:
appId: "{{okta_app_id}}"
- name: create-review-ticket
type: call
call: "jira-access.create-issue"
with:
project_key: "SEC"
issuetype: "Task"
summary: "Access Review: {{app_name}} ({{okta_app_id}})"
description: "Quarterly access review initiated for {{app_name}}. Total assigned users: {{get-app-users.total}}. Review and remove orphaned or terminated accounts."
consumes:
- type: http
namespace: okta-review
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: app-users
path: "/apps/{{appId}}/users"
inputParameters:
- name: appId
in: path
operations:
- name: get-app-users
method: GET
- type: http
namespace: jira-access
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Okta User Group Membership Lookup
▼
security okta identity
Retrieves all Okta group memberships for a user.
naftiko: "0.5"
info:
label: "Okta User Group Membership Lookup"
description: "Retrieves all Okta group memberships for a user."
tags:
- security
- okta
- identity
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-user-groups
description: "Retrieves all Okta group memberships for a user."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "okta.get-user-groups"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: get-user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
Org Change to Identity Sync
▼
hr workday okta azure servicenow
Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow.
naftiko: "0.5"
info:
label: "Org Change to Identity Sync"
description: "Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow."
tags:
- hr
- workday
- okta
- azure
- servicenow
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: org-orchestrate
description: "Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "azure.get-resources"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Palo Alto Firewall Rule Lookup
▼
security palo-alto-networks firewall
Retrieves a firewall security rule from Palo Alto Panorama by rule name.
naftiko: "0.5"
info:
label: "Palo Alto Firewall Rule Lookup"
description: "Retrieves a firewall security rule from Palo Alto Panorama by rule name."
tags:
- security
- palo-alto-networks
- firewall
capability:
exposes:
- type: mcp
namespace: network-security
port: 8080
tools:
- name: get-firewall-rule
description: "Retrieves a firewall security rule from Palo Alto Panorama by rule name."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "paloalto.get-security-rule"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.bosch.com/restapi/v10.2"
authentication:
type: bearer
token: "$secrets.paloalto_token"
resources:
- name: get-security-rule
path: "/Policies/SecurityRules?name={{{{rule_name}}}}"
operations:
- name: get-security-rule
method: GET
Power BI Dataset Refresh Status
▼
analytics power-bi reporting
Checks the refresh status of a Power BI dataset.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Status"
description: "Checks the refresh status of a Power BI dataset."
tags:
- analytics
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: get-dataset-refresh-status
description: "Checks the refresh status of a Power BI dataset."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "powerbi.get-refresh-history"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: get-refresh-history
path: "/datasets/{{{{dataset_id}}}}/refreshes?$top=1"
operations:
- name: get-refresh-history
method: GET
Power BI Report Refresh Trigger
▼
data analytics power-bi microsoft-teams reporting
Triggers a dataset refresh for a specified Power BI report, monitors completion via polling, and sends the refresh status summary to the analytics team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Power BI Report Refresh Trigger"
description: "Triggers a dataset refresh for a specified Power BI report, monitors completion via polling, and sends the refresh status summary to the analytics team in Microsoft Teams."
tags:
- data
- analytics
- power-bi
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: analytics-reporting
port: 8080
tools:
- name: refresh-powerbi-report
description: "Given a Power BI dataset ID and workspace ID, trigger a dataset refresh and notify the analytics team in Microsoft Teams with the refresh status. Use this to refresh executive dashboards after data pipeline completion."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Power BI workspace (group) ID containing the dataset."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID to refresh."
- name: report_name
in: body
type: string
description: "Human-readable name of the report for notification purposes."
steps:
- name: trigger-refresh
type: call
call: "powerbi.refresh-dataset"
with:
groupId: "{{workspace_id}}"
datasetId: "{{dataset_id}}"
- name: notify-analytics
type: call
call: "msteams-analytics.send-message"
with:
recipient_upn: "analytics-team@bosch.com"
text: "Power BI dataset refresh triggered for report '{{report_name}}' (dataset {{dataset_id}} in workspace {{workspace_id}})."
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refreshes
path: "/groups/{{groupId}}/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: groupId
in: path
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams-analytics
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Production Incident Response Chain
▼
itsm observability incident-response datadog servicenow microsoft-teams pagerduty
When Datadog fires a critical production alert, creates a ServiceNow P1 incident, pages the on-call engineer, and opens a Microsoft Teams war-room channel for incident coordination.
naftiko: "0.5"
info:
label: "Production Incident Response Chain"
description: "When Datadog fires a critical production alert, creates a ServiceNow P1 incident, pages the on-call engineer, and opens a Microsoft Teams war-room channel for incident coordination."
tags:
- itsm
- observability
- incident-response
- datadog
- servicenow
- microsoft-teams
- pagerduty
capability:
exposes:
- type: mcp
namespace: incident-response
port: 8080
tools:
- name: handle-production-incident
description: "Given a Datadog monitor ID and alert details, create a ServiceNow P1 incident, trigger a PagerDuty page, and post incident context to a Microsoft Teams channel. Use when a production system crosses a critical threshold."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that triggered the alert."
