Capital One Capabilities
Naftiko 0.5 capability definitions for Capital One - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
ADP Payroll Headcount Snapshot
▼
hr finance adp payroll reporting
Queries ADP Workforce Now for payroll-active employees by legal entity and department, returning headcount and total base salary for finance period-close reporting.
naftiko: "0.5"
info:
label: "ADP Payroll Headcount Snapshot"
description: "Queries ADP Workforce Now for payroll-active employees by legal entity and department, returning headcount and total base salary for finance period-close reporting."
tags:
- hr
- finance
- adp
- payroll
- reporting
capability:
exposes:
- type: mcp
namespace: payroll-reporting
port: 8080
tools:
- name: get-payroll-headcount
description: "Given an ADP legal entity code and department, return total payroll headcount and aggregate base salary. Use for period-close financial reporting and workforce cost analysis."
inputParameters:
- name: legal_entity_code
in: body
type: string
description: "The ADP legal entity code for the reporting entity."
- name: department
in: body
type: string
description: "Optional department filter for headcount data."
call: "adp.get-payroll-employees"
with:
legalEntityCode: "{{legal_entity_code}}"
department: "{{department}}"
outputParameters:
- name: headcount
type: integer
mapping: "$.data.totalEmployees"
- name: total_salary
type: number
mapping: "$.data.totalBaseSalary"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: payroll-employees
path: "/hr/v2/workers"
inputParameters:
- name: legalEntityCode
in: query
- name: department
in: query
operations:
- name: get-payroll-employees
method: GET
ADP Payroll Summary Lookup
▼
hr adp
Retrieves payroll summary data from ADP for a pay period.
naftiko: "0.5"
info:
label: "ADP Payroll Summary Lookup"
description: "Retrieves payroll summary data from ADP for a pay period."
tags:
- hr
- adp
capability:
exposes:
- type: mcp
namespace: payroll-info
port: 8080
tools:
- name: get-payroll-summary
description: "Look up ADP payroll summary."
inputParameters:
- name: pay_period
in: body
type: string
description: "Pay period identifier."
call: "adp.get-payroll"
with:
pay_period: "{{pay_period}}"
outputParameters:
- name: total_gross
type: number
mapping: "$.payrollSummary.totalGross"
- name: headcount
type: number
mapping: "$.payrollSummary.employeeCount"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com/hr/v2"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: payroll
path: "/payroll/pay-periods/{{pay_period}}/summary"
inputParameters:
- name: pay_period
in: path
operations:
- name: get-payroll
method: GET
Amazon Redshift Query Status Lookup
▼
data amazon-redshift
Checks the execution status of an Amazon Redshift query.
naftiko: "0.5"
info:
label: "Amazon Redshift Query Status Lookup"
description: "Checks the execution status of an Amazon Redshift query."
tags:
- data
- amazon-redshift
capability:
exposes:
- type: mcp
namespace: redshift-ops
port: 8080
tools:
- name: get-query-status
description: "Look up Redshift query status."
inputParameters:
- name: query_id
in: body
type: string
description: "Redshift query ID."
call: "redshift.get-statement"
with:
query_id: "{{query_id}}"
outputParameters:
- name: status
type: string
mapping: "$.Status"
- name: rows_affected
type: number
mapping: "$.ResultRows"
consumes:
- type: http
namespace: redshift
baseUri: "https://redshift-data.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_redshift_token"
resources:
- name: statements
path: "/"
operations:
- name: get-statement
method: POST
Anti-Money Laundering Alert Orchestrator
▼
compliance snowflake servicenow slack
Processes AML alerts by enriching with Snowflake data, creating ServiceNow cases, and notifying compliance via Slack.
naftiko: "0.5"
info:
label: "Anti-Money Laundering Alert Orchestrator"
description: "Processes AML alerts by enriching with Snowflake data, creating ServiceNow cases, and notifying compliance via Slack."
tags:
- compliance
- snowflake
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: anti-money-laundering-alert
port: 8080
tools:
- name: anti-money-laundering-alert
description: "Processes AML alerts by enriching with Snowflake data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Anti-Money Laundering Alert for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Anti-Money Laundering Alert processed for {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
API Gateway Rate Limit Orchestrator
▼
infrastructure datadog slack
Monitors API gateway metrics via Datadog, adjusts rate limits, and notifies developers via Slack.
naftiko: "0.5"
info:
label: "API Gateway Rate Limit Orchestrator"
description: "Monitors API gateway metrics via Datadog, adjusts rate limits, and notifies developers via Slack."
tags:
- infrastructure
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: api-gateway-rate-limit
port: 8080
tools:
- name: api-gateway-rate-limit
description: "Monitors API gateway metrics via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "API Gateway Rate Limit processed for {{entity_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Application Dependency Mapping Orchestrator
▼
infrastructure servicenow datadog confluence
Maps application dependencies from ServiceNow CMDB, validates in Datadog, and publishes to Confluence.
naftiko: "0.5"
info:
label: "Application Dependency Mapping Orchestrator"
description: "Maps application dependencies from ServiceNow CMDB, validates in Datadog, and publishes to Confluence."
tags:
- infrastructure
- servicenow
- datadog
- confluence
capability:
exposes:
- type: mcp
namespace: application-dependency-mapping
port: 8080
tools:
- name: application-dependency-mapping
description: "Maps application dependencies from ServiceNow CMDB."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Application Dependency Mapping for {{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Application Dependency Mapping"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Automated Pen Test Findings Orchestrator
▼
security jira slack
Processes penetration test findings, creates Jira remediation tickets, and notifies security team via Slack.
naftiko: "0.5"
info:
label: "Automated Pen Test Findings Orchestrator"
description: "Processes penetration test findings, creates Jira remediation tickets, and notifies security team via Slack."
tags:
- security
- jira
- slack
capability:
exposes:
- type: mcp
namespace: automated-pen-test-findings
port: 8080
tools:
- name: automated-pen-test-findings
description: "Processes penetration test findings."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "Automated Pen Test Findings - {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Automated Pen Test Findings processed for {{entity_id}}"
consumes:
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
AWS Cloud Cost Anomaly Responder
▼
cloud aws finops cost-management microsoft-teams
Queries AWS Cost Explorer for spend anomalies exceeding a daily threshold and notifies the FinOps team via Microsoft Teams with a Jira cost review ticket.
naftiko: "0.5"
info:
label: "AWS Cloud Cost Anomaly Responder"
description: "Queries AWS Cost Explorer for spend anomalies exceeding a daily threshold and notifies the FinOps team via Microsoft Teams with a Jira cost review ticket."
tags:
- cloud
- aws
- finops
- cost-management
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: respond-to-aws-cost-anomaly
description: "Given a cost threshold in USD and a date range, check AWS Cost Explorer for anomalies and create a Jira ticket and Teams alert if thresholds are exceeded. Use for daily FinOps monitoring."
inputParameters:
- name: threshold_usd
in: body
type: number
description: "Daily spend threshold in USD that triggers an alert when exceeded."
- name: start_date
in: body
type: string
description: "Start date for cost query in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date for cost query in YYYY-MM-DD format."