- name: alert_title
in: body
type: string
description: "Short title of the alert for the incident record."
- name: affected_service
in: body
type: string
description: "Name of the affected Bosch service or system."
- name: environment
in: body
type: string
description: "Environment where the alert fired: production, staging, etc."
steps:
- name: create-p1-incident
type: call
call: "servicenow-incident.create-incident"
with:
short_description: "[P1] {{alert_title}} — {{affected_service}}"
urgency: "1"
impact: "1"
category: "software"
description: "Datadog monitor {{monitor_id}} fired in {{environment}} for service {{affected_service}}."
- name: trigger-pagerduty
type: call
call: "pagerduty.create-incident"
with:
title: "[P1] {{alert_title}}"
service_id: "$secrets.pagerduty_service_id"
body_details: "ServiceNow: {{create-p1-incident.number}} | Monitor: {{monitor_id}} | Env: {{environment}}"
- name: post-war-room
type: call
call: "msteams-incident.post-channel-message"
with:
channel_id: "$secrets.teams_incidents_channel_id"
text: "INCIDENT P1: {{alert_title}} | Service: {{affected_service}} | Env: {{environment}} | SNOW: {{create-p1-incident.number}} | PagerDuty: {{trigger-pagerduty.id}}"
consumes:
- type: http
namespace: servicenow-incident
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-incident
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Program Budget Alert Workflow
▼
finance sap snowflake microsoft-teams
Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold.
naftiko: "0.5"
info:
label: "Program Budget Alert Workflow"
description: "Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold."
tags:
- finance
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: program-orchestrate
description: "Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Purchase Requisition Approval Routing
▼
procurement sap workday microsoft-teams
Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request.
naftiko: "0.5"
info:
label: "Purchase Requisition Approval Routing"
description: "Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request."
tags:
- procurement
- sap
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: purchase-orchestrate
description: "Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "workday.get-worker"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Recruiting Pipeline to Workday Sync
▼
hr linkedin workday microsoft-teams
Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams.
naftiko: "0.5"
info:
label: "Recruiting Pipeline to Workday Sync"
description: "Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams."
tags:
- hr
- linkedin
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: recruiting-orchestrate
description: "Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "linkedin.get-job-pipeline"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "workday.get-worker"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: postings
path: "/jobPostings"
operations:
- name: get-job-pipeline
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Release Documentation Generator
▼
devops jira confluence microsoft-teams
Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams.
naftiko: "0.5"
info:
label: "Release Documentation Generator"
description: "Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams."
tags:
- devops
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: release-orchestrate
description: "Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "jira.create-issue"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "confluence.create-page"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: confluence
baseUri: "https://bosch.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Release to Deployment Pipeline
▼
devops github servicenow terraform microsoft-teams
Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification.
naftiko: "0.5"
info:
label: "Release to Deployment Pipeline"
description: "Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification."
tags:
- devops
- github
- servicenow
- terraform
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: release-orchestrate
description: "Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/bosch/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
RFQ to Vendor Notification
▼
procurement sap-ariba microsoft-graph salesforce
Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity.
naftiko: "0.5"
info:
label: "RFQ to Vendor Notification"
description: "Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity."
tags:
- procurement
- sap-ariba
- microsoft-graph
- salesforce
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: rfq-orchestrate
description: "Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msgraph.send-mail"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "salesforce.get-opportunity"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: salesforce
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: get-opportunity
method: GET
Salesforce Customer Account Health Snapshot
▼
sales crm salesforce snowflake microsoft-teams customer-intelligence
Retrieves a Salesforce account record with open opportunities and cases, queries Snowflake for lifetime revenue, and delivers a consolidated account health snapshot to the account owner via Microsoft Teams.
naftiko: "0.5"
info:
label: "Salesforce Customer Account Health Snapshot"
description: "Retrieves a Salesforce account record with open opportunities and cases, queries Snowflake for lifetime revenue, and delivers a consolidated account health snapshot to the account owner via Microsoft Teams."
tags:
- sales
- crm
- salesforce
- snowflake
- microsoft-teams
- customer-intelligence
capability:
exposes:
- type: mcp
namespace: account-health
port: 8080
tools:
- name: get-account-health-snapshot
description: "Given a Salesforce account ID, retrieve account profile, open opportunities, and open support cases from Salesforce, then query Snowflake for lifetime revenue and post a consolidated health snapshot to the account owner in Microsoft Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID (18-character Salesforce ID)."