- name: finops_email
in: body
type: string
description: "FinOps team email for Teams notification."
steps:
- name: get-cost-anomaly
type: call
call: "aws-cost.get-cost-and-usage"
with:
startDate: "{{start_date}}"
endDate: "{{end_date}}"
- name: create-jira-cost-ticket
type: call
call: "jira-finops.create-issue"
with:
summary: "AWS cost anomaly: ${{get-cost-anomaly.totalCost}} exceeds threshold ${{threshold_usd}}"
description: "Cost spike detected between {{start_date}} and {{end_date}}."
project: "FINOPS"
issuetype: "Task"
- name: notify-finops
type: call
call: "msteams-cost.send-message"
with:
recipient: "{{finops_email}}"
message: "AWS cost anomaly detected: ${{get-cost-anomaly.totalCost}}. Jira: {{create-jira-cost-ticket.issueKey}}."
consumes:
- type: http
namespace: aws-cost
baseUri: "https://ce.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_cost_token"
resources:
- name: cost-and-usage
path: "/getCostAndUsage"
inputParameters:
- name: startDate
in: body
- name: endDate
in: body
operations:
- name: get-cost-and-usage
method: POST
- type: http
namespace: jira-finops
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-cost
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
AWS Cost Allocation Orchestrator
▼
finops aws snowflake google-sheets
Retrieves AWS cost data, allocates to business units in Snowflake, and publishes reports to Google Sheets.
naftiko: "0.5"
info:
label: "AWS Cost Allocation Orchestrator"
description: "Retrieves AWS cost data, allocates to business units in Snowflake, and publishes reports to Google Sheets."
tags:
- finops
- aws
- snowflake
- google-sheets
capability:
exposes:
- type: mcp
namespace: aws-cost-allocation
port: 8080
tools:
- name: aws-cost-allocation
description: "Retrieves AWS cost data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: get-resources
type: call
call: "aws.list-resources"
with:
entity_id: "{{entity_id}}"
- name: update-sheet
type: call
call: "sheets.update-spreadsheet"
with:
spreadsheet_id: "report"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: aws
baseUri: "https://ec2.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: resources
path: "/"
operations:
- name: list-resources
method: GET
- type: http
namespace: sheets
baseUri: "https://sheets.googleapis.com/v4"
authentication:
type: bearer
token: "$secrets.google_sheets_token"
resources:
- name: spreadsheets
path: "/spreadsheets/{{spreadsheet_id}}/values:batchUpdate"
operations:
- name: update-spreadsheet
method: POST
AWS Lambda Function Status Lookup
▼
cloud aws-lambda
Retrieves execution metrics for an AWS Lambda function.
naftiko: "0.5"
info:
label: "AWS Lambda Function Status Lookup"
description: "Retrieves execution metrics for an AWS Lambda function."
tags:
- cloud
- aws-lambda
capability:
exposes:
- type: mcp
namespace: lambda-ops
port: 8080
tools:
- name: get-lambda-status
description: "Look up Lambda function metrics."
inputParameters:
- name: function_name
in: body
type: string
description: "Lambda function name."
call: "lambda.get-function"
with:
function_name: "{{function_name}}"
outputParameters:
- name: last_invocation
type: string
mapping: "$.Configuration.LastModified"
- name: state
type: string
mapping: "$.Configuration.State"
consumes:
- type: http
namespace: lambda
baseUri: "https://lambda.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_lambda_token"
resources:
- name: functions
path: "/2015-03-31/functions/{{function_name}}"
inputParameters:
- name: function_name
in: path
operations:
- name: get-function
method: GET
AWS Security Group Audit Orchestrator
▼
security aws jira
Audits AWS security groups, identifies overly permissive rules, and creates Jira remediation tickets.
naftiko: "0.5"
info:
label: "AWS Security Group Audit Orchestrator"
description: "Audits AWS security groups, identifies overly permissive rules, and creates Jira remediation tickets."
tags:
- security
- aws
- jira
capability:
exposes:
- type: mcp
namespace: aws-security-group-audit
port: 8080
tools:
- name: aws-security-group-audit
description: "Audits AWS security groups."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "AWS Security Group Audit - {{entity_id}}"
- name: get-resources
type: call
call: "aws.list-resources"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: aws
baseUri: "https://ec2.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: resources
path: "/"
operations:
- name: list-resources
method: GET
Azure AD Access Recertification
▼
identity security microsoft-graph workday access-management
Queries Microsoft Graph for users in a given security group, cross-references with Workday to identify terminated employees, and disables stale accounts to enforce access recertification.
naftiko: "0.5"
info:
label: "Azure AD Access Recertification"
description: "Queries Microsoft Graph for users in a given security group, cross-references with Workday to identify terminated employees, and disables stale accounts to enforce access recertification."
tags:
- identity
- security
- microsoft-graph
- workday
- access-management
capability:
exposes:
- type: mcp
namespace: identity-ops
port: 8080
tools:
- name: recertify-group-access
description: "Given an Azure AD group ID, list all members, check each against Workday for active status, and disable accounts for terminated employees. Use for quarterly access recertification campaigns."
inputParameters:
- name: group_id
in: body
type: string
description: "The Azure AD security group object ID to recertify."
steps:
- name: get-group-members
type: call
call: "msgraph-id.get-group-members"
with:
groupId: "{{group_id}}"
- name: check-workday-status
type: call
call: "workday-id.get-worker-status"
with:
email: "{{get-group-members.userPrincipalName}}"
- name: disable-stale-account
type: call
call: "msgraph-disable.disable-user"
with:
userPrincipalName: "{{get-group-members.userPrincipalName}}"
accountEnabled: "false"
consumes:
- type: http
namespace: msgraph-id
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: group-members
path: "/groups/{groupId}/members"
inputParameters:
- name: groupId
in: path
operations:
- name: get-group-members
method: GET
- type: http
namespace: workday-id
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker-status
path: "/workers"
inputParameters:
- name: email
in: query
operations:
- name: get-worker-status
method: GET
- type: http
namespace: msgraph-disable
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user
path: "/users/{userPrincipalName}"
inputParameters:
- name: userPrincipalName
in: path
- name: accountEnabled
in: body
operations:
- name: disable-user
method: PATCH
Bloomberg Market Data Feed to Snowflake
▼
finance bloomberg snowflake market-data treasury
Fetches market rate and benchmark index data from Bloomberg Data License and loads the snapshot into a Snowflake staging table for risk and treasury analytics.
naftiko: "0.5"
info:
label: "Bloomberg Market Data Feed to Snowflake"
description: "Fetches market rate and benchmark index data from Bloomberg Data License and loads the snapshot into a Snowflake staging table for risk and treasury analytics."
tags:
- finance
- bloomberg
- snowflake
- market-data
- treasury
capability:
exposes:
- type: mcp
namespace: market-data
port: 8080
tools:
- name: load-bloomberg-market-data
description: "Given a Bloomberg field set and security list, fetch current market data and insert a snapshot row into Snowflake. Use for daily treasury mark-to-market updates."
inputParameters:
- name: securities
in: body
type: string
description: "Comma-separated Bloomberg security identifiers."
- name: fields
in: body
type: string
description: "Comma-separated Bloomberg field names (e.g., PX_LAST,YLD_YTM_MID)."
- name: target_table
in: body
type: string
description: "Fully qualified Snowflake target table for the data load."
steps:
- name: fetch-market-data
type: call
call: "bloomberg.get-reference-data"
with:
securities: "{{securities}}"
fields: "{{fields}}"
- name: load-to-snowflake
type: call
call: "snowflake-mkt.execute-statement"
with:
statement: "INSERT INTO {{target_table}} SELECT PARSE_JSON('{{fetch-market-data.data}}')"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: reference-data
path: "/requests/referenceData"
inputParameters:
- name: securities
in: body
- name: fields
in: body
operations:
- name: get-reference-data
method: POST
- type: http
namespace: snowflake-mkt
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statement
path: "/statements"
inputParameters:
- name: statement
in: body
operations:
- name: execute-statement
method: POST
Boomi Integration Health Check
▼
integration boomi jira monitoring
Queries Boomi AtomSphere for failed integration process executions in the last 24 hours and creates Jira tickets for each failure requiring investigation.
naftiko: "0.5"
info:
label: "Boomi Integration Health Check"
description: "Queries Boomi AtomSphere for failed integration process executions in the last 24 hours and creates Jira tickets for each failure requiring investigation."
tags:
- integration
- boomi
- jira
- monitoring
capability:
exposes:
- type: mcp
namespace: integration-ops
port: 8080
tools:
- name: check-boomi-integration-health
description: "Given a Boomi account ID and failure lookback window, list failed process executions and create a Jira ticket for each. Use for daily integration monitoring and SLA tracking."
inputParameters:
- name: account_id
in: body
type: string
description: "The Boomi AtomSphere account ID."
- name: hours_back
in: body
type: integer
description: "Number of hours back to check for failed executions."
steps:
- name: list-failed-executions
type: call
call: "boomi.list-process-executions"
with:
accountId: "{{account_id}}"
status: "ERROR"
hoursBack: "{{hours_back}}"
- name: create-jira-ticket
type: call
call: "jira-int.create-issue"
with:
summary: "Boomi integration failure: {{list-failed-executions.processName}}"
description: "Process {{list-failed-executions.processName}} failed at {{list-failed-executions.executionTime}}."
project: "INTEG"
issuetype: "Bug"
consumes:
- type: http
namespace: boomi
baseUri: "https://api.boomi.com/api/rest/v1"
authentication:
type: basic
username: "$secrets.boomi_user"
password: "$secrets.boomi_token"
resources:
- name: process-executions
path: "/{accountId}/ExecutionRecord/query"
inputParameters:
- name: accountId
in: path
- name: status
in: body
- name: hoursBack
in: body
operations:
- name: list-process-executions
method: POST
- type: http
namespace: jira-int
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
Branch Network Performance Orchestrator
▼
network solarwinds servicenow slack
Monitors branch network via SolarWinds, creates ServiceNow incidents for outages, and notifies IT.
naftiko: "0.5"
info:
label: "Branch Network Performance Orchestrator"
description: "Monitors branch network via SolarWinds, creates ServiceNow incidents for outages, and notifies IT."
tags:
- network
- solarwinds
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: branch-network-performance
port: 8080
tools:
- name: branch-network-performance
description: "Monitors branch network via SolarWinds."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Branch Network Performance for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Branch Network Performance processed for {{entity_id}}"
- name: get-alerts
type: call
call: "solarwinds.get-alerts"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: solarwinds
baseUri: "https://solarwinds.capitalone.com/api/v2"
authentication:
type: basic
username: "$secrets.solarwinds_user"
password: "$secrets.solarwinds_password"
resources:
- name: alerts
path: "/alerts"
operations:
- name: get-alerts
method: GET
Card Reward Program Analysis Orchestrator
▼
banking snowflake confluence
Analyzes reward program data in Snowflake, identifies optimization opportunities, and publishes to Confluence.
naftiko: "0.5"
info:
label: "Card Reward Program Analysis Orchestrator"
description: "Analyzes reward program data in Snowflake, identifies optimization opportunities, and publishes to Confluence."
tags:
- banking
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: card-reward-program-analysis
port: 8080
tools:
- name: card-reward-program-analysis
description: "Analyzes reward program data in Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Card Reward Program Analysis"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Cloud Infrastructure Drift Detection Orchestrator
▼
infrastructure terraform servicenow slack
Detects Terraform state drift, creates ServiceNow change requests, and notifies platform team via Slack.
naftiko: "0.5"
info:
label: "Cloud Infrastructure Drift Detection Orchestrator"
description: "Detects Terraform state drift, creates ServiceNow change requests, and notifies platform team via Slack."
tags:
- infrastructure
- terraform
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: cloud-infrastructure-drift-det
port: 8080
tools:
- name: cloud-infrastructure-drift-detection
description: "Detects Terraform state drift."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Cloud Infrastructure Drift Detection for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Cloud Infrastructure Drift Detection processed for {{entity_id}}"
- name: check-state
type: call
call: "terraform.get-state"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/workspaces"
operations:
- name: get-state
method: GET
Cloudflare DDoS Alert to SOC
▼
security cloudflare servicenow slack ddos network-security
Monitors Cloudflare for active DDoS attack events and automatically creates a ServiceNow security incident and posts an alert to the SOC Slack channel.
naftiko: "0.5"
info:
label: "Cloudflare DDoS Alert to SOC"
description: "Monitors Cloudflare for active DDoS attack events and automatically creates a ServiceNow security incident and posts an alert to the SOC Slack channel."
tags:
- security
- cloudflare
- servicenow
- slack
- ddos
- network-security
capability:
exposes:
- type: mcp
namespace: network-security
port: 8080
tools:
- name: handle-cloudflare-ddos-alert
description: "Given a Cloudflare zone ID, check for active DDoS events, open a ServiceNow security incident, and alert the SOC Slack channel. Use for automated DDoS detection and response."
inputParameters:
- name: zone_id
in: body
type: string
description: "The Cloudflare zone ID to check for DDoS activity."
- name: soc_slack_channel
in: body
type: string
description: "The SOC Slack channel ID for alert notification."
steps:
- name: check-ddos-events
type: call
call: "cloudflare.get-security-events"
with:
zoneId: "{{zone_id}}"
eventType: "ddos"
- name: create-security-incident
type: call
call: "servicenow-ddos.create-security-incident"
with:
short_description: "Cloudflare DDoS attack detected on zone {{zone_id}}"
description: "DDoS event: {{check-ddos-events.ruleId}} started at {{check-ddos-events.occurred_at}}."
category: "Network Security"
urgency: "1"
- name: alert-soc
type: call
call: "slack-soc.post-message"
with:
channel: "{{soc_slack_channel}}"
text: "DDOS ALERT: Zone {{zone_id}} under attack. Incident: {{create-security-incident.incidentNumber}}."
consumes:
- type: http
namespace: cloudflare
baseUri: "https://api.cloudflare.com/client/v4"
authentication:
type: bearer
token: "$secrets.cloudflare_token"
resources:
- name: security-events
path: "/zones/{zoneId}/security/events"
inputParameters:
- name: zoneId
in: path
- name: eventType
in: query
operations:
- name: get-security-events
method: GET
- type: http
namespace: servicenow-ddos
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: security-incident
path: "/table/sn_si_incident"
inputParameters:
- name: short_description
in: body
- name: description
in: body
- name: category
in: body
- name: urgency
in: body
operations:
- name: create-security-incident
method: POST
- type: http
namespace: slack-soc
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
inputParameters:
- name: channel
in: body
- name: text
in: body
operations:
- name: post-message
method: POST
Compliance Training Tracking Orchestrator
▼
compliance workday servicenow
Tracks compliance training completion in Workday, identifies gaps, and creates ServiceNow tickets for overdue items.
naftiko: "0.5"
info:
label: "Compliance Training Tracking Orchestrator"
description: "Tracks compliance training completion in Workday, identifies gaps, and creates ServiceNow tickets for overdue items."