- name: owner_upn
in: body
type: string
description: "UPN of the account owner to deliver the snapshot to."
steps:
- name: get-account
type: call
call: "salesforce-account.get-account"
with:
accountId: "{{account_id}}"
- name: get-revenue
type: call
call: "snowflake-account.execute-statement"
with:
statement: "SELECT SUM(amount) as lifetime_revenue FROM sales_orders WHERE salesforce_account_id = '{{account_id}}'"
- name: send-snapshot
type: call
call: "msteams-account.send-message"
with:
recipient_upn: "{{owner_upn}}"
text: "Account Snapshot: {{get-account.Name}} | Industry: {{get-account.Industry}} | Open Opps: {{get-account.OpenOpportunities}} | Open Cases: {{get-account.OpenCases}} | Lifetime Revenue: {{get-revenue.lifetime_revenue}} {{get-account.CurrencyIsoCode}}"
consumes:
- type: http
namespace: salesforce-account
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{accountId}}"
inputParameters:
- name: accountId
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: snowflake-account
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: msteams-account
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Salesforce Lead Enrichment and Routing
▼
sales crm lead-management salesforce zoominfo
When a new lead is created in Salesforce, enriches the record with firmographic data from ZoomInfo and assigns it to the appropriate sales queue based on industry and region.
naftiko: "0.5"
info:
label: "Salesforce Lead Enrichment and Routing"
description: "When a new lead is created in Salesforce, enriches the record with firmographic data from ZoomInfo and assigns it to the appropriate sales queue based on industry and region."
tags:
- sales
- crm
- lead-management
- salesforce
- zoominfo
capability:
exposes:
- type: mcp
namespace: lead-enrichment
port: 8080
tools:
- name: enrich-and-route-lead
description: "Given a Salesforce lead ID, retrieve lead details, enrich with ZoomInfo firmographic data (company size, industry, revenue), update the Salesforce record, and assign to the correct sales queue. Use this on new lead creation to improve routing accuracy."
inputParameters:
- name: lead_id
in: body
type: string
description: "Salesforce lead ID (18-character Salesforce ID)."
steps:
- name: get-lead
type: call
call: "salesforce-lead.get-lead"
with:
leadId: "{{lead_id}}"
- name: enrich-zoominfo
type: call
call: "zoominfo.search-company"
with:
companyName: "{{get-lead.Company}}"
country: "{{get-lead.Country}}"
- name: update-lead
type: call
call: "salesforce-lead.update-lead"
with:
leadId: "{{lead_id}}"
NumberOfEmployees: "{{enrich-zoominfo.employeeCount}}"
AnnualRevenue: "{{enrich-zoominfo.revenue}}"
Industry: "{{enrich-zoominfo.industry}}"
consumes:
- type: http
namespace: salesforce-lead
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead/{{leadId}}"
inputParameters:
- name: leadId
in: path
operations:
- name: get-lead
method: GET
- name: update-lead
method: PATCH
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/company"
inputParameters:
- name: companyName
in: query
- name: country
in: query
operations:
- name: search-company
method: GET
Salesforce Opportunity Lookup
▼
sales salesforce crm
Retrieves a Salesforce opportunity by ID.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Lookup"
description: "Retrieves a Salesforce opportunity by ID."
tags:
- sales
- salesforce
- crm
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-opportunity
description: "Retrieves a Salesforce opportunity by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "salesforce.get-opportunity"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: get-opportunity
path: "/sobjects/Opportunity/{{{{id}}}}"
operations:
- name: get-opportunity
method: GET
Salesforce Opportunity to SAP Sales Order Sync
▼
sales crm erp salesforce sap-s4hana microsoft-teams
When a Salesforce opportunity is marked Closed Won, creates a corresponding sales order in SAP S/4HANA and notifies the assigned account manager in Microsoft Teams.
naftiko: "0.5"
info:
label: "Salesforce Opportunity to SAP Sales Order Sync"
description: "When a Salesforce opportunity is marked Closed Won, creates a corresponding sales order in SAP S/4HANA and notifies the assigned account manager in Microsoft Teams."
tags:
- sales
- crm
- erp
- salesforce
- sap-s4hana
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sales-erp-sync
port: 8080
tools:
- name: sync-opportunity-to-sales-order
description: "Given a Salesforce opportunity ID, retrieve deal details and create a SAP S/4HANA sales order, then notify the account manager in Microsoft Teams. Use this when a deal closes to initiate order fulfillment."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce opportunity ID (18-character Salesforce ID)."
- name: manager_upn
in: body
type: string
description: "UPN of the account manager to notify in Microsoft Teams."
steps:
- name: get-opportunity
type: call
call: "salesforce.get-opportunity"
with:
opportunityId: "{{opportunity_id}}"
- name: create-sales-order
type: call
call: "sap-s4-sales.create-sales-order"
with:
SoldToParty: "{{get-opportunity.AccountId}}"
RequestedDeliveryDate: "{{get-opportunity.CloseDate}}"
TransactionCurrency: "{{get-opportunity.CurrencyIsoCode}}"
- name: notify-manager
type: call
call: "msteams-sales.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "Opportunity {{get-opportunity.Name}} is Closed Won. SAP Sales Order {{create-sales-order.SalesOrder}} created. Amount: {{get-opportunity.Amount}} {{get-opportunity.CurrencyIsoCode}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://bosch.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunityId}}"
inputParameters:
- name: opportunityId
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: sap-s4-sales
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_SALES_ORDER_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: sales-orders
path: "/A_SalesOrder"
operations:
- name: create-sales-order
method: POST
- type: http
namespace: msteams-sales
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Concur Expense Report Approval
▼
finance expense-management sap-concur sap-s4hana approval
When an expense report is submitted in SAP Concur above a threshold amount, retrieves the report details, validates against Bosch policy in SAP S/4HANA cost center data, and routes for manager approval.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Approval"
description: "When an expense report is submitted in SAP Concur above a threshold amount, retrieves the report details, validates against Bosch policy in SAP S/4HANA cost center data, and routes for manager approval."
tags:
- finance
- expense-management
- sap-concur
- sap-s4hana
- approval
capability:
exposes:
- type: mcp
namespace: expense-approval
port: 8080
tools:
- name: approve-expense-report
description: "Given a SAP Concur expense report ID, retrieve the report, validate the cost center against SAP S/4HANA, and submit the approval or flag for manual review. Use to automate expense approvals within policy thresholds."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID."