tags:
- compliance
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: compliance-training-tracking
port: 8080
tools:
- name: compliance-training-tracking
description: "Tracks compliance training completion in Workday."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Compliance Training Tracking for {{entity_id}}"
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/capitalone/workers"
operations:
- name: get-worker
method: GET
Coupa Purchase Order Status Lookup
▼
procurement coupa
Retrieves purchase order status from Coupa.
naftiko: "0.5"
info:
label: "Coupa Purchase Order Status Lookup"
description: "Retrieves purchase order status from Coupa."
tags:
- procurement
- coupa
capability:
exposes:
- type: mcp
namespace: po-status
port: 8080
tools:
- name: get-po-status
description: "Look up Coupa purchase order status."
inputParameters:
- name: po_number
in: body
type: string
description: "Coupa PO number."
call: "coupa.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: total_amount
type: number
mapping: "$.total"
consumes:
- type: http
namespace: coupa
baseUri: "https://capitalone.coupahost.com/api"
authentication:
type: bearer
token: "$secrets.coupa_token"
resources:
- name: purchase-orders
path: "/purchase_orders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
Coupa Purchase Requisition Approval
▼
procurement coupa servicenow microsoft-teams approval
When a Coupa purchase requisition is submitted, creates a ServiceNow approval task for the budget owner and sends an approval link via Microsoft Teams.
naftiko: "0.5"
info:
label: "Coupa Purchase Requisition Approval"
description: "When a Coupa purchase requisition is submitted, creates a ServiceNow approval task for the budget owner and sends an approval link via Microsoft Teams."
tags:
- procurement
- coupa
- servicenow
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: trigger-po-approval
description: "Given a Coupa requisition ID and budget owner email, open a ServiceNow approval task and notify the owner via Teams. Invoke when a new procurement requisition is awaiting budget approval."
inputParameters:
- name: requisition_id
in: body
type: string
description: "The Coupa purchase requisition ID."
- name: budget_owner_email
in: body
type: string
description: "Email of the budget owner responsible for approval."
steps:
- name: get-requisition
type: call
call: "coupa.get-requisition"
with:
requisitionId: "{{requisition_id}}"
- name: create-approval-task
type: call
call: "servicenow-po.create-approval-task"
with:
description: "PO requisition {{requisition_id}} for ${{get-requisition.total}} pending approval."
assignedTo: "{{budget_owner_email}}"
- name: notify-owner
type: call
call: "msteams-po.send-message"
with:
recipient: "{{budget_owner_email}}"
message: "Coupa requisition {{requisition_id}} for ${{get-requisition.total}} requires your approval. Task: {{create-approval-task.taskId}}."
consumes:
- type: http
namespace: coupa
baseUri: "https://capitalone.coupahost.com/api"
authentication:
type: apikey
key: "X-COUPA-API-KEY"
value: "$secrets.coupa_api_key"
placement: header
resources:
- name: requisition
path: "/requisitions/{requisitionId}"
inputParameters:
- name: requisitionId
in: path
operations:
- name: get-requisition
method: GET
- type: http
namespace: servicenow-po
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: approval-task
path: "/table/sc_task"
inputParameters:
- name: description
in: body
- name: assignedTo
in: body
operations:
- name: create-approval-task
method: POST
- type: http
namespace: msteams-po
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Credit Card Fraud Investigation Orchestrator
▼
fraud snowflake servicenow slack
Investigates flagged transactions by enriching with Snowflake risk data, creating a ServiceNow case, and alerting the fraud team via Slack.
naftiko: "0.5"
info:
label: "Credit Card Fraud Investigation Orchestrator"
description: "Investigates flagged transactions by enriching with Snowflake risk data, creating a ServiceNow case, and alerting the fraud team via Slack."
tags:
- fraud
- snowflake
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: credit-card-fraud-investigatio
port: 8080
tools:
- name: credit-card-fraud-investigation
description: "Investigates flagged transactions by enriching with Snowflake risk data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Credit Card Fraud Investigation for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Credit Card Fraud Investigation processed for {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Credit Limit Adjustment Orchestrator
▼
banking databricks email
Evaluates credit limit changes using Databricks ML models, updates customer records, and notifies via email.
naftiko: "0.5"
info:
label: "Credit Limit Adjustment Orchestrator"
description: "Evaluates credit limit changes using Databricks ML models, updates customer records, and notifies via email."
tags:
- banking
- databricks
- email
capability:
exposes:
- type: mcp
namespace: credit-limit-adjustment
port: 8080
tools:
- name: credit-limit-adjustment
description: "Evaluates credit limit changes using Databricks ML models."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Credit Limit Adjustment"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Credit Risk Model Audit Log to Confluence
▼
compliance databricks confluence model-governance financial-services
Retrieves the execution log from a Databricks credit risk scoring job and publishes a structured audit record to a Confluence model governance page.
naftiko: "0.5"
info:
label: "Credit Risk Model Audit Log to Confluence"
description: "Retrieves the execution log from a Databricks credit risk scoring job and publishes a structured audit record to a Confluence model governance page."
tags:
- compliance
- databricks
- confluence
- model-governance
- financial-services
capability:
exposes:
- type: mcp
namespace: model-governance
port: 8080
tools:
- name: publish-model-audit-log
description: "Given a Databricks job run ID and Confluence page ID, fetch the run execution details and append an audit record to the model governance page. Use for monthly model risk management reporting."
inputParameters:
- name: run_id
in: body
type: string
description: "The Databricks job run ID for the credit risk model execution."
- name: confluence_page_id
in: body
type: string
description: "The Confluence page ID to append the audit record to."
steps:
- name: get-run-details
type: call
call: "databricks-audit.get-run"
with:
runId: "{{run_id}}"
- name: update-confluence-page
type: call
call: "confluence.update-page"
with:
pageId: "{{confluence_page_id}}"
body: "Run {{run_id}} completed at {{get-run-details.endTime}} with status {{get-run-details.state.resultState}}."
consumes:
- type: http
namespace: databricks-audit
baseUri: "https://adb-capitalone.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: run
path: "/jobs/runs/get"
inputParameters:
- name: runId
in: query
operations:
- name: get-run
method: GET
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: page
path: "/content/{pageId}"
inputParameters:
- name: pageId
in: path
- name: body
in: body
operations:
- name: update-page
method: PUT
Customer 360 Enrichment Orchestrator
▼
data snowflake salesforce databricks
Enriches customer profiles by aggregating data from Snowflake, Salesforce, and publishing to Databricks feature store.
naftiko: "0.5"
info:
label: "Customer 360 Enrichment Orchestrator"
description: "Enriches customer profiles by aggregating data from Snowflake, Salesforce, and publishing to Databricks feature store."
tags:
- data
- snowflake
- salesforce
- databricks
capability:
exposes:
- type: mcp
namespace: customer-360-enrichment
port: 8080
tools:
- name: customer-360-enrichment
description: "Enriches customer profiles by aggregating data from Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: update-sf
type: call
call: "salesforce.update-opp"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: salesforce
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: objects
path: "/sobjects"
operations:
- name: get-lead
method: GET
- name: create-lead
method: POST
- name: update-opp
method: PATCH
Customer Account Closure Orchestrator
▼
banking snowflake servicenow email
Processes account closure by validating balances in Snowflake, creating a ServiceNow request, and sending confirmation via email.
naftiko: "0.5"
info:
label: "Customer Account Closure Orchestrator"
description: "Processes account closure by validating balances in Snowflake, creating a ServiceNow request, and sending confirmation via email."
tags:
- banking
- snowflake
- servicenow
- email
capability:
exposes:
- type: mcp
namespace: customer-account-closure
port: 8080
tools:
- name: customer-account-closure
description: "Processes account closure by validating balances in Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Customer Account Closure for {{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Customer Account Closure"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Customer Churn Prediction Orchestrator
▼
analytics databricks salesforce
Runs churn prediction models in Databricks, identifies at-risk customers, and creates Salesforce retention campaigns.
naftiko: "0.5"
info:
label: "Customer Churn Prediction Orchestrator"
description: "Runs churn prediction models in Databricks, identifies at-risk customers, and creates Salesforce retention campaigns."
tags:
- analytics
- databricks
- salesforce
capability:
exposes:
- type: mcp
namespace: customer-churn-prediction
port: 8080
tools:
- name: customer-churn-prediction
description: "Runs churn prediction models in Databricks."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: update-sf
type: call
call: "salesforce.update-opp"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: salesforce
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: objects
path: "/sobjects"
operations:
- name: get-lead
method: GET
- name: create-lead
method: POST
- name: update-opp
method: PATCH
Customer Communication Preference Orchestrator
▼
marketing salesforce servicenow
Syncs communication preferences between Salesforce and marketing platforms, validates consent, and logs in ServiceNow.
naftiko: "0.5"
info:
label: "Customer Communication Preference Orchestrator"
description: "Syncs communication preferences between Salesforce and marketing platforms, validates consent, and logs in ServiceNow."
tags:
- marketing
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: customer-communication-prefere
port: 8080
tools:
- name: customer-communication-preference
description: "Syncs communication preferences between Salesforce and marketing platforms."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Customer Communication Preference for {{entity_id}}"
- name: update-sf
type: call
call: "salesforce.update-opp"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: salesforce
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: objects
path: "/sobjects"
operations:
- name: get-lead
method: GET
- name: create-lead
method: POST
- name: update-opp
method: PATCH
Customer Complaint Routing Orchestrator
▼
support salesforce servicenow slack
Routes customer complaints from Salesforce to ServiceNow, assigns priority, and notifies the resolution team via Slack.
naftiko: "0.5"
info:
label: "Customer Complaint Routing Orchestrator"
description: "Routes customer complaints from Salesforce to ServiceNow, assigns priority, and notifies the resolution team via Slack."
tags:
- support
- salesforce
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: customer-complaint-routing
port: 8080
tools:
- name: customer-complaint-routing
description: "Routes customer complaints from Salesforce to ServiceNow."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Customer Complaint Routing for {{entity_id}}"
- name: update-sf
type: call
call: "salesforce.update-opp"
with:
entity_id: "{{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Customer Complaint Routing processed for {{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: salesforce
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: objects
path: "/sobjects"
operations:
- name: get-lead
method: GET
- name: create-lead
method: POST
- name: update-opp
method: PATCH
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Customer Feedback Analysis Orchestrator
▼
analytics databricks confluence
Aggregates customer feedback, runs sentiment analysis in Databricks, and publishes insights to Confluence.
naftiko: "0.5"
info:
label: "Customer Feedback Analysis Orchestrator"
description: "Aggregates customer feedback, runs sentiment analysis in Databricks, and publishes insights to Confluence."
tags:
- analytics
- databricks
- confluence
capability:
exposes:
- type: mcp
namespace: customer-feedback-analysis
port: 8080
tools:
- name: customer-feedback-analysis
description: "Aggregates customer feedback."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Customer Feedback Analysis"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Customer Identity Verification Orchestrator
▼
banking snowflake servicenow
Verifies customer identity using Snowflake data, updates verification status, and notifies compliance.
naftiko: "0.5"
info:
label: "Customer Identity Verification Orchestrator"
description: "Verifies customer identity using Snowflake data, updates verification status, and notifies compliance."
tags:
- banking
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: customer-identity-verification
port: 8080
tools:
- name: customer-identity-verification
description: "Verifies customer identity using Snowflake data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Customer Identity Verification for {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
Customer Onboarding KYC Orchestrator
▼
banking snowflake salesforce
Orchestrates KYC verification by pulling data from Snowflake, running identity checks, and updating Salesforce.
naftiko: "0.5"
info:
label: "Customer Onboarding KYC Orchestrator"
description: "Orchestrates KYC verification by pulling data from Snowflake, running identity checks, and updating Salesforce."
tags:
- banking
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: customer-onboarding-kyc
port: 8080
tools:
- name: customer-onboarding-kyc
description: "Orchestrates KYC verification by pulling data from Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: update-sf
type: call
call: "salesforce.update-opp"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: salesforce
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: objects
path: "/sobjects"
operations:
- name: get-lead
method: GET
- name: create-lead
method: POST
- name: update-opp
method: PATCH
Data Lake Cost Optimization Orchestrator
▼
finops snowflake jira
Analyzes Snowflake warehouse utilization, identifies savings, and creates Jira implementation tickets.
naftiko: "0.5"
info:
label: "Data Lake Cost Optimization Orchestrator"
description: "Analyzes Snowflake warehouse utilization, identifies savings, and creates Jira implementation tickets."
tags:
- finops
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: data-lake-cost-optimization
port: 8080
tools:
- name: data-lake-cost-optimization
description: "Analyzes Snowflake warehouse utilization."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "Data Lake Cost Optimization - {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Data Quality Remediation Orchestrator
▼
data snowflake jira slack
Detects Snowflake data quality issues, creates Jira tickets, and alerts data stewards via Slack.
naftiko: "0.5"
info:
label: "Data Quality Remediation Orchestrator"
description: "Detects Snowflake data quality issues, creates Jira tickets, and alerts data stewards via Slack."
tags:
- data
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: data-quality-remediation
port: 8080
tools:
- name: data-quality-remediation
description: "Detects Snowflake data quality issues."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "Data Quality Remediation - {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Data Quality Remediation processed for {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Database Schema Migration Orchestrator
▼
data snowflake servicenow slack
Validates schema changes in Snowflake, creates ServiceNow change requests, and notifies DBAs via Slack.
naftiko: "0.5"
info:
label: "Database Schema Migration Orchestrator"
description: "Validates schema changes in Snowflake, creates ServiceNow change requests, and notifies DBAs via Slack."
tags:
- data
- snowflake
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: database-schema-migration
port: 8080
tools:
- name: database-schema-migration
description: "Validates schema changes in Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Database Schema Migration for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Database Schema Migration processed for {{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Databricks ML Pipeline Monitor
▼
data databricks servicenow ml-ops monitoring
Checks the latest Databricks job run status for a given ML pipeline and opens a ServiceNow incident if the run failed or exceeded the SLA window.
naftiko: "0.5"
info:
label: "Databricks ML Pipeline Monitor"
description: "Checks the latest Databricks job run status for a given ML pipeline and opens a ServiceNow incident if the run failed or exceeded the SLA window."
tags:
- data
- databricks
- servicenow
- ml-ops
- monitoring
capability:
exposes:
- type: mcp
namespace: mlops
port: 8080
tools:
- name: monitor-databricks-pipeline
description: "Given a Databricks job ID and SLA window in minutes, check the latest run status and open a ServiceNow incident if it failed or ran over SLA. Invoke for scheduled ML model training jobs."
inputParameters:
- name: job_id
in: body
type: string
description: "The Databricks job ID to monitor."