- name: approver_upn
in: body
type: string
description: "UPN of the approving manager to notify if manual review is needed."
steps:
- name: get-expense-report
type: call
call: "concur.get-report"
with:
reportId: "{{report_id}}"
- name: validate-cost-center
type: call
call: "sap-s4-expense.get-cost-center"
with:
CostCenter: "{{get-expense-report.costCenter}}"
- name: notify-approver
type: call
call: "msteams-expense.send-message"
with:
recipient_upn: "{{approver_upn}}"
text: "Expense Report {{report_id}} submitted by {{get-expense-report.submitterName}} for {{get-expense-report.totalAmount}} {{get-expense-report.currencyCode}}. Cost center {{get-expense-report.costCenter}} validated. Please review."
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports/{{reportId}}"
inputParameters:
- name: reportId
in: path
operations:
- name: get-report
method: GET
- type: http
namespace: sap-s4-expense
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_COSTCENTER_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: cost-centers
path: "/A_CostCenter('{{CostCenter}}')"
inputParameters:
- name: CostCenter
in: path
operations:
- name: get-cost-center
method: GET
- type: http
namespace: msteams-expense
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Cost Center Budget Lookup
▼
finance sap budget
Retrieves budget vs. actuals for a SAP cost center and fiscal period.
naftiko: "0.5"
info:
label: "SAP Cost Center Budget Lookup"
description: "Retrieves budget vs. actuals for a SAP cost center and fiscal period."
tags:
- finance
- sap
- budget
capability:
exposes:
- type: mcp
namespace: erp-finance
port: 8080
tools:
- name: get-cost-center-budget
description: "Retrieves budget vs. actuals for a SAP cost center and fiscal period."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-budget"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_CSTCTRBUDGET_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-budget
path: "/A_CostCenterBudget(CostCenter='{{{{cost_center}}}}',FiscalYear='{{{{fiscal_year}}}}')"
operations:
- name: get-budget
method: GET
SAP Goods Receipt Lookup
▼
logistics sap warehouse
Retrieves a goods receipt document from SAP by material document number.
naftiko: "0.5"
info:
label: "SAP Goods Receipt Lookup"
description: "Retrieves a goods receipt document from SAP by material document number."
tags:
- logistics
- sap
- warehouse
capability:
exposes:
- type: mcp
namespace: erp-logistics
port: 8080
tools:
- name: get-goods-receipt
description: "Retrieves a goods receipt document from SAP by material document number."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-goods-receipt"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_DOCUMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-goods-receipt
path: "/A_MaterialDocumentHeader('{{{{doc_number}}}}')"
operations:
- name: get-goods-receipt
method: GET
SAP Inventory Stock Level Lookup
▼
supply-chain inventory sap-s4hana
Retrieves current stock levels for a material and plant from SAP S/4HANA to support supply chain decisions and replenishment planning.
naftiko: "0.5"
info:
label: "SAP Inventory Stock Level Lookup"
description: "Retrieves current stock levels for a material and plant from SAP S/4HANA to support supply chain decisions and replenishment planning."
tags:
- supply-chain
- inventory
- sap-s4hana
capability:
exposes:
- type: mcp
namespace: supply-chain
port: 8080
tools:
- name: get-stock-level
description: "Given a SAP material number and plant code, retrieve the current unrestricted stock quantity, unit of measure, and last goods movement date from SAP S/4HANA. Use this to check stock availability before committing to an order."
inputParameters:
- name: material_number
in: body
type: string
description: "SAP material number for the product to check."
- name: plant_code
in: body
type: string
description: "SAP plant code where stock is held."
call: "sap-inventory.get-stock"
with:
Material: "{{material_number}}"
Plant: "{{plant_code}}"
outputParameters:
- name: unrestricted_stock
type: string
mapping: "$.MatlWrhsStkQtyInMatBaseUnit"
- name: unit_of_measure
type: string
mapping: "$.MaterialBaseUnit"
- name: last_movement
type: string
mapping: "$.LastChangeDateTime"
consumes:
- type: http
namespace: sap-inventory
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: stock
path: "/A_MatlStkInAcctMod(Material='{{Material}}',Plant='{{Plant}}')"
inputParameters:
- name: Material
in: path
- name: Plant
in: path
operations:
- name: get-stock
method: GET
SAP Material Master Lookup
▼
procurement sap materials
Retrieves material master data from SAP S/4HANA by material number.
naftiko: "0.5"
info:
label: "SAP Material Master Lookup"
description: "Retrieves material master data from SAP S/4HANA by material number."
tags:
- procurement
- sap
- materials
capability:
exposes:
- type: mcp
namespace: erp
port: 8080
tools:
- name: get-material
description: "Retrieves material master data from SAP S/4HANA by material number."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-material"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_PRODUCT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-material
path: "/A_Product('{{{{material}}}}')"
operations:
- name: get-material
method: GET
SAP Purchase Order Lookup
▼
finance procurement sap-s4hana
Retrieves a purchase order record from SAP S/4HANA by PO number and returns header data including vendor, amount, and approval status.
naftiko: "0.5"
info:
label: "SAP Purchase Order Lookup"
description: "Retrieves a purchase order record from SAP S/4HANA by PO number and returns header data including vendor, amount, and approval status."
tags:
- finance
- procurement
- sap-s4hana
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: get-purchase-order
description: "Given a SAP S/4HANA purchase order number, retrieve PO header data including vendor name, net amount, currency, and approval status. Use this when a user or agent needs to verify PO details before approval or invoice matching."
inputParameters:
- name: po_number
in: body
type: string
description: "The SAP purchase order number, e.g. 4500012345."
call: "sap-s4.get-purchase-order"
with:
PurchaseOrder: "{{po_number}}"
outputParameters:
- name: vendor
type: string
mapping: "$.Supplier"
- name: net_amount
type: string
mapping: "$.NetPaymentAmount"
- name: currency
type: string
mapping: "$.DocumentCurrency"
- name: status
type: string
mapping: "$.ProcessingStatus"
consumes:
- type: http
namespace: sap-s4
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_PURCHASEORDER_PROCESS_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{PurchaseOrder}}')"
inputParameters:
- name: PurchaseOrder
in: path
operations:
- name: get-purchase-order
method: GET
SAP S/4HANA Headcount and Cost Center Report
▼
hr finance reporting sap-s4hana sap-successfactors microsoft-teams
Queries SAP S/4HANA for headcount by cost center and cross-references with SAP SuccessFactors employee data to generate a monthly workforce cost report delivered to the finance team in Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP S/4HANA Headcount and Cost Center Report"
description: "Queries SAP S/4HANA for headcount by cost center and cross-references with SAP SuccessFactors employee data to generate a monthly workforce cost report delivered to the finance team in Microsoft Teams."
tags:
- hr
- finance
- reporting
- sap-s4hana
- sap-successfactors
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-finance-reporting
port: 8080
tools:
- name: publish-headcount-cost-report
description: "Given a company code and fiscal period, retrieve cost center assignments from SAP S/4HANA and employee headcount by department from SAP SuccessFactors, then post a consolidated headcount cost report to the finance team in Microsoft Teams."
inputParameters:
- name: company_code
in: body
type: string
description: "SAP company code for the reporting entity."
- name: fiscal_period
in: body
type: string
description: "Fiscal period in YYYYMM format."
steps:
- name: get-cost-centers
type: call
call: "sap-s4-hc.get-cost-centers"
with:
CompanyCode: "{{company_code}}"
- name: get-headcount
type: call
call: "successfactors-hc.get-headcount"
with:
companyCode: "{{company_code}}"
- name: post-report
type: call
call: "msteams-hc.post-channel-message"
with:
channel_id: "$secrets.teams_finance_channel_id"
text: "Headcount & Cost Report — Period: {{fiscal_period}} | Company: {{company_code}} | Cost Centers: {{get-cost-centers.total}} | Total Headcount: {{get-headcount.totalHeadcount}}. Full report available in SharePoint."
consumes:
- type: http
namespace: sap-s4-hc
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_COSTCENTER_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: cost-centers
path: "/A_CostCenter"
inputParameters:
- name: CompanyCode
in: query
operations:
- name: get-cost-centers
method: GET
- type: http
namespace: successfactors-hc
baseUri: "https://api4.successfactors.com/odata/v2"
authentication:
type: bearer
token: "$secrets.successfactors_token"
resources:
- name: headcount
path: "/EmpEmployment"
inputParameters:
- name: companyCode
in: query
operations:
- name: get-headcount
method: GET
- type: http
namespace: msteams-hc
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Secret Rotation Orchestrator
▼
security azure terraform servicenow
Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change.
naftiko: "0.5"
info:
label: "Secret Rotation Orchestrator"
description: "Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change."
tags:
- security
- azure
- terraform
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: secret-orchestrate
description: "Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/bosch/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Security Clearance Verification Workflow
▼
security workday okta servicenow
Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow.
naftiko: "0.5"
info:
label: "Security Clearance Verification Workflow"
description: "Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow."
tags:
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: security-orchestrate
description: "Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
ServiceNow Change Request Approval Workflow
▼
itsm change-management servicenow jira datadog
When a ServiceNow change request is submitted for production infrastructure, validates the related Jira story is accepted, checks for Datadog monitor suppressions, and routes the CAB approval notification.
naftiko: "0.5"
info:
label: "ServiceNow Change Request Approval Workflow"
description: "When a ServiceNow change request is submitted for production infrastructure, validates the related Jira story is accepted, checks for Datadog monitor suppressions, and routes the CAB approval notification."
tags:
- itsm
- change-management
- servicenow
- jira
- datadog
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: process-change-request
description: "Given a ServiceNow change request number and linked Jira story key, validate the Jira story is accepted, fetch the change details, and update the change request with validation status. Use before CAB review to automate pre-approval checks."
inputParameters:
- name: change_number
in: body
type: string
description: "ServiceNow change request number, e.g. CHG0012345."