- name: sla_minutes
in: body
type: integer
description: "Maximum expected run duration in minutes before SLA breach."
steps:
- name: get-latest-run
type: call
call: "databricks.get-job-run"
with:
jobId: "{{job_id}}"
- name: open-incident
type: call
call: "servicenow-ml.create-incident"
with:
short_description: "Databricks job {{job_id}} failed or exceeded SLA of {{sla_minutes}} minutes."
category: "Data Engineering"
urgency: "2"
consumes:
- type: http
namespace: databricks
baseUri: "https://adb-capitalone.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: job-run
path: "/jobs/runs/get-latest-by-name"
inputParameters:
- name: jobId
in: query
operations:
- name: get-job-run
method: GET
- type: http
namespace: servicenow-ml
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
inputParameters:
- name: short_description
in: body
- name: category
in: body
- name: urgency
in: body
operations:
- name: create-incident
method: POST
Databricks Model Serving Health Lookup
▼
ml databricks
Checks health status of a Databricks model serving endpoint.
naftiko: "0.5"
info:
label: "Databricks Model Serving Health Lookup"
description: "Checks health status of a Databricks model serving endpoint."
tags:
- ml
- databricks
capability:
exposes:
- type: mcp
namespace: model-serving
port: 8080
tools:
- name: get-endpoint-health
description: "Look up Databricks model serving endpoint health."
inputParameters:
- name: endpoint_name
in: body
type: string
description: "Model serving endpoint name."
call: "databricks.get-endpoint"
with:
endpoint_name: "{{endpoint_name}}"
outputParameters:
- name: state
type: string
mapping: "$.state.ready"
- name: config_version
type: number
mapping: "$.config.served_models[0].model_version"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: endpoints
path: "/serving-endpoints/{{endpoint_name}}"
inputParameters:
- name: endpoint_name
in: path
operations:
- name: get-endpoint
method: GET
Datadog Service Health Check
▼
observability datadog servicenow monitoring
Queries Datadog monitors for a given service tag and returns a health status summary, triggering a PagerDuty-style ServiceNow incident if any monitors are in alert state.
naftiko: "0.5"
info:
label: "Datadog Service Health Check"
description: "Queries Datadog monitors for a given service tag and returns a health status summary, triggering a PagerDuty-style ServiceNow incident if any monitors are in alert state."
tags:
- observability
- datadog
- servicenow
- monitoring
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: check-service-health
description: "Given a Datadog service tag, retrieve monitor states and open a ServiceNow incident if any are alerting. Use for proactive service health verification before deployments or during incidents."
inputParameters:
- name: service_tag
in: body
type: string
description: "The Datadog service tag to filter monitors (e.g., service:credit-api)."
steps:
- name: get-monitors
type: call
call: "datadog-health.get-monitors"
with:
tags: "{{service_tag}}"
- name: open-incident
type: call
call: "servicenow-health.create-incident"
with:
short_description: "Service degradation detected for {{service_tag}}"
urgency: "1"
impact: "1"
consumes:
- type: http
namespace: datadog-health
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
inputParameters:
- name: tags
in: query
operations:
- name: get-monitors
method: GET
- type: http
namespace: servicenow-health
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
inputParameters:
- name: short_description
in: body
- name: urgency
in: body
- name: impact
in: body
operations:
- name: create-incident
method: POST
Digital Banking Feature Flag Orchestrator
▼
product datadog slack
Manages feature flags by evaluating Datadog metrics, updating configurations, and notifying product teams.
naftiko: "0.5"
info:
label: "Digital Banking Feature Flag Orchestrator"
description: "Manages feature flags by evaluating Datadog metrics, updating configurations, and notifying product teams."
tags:
- product
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: digital-banking-feature-flag
port: 8080
tools:
- name: digital-banking-feature-flag
description: "Manages feature flags by evaluating Datadog metrics."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Digital Banking Feature Flag processed for {{entity_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Disaster Recovery Test Orchestrator
▼
infrastructure servicenow confluence
Initiates DR test, validates recovery metrics, and publishes test results to Confluence.
naftiko: "0.5"
info:
label: "Disaster Recovery Test Orchestrator"
description: "Initiates DR test, validates recovery metrics, and publishes test results to Confluence."
tags:
- infrastructure
- servicenow
- confluence
capability:
exposes:
- type: mcp
namespace: disaster-recovery-test
port: 8080
tools:
- name: disaster-recovery-test
description: "Initiates DR test."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Disaster Recovery Test for {{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Disaster Recovery Test"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
DynamoDB Customer Profile Lookup
▼
data dynamodb
Retrieves customer profile data from DynamoDB.
naftiko: "0.5"
info:
label: "DynamoDB Customer Profile Lookup"
description: "Retrieves customer profile data from DynamoDB."
tags:
- data
- dynamodb
capability:
exposes:
- type: mcp
namespace: customer-data
port: 8080
tools:
- name: get-customer-profile
description: "Look up customer profile from DynamoDB."
inputParameters:
- name: customer_id
in: body
type: string
description: "Customer ID."
call: "dynamodb.get-item"
with:
customer_id: "{{customer_id}}"
outputParameters:
- name: name
type: string
mapping: "$.Item.name.S"
- name: tier
type: string
mapping: "$.Item.tier.S"
consumes:
- type: http
namespace: dynamodb
baseUri: "https://dynamodb.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_dynamodb_token"
resources:
- name: items
path: "/"
operations:
- name: get-item
method: POST
Employee Access Review Orchestrator
▼
identity okta servicenow
Reviews Okta access assignments, validates against role requirements, and creates ServiceNow tickets for anomalies.
naftiko: "0.5"
info:
label: "Employee Access Review Orchestrator"
description: "Reviews Okta access assignments, validates against role requirements, and creates ServiceNow tickets for anomalies."
tags:
- identity
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: employee-access-review
port: 8080
tools:
- name: employee-access-review
description: "Reviews Okta access assignments."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Employee Access Review for {{entity_id}}"
- name: check-access
type: call
call: "okta.get-user"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: okta
baseUri: "https://capitalone.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: get-user
method: GET
Employee Offboarding Workflow
▼
hr offboarding workday servicenow microsoft-teams
When an employee departure is flagged in Workday, revokes Okta/Azure AD access, closes open ServiceNow tickets, and notifies the manager via Teams.
naftiko: "0.5"
info:
label: "Employee Offboarding Workflow"
description: "When an employee departure is flagged in Workday, revokes Okta/Azure AD access, closes open ServiceNow tickets, and notifies the manager via Teams."
tags:
- hr
- offboarding
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: orchestrate-employee-offboarding
description: "Given a Workday worker ID and termination date, close open ServiceNow tasks, disable the user account via Microsoft Graph, and notify the manager. Invoke when an employee leaves Capital One."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID for the departing employee."
- name: termination_date
in: body
type: string
description: "The employee's last day in ISO 8601 format."