- name: jira_story_key
in: body
type: string
description: "The Jira story key linked to the change, e.g. ENG-4567."
steps:
- name: get-change
type: call
call: "servicenow-change.get-change"
with:
number: "{{change_number}}"
- name: get-jira-story
type: call
call: "jira-change.get-issue"
with:
issueKey: "{{jira_story_key}}"
- name: update-change-status
type: call
call: "servicenow-change.update-change"
with:
number: "{{change_number}}"
work_notes: "Pre-approval check complete. Jira story {{jira_story_key}} status: {{get-jira-story.fields.status.name}}. Ready for CAB review."
consumes:
- type: http
namespace: servicenow-change
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request/{{number}}"
inputParameters:
- name: number
in: path
operations:
- name: get-change
method: GET
- name: update-change
method: PATCH
- type: http
namespace: jira-change
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issueKey}}"
inputParameters:
- name: issueKey
in: path
operations:
- name: get-issue
method: GET
ServiceNow Incident Status Lookup
▼
itsm servicenow incident
Looks up a ServiceNow incident by number and returns state, priority, and assignment group.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Lookup"
description: "Looks up a ServiceNow incident by number and returns state, priority, and assignment group."
tags:
- itsm
- servicenow
- incident
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: get-incident-status
description: "Looks up a ServiceNow incident by number and returns state, priority, and assignment group."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "servicenow.get-incident"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: get-incident
path: "/table/incident?sysparm_query=number={{{{number}}}}"
operations:
- name: get-incident
method: GET
SIEM Alert to Endpoint Isolation
▼
security splunk crowdstrike servicenow
Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident.
naftiko: "0.5"
info:
label: "SIEM Alert to Endpoint Isolation"
description: "Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident."
tags:
- security
- splunk
- crowdstrike
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: siem-orchestrate
description: "Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "splunk.run-search"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.bosch.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Snowflake Data Pipeline Health Check
▼
data analytics snowflake datadog jira monitoring
Queries Snowflake to assess data pipeline completeness for a given date partition, and creates a Datadog event and Jira ticket if row counts fall below threshold.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Health Check"
description: "Queries Snowflake to assess data pipeline completeness for a given date partition, and creates a Datadog event and Jira ticket if row counts fall below threshold."
tags:
- data
- analytics
- snowflake
- datadog
- jira
- monitoring
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: check-pipeline-health
description: "Given a Snowflake table name, date partition, and expected row count threshold, execute a health check query and raise a Datadog alert and Jira ticket if data volume is below the expected threshold."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table name, e.g. BOSCH_DW.SALES.DAILY_ORDERS."
- name: partition_date
in: body
type: string
description: "The date partition to check in YYYY-MM-DD format."
- name: expected_row_count
in: body
type: integer
description: "Minimum expected row count for a healthy load."
steps:
- name: run-health-query
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT COUNT(*) as row_count FROM {{table_name}} WHERE partition_date = '{{partition_date}}'"
- name: create-datadog-alert
type: call
call: "datadog-data.create-event"
with:
title: "Data pipeline check: {{table_name}} {{partition_date}}"
text: "Row count: {{run-health-query.row_count}} (expected >= {{expected_row_count}})"
alert_type: "warning"
- name: create-data-ticket
type: call
call: "jira-data.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Data pipeline below threshold: {{table_name}} for {{partition_date}}"
description: "Expected >= {{expected_row_count}} rows. Actual: {{run-health-query.row_count}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: datadog-data
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira-data
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Snowflake Query Execution Status
▼
data snowflake monitoring
Checks the execution status of a Snowflake query by ID.
naftiko: "0.5"
info:
label: "Snowflake Query Execution Status"
description: "Checks the execution status of a Snowflake query by ID."
tags:
- data
- snowflake
- monitoring
capability:
exposes:
- type: mcp
namespace: data-platform
port: 8080
tools:
- name: get-query-status
description: "Checks the execution status of a Snowflake query by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "snowflake.get-query-status"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: get-query-status
path: "/statements/{{{{query_id}}}}"
operations:
- name: get-query-status
method: GET
SOP Review Cycle Orchestrator
▼
knowledge-management confluence jira microsoft-teams
Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams.
naftiko: "0.5"
info:
label: "SOP Review Cycle Orchestrator"
description: "Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams."
tags:
- knowledge-management
- confluence
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: knowledge_management
port: 8080
tools:
- name: sop-orchestrate
description: "Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "confluence.create-page"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://bosch.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: jira
baseUri: "https://bosch.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Splunk Saved Search Results Lookup
▼
security splunk siem
Retrieves the latest results from a Splunk saved search.
naftiko: "0.5"
info:
label: "Splunk Saved Search Results Lookup"
description: "Retrieves the latest results from a Splunk saved search."