- name: manager_upn
in: body
type: string
description: "The UPN of the employee's manager for notification."
steps:
- name: get-worker
type: call
call: "workday-off.get-worker"
with:
workerId: "{{worker_id}}"
- name: disable-aad-account
type: call
call: "msgraph-off.disable-user"
with:
userPrincipalName: "{{get-worker.primaryEmail}}"
- name: close-snow-tasks
type: call
call: "servicenow-off.close-user-tasks"
with:
assignedTo: "{{get-worker.primaryEmail}}"
- name: notify-manager
type: call
call: "msteams-off.send-message"
with:
recipient: "{{manager_upn}}"
message: "Offboarding complete for {{get-worker.displayName}} as of {{termination_date}}."
consumes:
- type: http
namespace: workday-off
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker
path: "/workers/{{workerId}}"
inputParameters:
- name: workerId
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph-off
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user
path: "/users/{userPrincipalName}"
inputParameters:
- name: userPrincipalName
in: path
- name: accountEnabled
in: body
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow-off
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: task
path: "/table/task"
inputParameters:
- name: assignedTo
in: query
- name: state
in: body
operations:
- name: close-user-tasks
method: PATCH
- type: http
namespace: msteams-off
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow sharepoint microsoft-teams
When a new hire record is created in Workday, opens a ServiceNow onboarding ticket, provisions a SharePoint folder, and sends a Microsoft Teams welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "When a new hire record is created in Workday, opens a ServiceNow onboarding ticket, provisions a SharePoint folder, and sends a Microsoft Teams welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: orchestrate-new-hire-onboarding
description: "Given a Workday worker ID and start date, open a ServiceNow onboarding task, provision a SharePoint folder, and send a Teams welcome message. Invoke when a new employee joins Capital One."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "The employee's start date in ISO 8601 format (YYYY-MM-DD)."
- name: manager_email
in: body
type: string
description: "The manager's email address for Teams notification."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
workerId: "{{worker_id}}"
- name: create-onboarding-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Onboarding: {{get-worker.displayName}}"
category: "HR"
assignment_group: "IT Onboarding"
- name: provision-sharepoint
type: call
call: "msgraph.create-drive-folder"
with:
parentPath: "/HR/NewHires"
folderName: "{{get-worker.displayName}}"
- name: send-welcome-message
type: call
call: "msteams.send-message"
with:
recipient: "{{manager_email}}"
message: "Welcome {{get-worker.displayName}} to Capital One starting {{start_date}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker
path: "/workers/{{workerId}}"
inputParameters:
- name: workerId
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
inputParameters:
- name: short_description
in: body
- name: category
in: body
- name: assignment_group
in: body
operations:
- name: create-incident
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-folder
path: "/sites/root/drive/root:/{parentPath}/{folderName}:/children"
inputParameters:
- name: parentPath
in: path
- name: folderName
in: path
operations:
- name: create-drive-folder
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: message
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Expense Report Approval via SAP Concur
▼
finance expense-management sap-concur servicenow microsoft-teams
When an expense report is submitted in SAP Concur exceeding a policy threshold, creates a ServiceNow approval task and notifies the approver via Microsoft Teams.
naftiko: "0.5"
info:
label: "Expense Report Approval via SAP Concur"
description: "When an expense report is submitted in SAP Concur exceeding a policy threshold, creates a ServiceNow approval task and notifies the approver via Microsoft Teams."
tags:
- finance
- expense-management
- sap-concur
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance-expense
port: 8080
tools:
- name: trigger-expense-approval-workflow
description: "Given a Concur expense report ID and approval threshold, create a ServiceNow approval task and send a Teams notification to the approver. Use when high-value expense reports need manager review."
inputParameters:
- name: report_id
in: body
type: string
description: "The SAP Concur expense report ID."
- name: approver_email
in: body
type: string
description: "The approver's email address for Teams notification."
- name: threshold
in: body
type: number
description: "The dollar threshold above which approval is required."
steps:
- name: get-expense-report
type: call
call: "concur.get-expense-report"
with:
reportId: "{{report_id}}"
- name: create-approval-task
type: call
call: "servicenow-exp.create-approval-task"
with:
description: "Expense report {{report_id}} totaling {{get-expense-report.total}} requires approval."
assignedTo: "{{approver_email}}"
- name: notify-approver
type: call
call: "msteams-exp.send-message"
with:
recipient: "{{approver_email}}"
message: "Expense report {{report_id}} of ${{get-expense-report.total}} requires your approval. ServiceNow task: {{create-approval-task.taskId}}."
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-report
path: "/expense/reports/{reportId}"
inputParameters:
- name: reportId
in: path
operations:
- name: get-expense-report
method: GET
- type: http
namespace: servicenow-exp
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: approval-task
path: "/table/sc_task"
inputParameters:
- name: description
in: body
- name: assignedTo
in: body
operations:
- name: create-approval-task
method: POST
- type: http
namespace: msteams-exp
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Fraud Alert Triage with Anthropic AI
▼
ai fraud-detection anthropic servicenow financial-services
When a transaction fraud alert is logged, uses Anthropic to summarize the alert context and risk signals, then creates a ServiceNow security incident for the fraud operations team.
naftiko: "0.5"
info:
label: "Fraud Alert Triage with Anthropic AI"
description: "When a transaction fraud alert is logged, uses Anthropic to summarize the alert context and risk signals, then creates a ServiceNow security incident for the fraud operations team."
tags:
- ai
- fraud-detection
- anthropic
- servicenow
- financial-services
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: triage-fraud-alert
description: "Given a fraud alert payload with transaction details, send the context to Anthropic for risk summarization and open a ServiceNow security incident with the AI-generated summary. Use for automated fraud triage."
inputParameters:
- name: alert_payload
in: body
type: string
description: "JSON string containing fraud alert details including transaction ID, amount, and risk signals."
- name: account_id
in: body
type: string
description: "The customer account ID associated with the fraud alert."
steps:
- name: summarize-alert
type: call
call: "anthropic.create-message"
with:
model: "claude-3-5-sonnet-20241022"
max_tokens: 500
messages: "[{\"role\": \"user\", \"content\": \"Summarize this fraud alert and assess risk level: {{alert_payload}}\"}]"
- name: create-fraud-incident
type: call
call: "servicenow-fraud.create-security-incident"
with:
short_description: "Fraud alert for account {{account_id}}"
description: "{{summarize-alert.content}}"
category: "Fraud"
urgency: "1"
consumes:
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
inputParameters:
- name: model
in: body
- name: max_tokens
in: body
- name: messages
in: body
operations:
- name: create-message
method: POST
- type: http
namespace: servicenow-fraud
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: security-incident
path: "/table/sn_si_incident"
inputParameters:
- name: short_description
in: body
- name: description
in: body
- name: category
in: body
- name: urgency
in: body
operations:
- name: create-security-incident
method: POST
GitHub CI/CD Pipeline Failure Responder
▼
devops cicd github jira datadog microsoft-teams incident-response
When a GitHub Actions workflow fails, opens a Jira incident ticket, posts a Datadog event for observability, and notifies the on-call engineer via Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub CI/CD Pipeline Failure Responder"
description: "When a GitHub Actions workflow fails, opens a Jira incident ticket, posts a Datadog event for observability, and notifies the on-call engineer via Microsoft Teams."
tags:
- devops
- cicd
- github
- jira
- datadog
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: cicd-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions run ID and repository name, retrieve failure details, open a Jira ticket, post a Datadog event, and notify the on-call engineer via Teams. Invoke on any failed workflow run."
inputParameters:
- name: run_id
in: body
type: string
description: "The GitHub Actions workflow run ID."
- name: repo
in: body
type: string
description: "The repository name in owner/repo format."