tags:
- security
- splunk
- siem
capability:
exposes:
- type: mcp
namespace: siem
port: 8080
tools:
- name: get-saved-search-results
description: "Retrieves the latest results from a Splunk saved search."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "splunk.get-saved-search"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.bosch.com:8089/servicesNS/admin/search"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: get-saved-search
path: "/saved/searches/{{{{search_name}}}}/history"
operations:
- name: get-saved-search
method: GET
Supplier Invoice Processing and Approval
▼
finance procurement sap-ariba sap-s4hana coupa invoice-processing
When a supplier invoice is received in SAP Ariba, matches it against the corresponding SAP S/4HANA purchase order, validates line items, and triggers a Coupa approval workflow.
naftiko: "0.5"
info:
label: "Supplier Invoice Processing and Approval"
description: "When a supplier invoice is received in SAP Ariba, matches it against the corresponding SAP S/4HANA purchase order, validates line items, and triggers a Coupa approval workflow."
tags:
- finance
- procurement
- sap-ariba
- sap-s4hana
- coupa
- invoice-processing
capability:
exposes:
- type: mcp
namespace: invoice-processing
port: 8080
tools:
- name: process-supplier-invoice
description: "Given an SAP Ariba invoice ID and related PO number, fetch the invoice from Ariba, match it against the SAP S/4HANA PO, and submit an approval request in Coupa. Use this to automate three-way matching and approval routing."
inputParameters:
- name: ariba_invoice_id
in: body
type: string
description: "The SAP Ariba invoice document ID."
- name: po_number
in: body
type: string
description: "The related SAP S/4HANA purchase order number."
steps:
- name: get-invoice
type: call
call: "ariba.get-invoice"
with:
invoiceId: "{{ariba_invoice_id}}"
- name: get-po
type: call
call: "sap-s4-invoice.get-purchase-order"
with:
PurchaseOrder: "{{po_number}}"
- name: submit-approval
type: call
call: "coupa.create-invoice-approval"
with:
invoice_id: "{{ariba_invoice_id}}"
po_number: "{{po_number}}"
invoice_amount: "{{get-invoice.totalAmount}}"
po_amount: "{{get-po.NetPaymentAmount}}"
supplier: "{{get-po.Supplier}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/invoice/v1"
authentication:
type: apikey
key: "apikey"
value: "$secrets.ariba_api_key"
placement: query
resources:
- name: invoices
path: "/invoices/{{invoiceId}}"
inputParameters:
- name: invoiceId
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: sap-s4-invoice
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/API_PURCHASEORDER_PROCESS_SRV"
authentication:
type: basic
username: "$secrets.sap_s4_user"
password: "$secrets.sap_s4_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{PurchaseOrder}}')"
inputParameters:
- name: PurchaseOrder
in: path
operations:
- name: get-purchase-order
method: GET
- type: http
namespace: coupa
baseUri: "https://bosch.coupahost.com/api"
authentication:
type: apikey
key: "X-COUPA-API-KEY"
value: "$secrets.coupa_api_key"
placement: header
resources:
- name: invoice-approvals
path: "/invoices"
operations:
- name: create-invoice-approval
method: POST
Supplier Risk Assessment Orchestrator
▼
procurement sap-ariba snowflake servicenow
Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record.
naftiko: "0.5"
info:
label: "Supplier Risk Assessment Orchestrator"
description: "Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record."
tags:
- procurement
- sap-ariba
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: supplier-orchestrate
description: "Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Supply Chain Replenishment Alert
▼
supply-chain procurement snowflake sap-ariba microsoft-teams replenishment
When a Snowflake supply chain analytics query detects stock below reorder point, creates a SAP Ariba requisition and notifies the procurement manager in Microsoft Teams.
naftiko: "0.5"
info:
label: "Supply Chain Replenishment Alert"
description: "When a Snowflake supply chain analytics query detects stock below reorder point, creates a SAP Ariba requisition and notifies the procurement manager in Microsoft Teams."
tags:
- supply-chain
- procurement
- snowflake
- sap-ariba
- microsoft-teams
- replenishment
capability:
exposes:
- type: mcp
namespace: replenishment
port: 8080
tools:
- name: trigger-replenishment
description: "Given a material number, plant, and current stock quantity, create a SAP Ariba purchase requisition for replenishment and notify the procurement manager in Microsoft Teams."
inputParameters:
- name: material_number
in: body
type: string
description: "SAP material number requiring replenishment."
- name: plant_code
in: body
type: string
description: "SAP plant code where stock is below reorder point."
- name: reorder_quantity
in: body
type: integer
description: "Quantity to order for replenishment."
- name: manager_upn
in: body
type: string
description: "UPN of the procurement manager to notify."
steps:
- name: create-requisition
type: call
call: "ariba-replenish.create-requisition"
with:
materialNumber: "{{material_number}}"
plant: "{{plant_code}}"
quantity: "{{reorder_quantity}}"
- name: notify-procurement
type: call
call: "msteams-replenish.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "Replenishment requisition created: Material {{material_number}} | Plant {{plant_code}} | Qty: {{reorder_quantity}} | Ariba Req: {{create-requisition.id}}."
consumes:
- type: http
namespace: ariba-replenish
baseUri: "https://openapi.ariba.com/api/purchase-req/v1"
authentication:
type: apikey
key: "apikey"
value: "$secrets.ariba_api_key"
placement: query
resources:
- name: requisitions
path: "/requisitions"
operations:
- name: create-requisition
method: POST
- type: http
namespace: msteams-replenish
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Suspicious Login Response Workflow
▼
security okta crowdstrike servicenow
Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident.
naftiko: "0.5"
info:
label: "Suspicious Login Response Workflow"
description: "Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident."
tags:
- security
- okta
- crowdstrike
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: suspicious-orchestrate
description: "Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "okta.get-user-groups"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
System Access Request Orchestrator
▼
security workday okta servicenow microsoft-teams
Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams.
naftiko: "0.5"
info:
label: "System Access Request Orchestrator"
description: "Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams."
tags:
- security
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: system-orchestrate
description: "Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/bosch/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Termination to Access Revocation
▼
hr azure okta servicenow
Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket.
naftiko: "0.5"
info:
label: "Termination to Access Revocation"
description: "Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket."
tags:
- hr
- azure
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: termination-orchestrate
description: "Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: okta
baseUri: "https://bosch.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Terraform Drift Detection and Remediation
▼
devops terraform servicenow
Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan.
naftiko: "0.5"
info:
label: "Terraform Drift Detection and Remediation"
description: "Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan."
tags:
- devops
- terraform
- servicenow
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: terraform-orchestrate
description: "Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "terraform.get-workspace"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/bosch/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Terraform Workspace Status Lookup
▼
devops terraform infrastructure
Retrieves current status of a Terraform Cloud workspace.
naftiko: "0.5"
info:
label: "Terraform Workspace Status Lookup"
description: "Retrieves current status of a Terraform Cloud workspace."
tags:
- devops
- terraform
- infrastructure
capability:
exposes:
- type: mcp
namespace: infrastructure
port: 8080
tools:
- name: get-workspace-status
description: "Retrieves current status of a Terraform Cloud workspace."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "terraform.get-workspace"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: get-workspace
path: "/organizations/bosch/workspaces/{{{{workspace}}}}"
operations:
- name: get-workspace
method: GET
Threat Intel to Log Search
▼
security crowdstrike splunk servicenow
Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident.
naftiko: "0.5"
info:
label: "Threat Intel to Log Search"
description: "Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident."
tags:
- security
- crowdstrike
- splunk
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: threat-orchestrate
description: "Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "crowdstrike.get-device"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "splunk.run-search"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: splunk
baseUri: "https://splunk.bosch.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Travel Request Approval Orchestrator
▼
travel sap-concur sap microsoft-teams
Retrieves Concur travel request, validates SAP budget, and sends Teams approval request.
naftiko: "0.5"
info:
label: "Travel Request Approval Orchestrator"
description: "Retrieves Concur travel request, validates SAP budget, and sends Teams approval request."
tags:
- travel
- sap-concur
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: travel
port: 8080
tools:
- name: travel-orchestrate
description: "Retrieves Concur travel request, validates SAP budget, and sends Teams approval request."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "concur.get-travel-request"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: travel-requests
path: "/travelrequest/requests/{{{{request_id}}}}"
operations:
- name: get-travel-request
method: GET
- type: http
namespace: sap
baseUri: "https://bosch-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/bosch/channels/general/messages"
operations:
- name: send-message
method: POST
Vendor Compliance Audit Orchestrator
▼
procurement sap-ariba snowflake servicenow
Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task.
naftiko: "0.5"
info:
label: "Vendor Compliance Audit Orchestrator"
description: "Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task."
tags:
- procurement
- sap-ariba
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: vendor-orchestrate
description: "Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: snowflake
baseUri: "https://bosch.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
VM Patching Orchestrator
▼
cloud servicenow terraform datadog
Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog.
naftiko: "0.5"
info:
label: "VM Patching Orchestrator"
description: "Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog."
tags:
- cloud
- servicenow
- terraform
- datadog
capability:
exposes:
- type: mcp
namespace: cloud
port: 8080
tools:
- name: vm-orchestrate
description: "Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "datadog.get-monitor"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/bosch/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Vulnerability Patch Deployment Orchestrator
▼
security servicenow terraform datadog
Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog.
naftiko: "0.5"
info:
label: "Vulnerability Patch Deployment Orchestrator"
description: "Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog."
tags:
- security
- servicenow
- terraform
- datadog
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: vulnerability-orchestrate
description: "Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "datadog.get-monitor"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bosch.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/bosch/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Workday Employee Directory Lookup
▼
hr workday directory
Retrieves an employee record from Workday by worker ID, returning name, department, and manager.
naftiko: "0.5"
info:
label: "Workday Employee Directory Lookup"
description: "Retrieves an employee record from Workday by worker ID, returning name, department, and manager."
tags:
- hr
- workday
- directory
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-employee
description: "Retrieves an employee record from Workday by worker ID, returning name, department, and manager."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "workday.get-worker"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: get-worker
path: "/bosch/workers/{{{{worker_id}}}}"
operations:
- name: get-worker
method: GET