- name: oncall_email
in: body
type: string
description: "Email of the on-call engineer to notify."
steps:
- name: get-run-details
type: call
call: "github.get-workflow-run"
with:
runId: "{{run_id}}"
repo: "{{repo}}"
- name: open-jira-ticket
type: call
call: "jira.create-issue"
with:
summary: "Pipeline failure: {{repo}} run {{run_id}}"
description: "Workflow {{get-run-details.name}} failed at {{get-run-details.updated_at}}."
project: "DEVOPS"
issuetype: "Bug"
- name: post-datadog-event
type: call
call: "datadog.create-event"
with:
title: "Pipeline failure: {{repo}}"
text: "Run {{run_id}} failed. Jira: {{open-jira-ticket.issueKey}}"
alert_type: "error"
- name: notify-oncall
type: call
call: "msteams-ci.send-message"
with:
recipient: "{{oncall_email}}"
message: "Pipeline failure in {{repo}}. Jira: {{open-jira-ticket.issueKey}}. Datadog event logged."
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-run
path: "/repos/{repo}/actions/runs/{runId}"
inputParameters:
- name: repo
in: path
- name: runId
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: event
path: "/events"
inputParameters:
- name: title
in: body
- name: text
in: body
- name: alert_type
in: body
operations:
- name: create-event
method: POST
- type: http
namespace: msteams-ci
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
GitHub Code Scan Findings Lookup
▼
security github
Retrieves code scanning alert count for a GitHub repository.
naftiko: "0.5"
info:
label: "GitHub Code Scan Findings Lookup"
description: "Retrieves code scanning alert count for a GitHub repository."
tags:
- security
- github
capability:
exposes:
- type: mcp
namespace: code-scanning
port: 8080
tools:
- name: get-scan-findings
description: "Look up GitHub code scanning alerts."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository (org/repo)."
call: "github.get-alerts"
with:
repo: "{{repo_name}}"
outputParameters:
- name: alert_count
type: number
mapping: "$.length"
- name: critical_count
type: number
mapping: "$.critical"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: alerts
path: "/repos/{{repo}}/code-scanning/alerts"
inputParameters:
- name: repo
in: path
operations:
- name: get-alerts
method: GET
GitHub Security Scan to Jira
▼
devops security github jira devsecops
Queries GitHub Advanced Security for high-severity code scanning alerts and creates Jira tickets for each unresolved finding to enforce remediation SLAs.
naftiko: "0.5"
info:
label: "GitHub Security Scan to Jira"
description: "Queries GitHub Advanced Security for high-severity code scanning alerts and creates Jira tickets for each unresolved finding to enforce remediation SLAs."
tags:
- devops
- security
- github
- jira
- devsecops
capability:
exposes:
- type: mcp
namespace: devsecops
port: 8080
tools:
- name: sync-security-alerts-to-jira
description: "Given a repository name and severity level, fetch unresolved GitHub code scanning alerts and create a Jira ticket for each finding. Use for daily security remediation triage."
inputParameters:
- name: repo
in: body
type: string
description: "Repository in owner/repo format to scan."
- name: severity
in: body
type: string
description: "Minimum severity to capture (critical, high, medium, low)."
steps:
- name: get-alerts
type: call
call: "github-sec.list-code-scanning-alerts"
with:
repo: "{{repo}}"
severity: "{{severity}}"
state: "open"
- name: create-jira-tickets
type: call
call: "jira-sec.create-issue"
with:
summary: "Security alert: {{get-alerts.rule.description}} in {{repo}}"
description: "{{get-alerts.most_recent_instance.message.text}}"
project: "SECDEP"
issuetype: "Security"
consumes:
- type: http
namespace: github-sec
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: code-scanning-alerts
path: "/repos/{repo}/code-scanning/alerts"
inputParameters:
- name: repo
in: path
- name: severity
in: query
- name: state
in: query
operations:
- name: list-code-scanning-alerts
method: GET
- type: http
namespace: jira-sec
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
Incident Postmortem Orchestrator
▼
operations servicenow datadog confluence
Collects incident data from ServiceNow, gathers metrics from Datadog, and publishes postmortem to Confluence.
naftiko: "0.5"
info:
label: "Incident Postmortem Orchestrator"
description: "Collects incident data from ServiceNow, gathers metrics from Datadog, and publishes postmortem to Confluence."
tags:
- operations
- servicenow
- datadog
- confluence
capability:
exposes:
- type: mcp
namespace: incident-postmortem
port: 8080
tools:
- name: incident-postmortem
description: "Collects incident data from ServiceNow."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Incident Postmortem for {{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Incident Postmortem"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Informatica Data Pipeline Health Check
▼
data informatica jira data-pipeline monitoring
Queries Informatica Intelligent Cloud Services for failed mapping tasks in a given time window and creates Jira tickets for each failure requiring investigation.
naftiko: "0.5"
info:
label: "Informatica Data Pipeline Health Check"
description: "Queries Informatica Intelligent Cloud Services for failed mapping tasks in a given time window and creates Jira tickets for each failure requiring investigation."
tags:
- data
- informatica
- jira
- data-pipeline
- monitoring
capability:
exposes:
- type: mcp
namespace: data-pipeline-ops
port: 8080
tools:
- name: check-informatica-pipeline-health
description: "Given a time window in hours, list failed Informatica mapping tasks and create a Jira ticket for each failure. Use for daily ETL health reviews."
inputParameters:
- name: hours_back
in: body
type: integer
description: "Number of hours back to look for failed tasks."
- name: project_key
in: body
type: string
description: "Jira project key for creating failure tickets."
steps:
- name: list-failed-tasks
type: call
call: "informatica.list-activity-log"
with:
status: "FAILED"
hoursBack: "{{hours_back}}"
- name: create-jira-ticket
type: call
call: "jira-etl.create-issue"
with:
summary: "Informatica task failure: {{list-failed-tasks.objectName}}"
description: "Task {{list-failed-tasks.objectName}} failed at {{list-failed-tasks.startTime}}."
project: "{{project_key}}"
issuetype: "Bug"
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: activity-log
path: "/activity/activityLog"
inputParameters:
- name: status
in: query
- name: hoursBack
in: query
operations:
- name: list-activity-log
method: GET
- type: http
namespace: jira-etl
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
Informatica Data Pipeline Status Lookup
▼
data informatica
Retrieves pipeline execution status from Informatica.
naftiko: "0.5"
info:
label: "Informatica Data Pipeline Status Lookup"
description: "Retrieves pipeline execution status from Informatica."
tags:
- data
- informatica
capability:
exposes:
- type: mcp
namespace: data-pipelines
port: 8080
tools:
- name: get-pipeline-status
description: "Look up Informatica pipeline execution status."
inputParameters:
- name: pipeline_id
in: body
type: string
description: "Informatica pipeline ID."
call: "informatica.get-run"
with:
pipeline_id: "{{pipeline_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: rows_processed
type: number
mapping: "$.rowsProcessed"
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: runs
path: "/activity/activityMonitor/{{pipeline_id}}"
inputParameters:
- name: pipeline_id
in: path
operations:
- name: get-run
method: GET
Jira Sprint Velocity Report
▼
agile jira microsoft-teams reporting engineering
Queries Jira for completed sprint stories across a project, computes velocity, and posts a summary to a Microsoft Teams engineering channel.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity Report"
description: "Queries Jira for completed sprint stories across a project, computes velocity, and posts a summary to a Microsoft Teams engineering channel."
tags:
- agile
- jira
- microsoft-teams
- reporting
- engineering
capability:
exposes:
- type: mcp
namespace: agile-reporting
port: 8080
tools:
- name: publish-sprint-velocity-report
description: "Given a Jira project key and board ID, retrieve the last completed sprint's story points and post a velocity digest to Teams. Use for sprint review preparation or engineering metrics."
inputParameters:
- name: project_key
in: body
type: string
description: "The Jira project key (e.g., CAPTECH)."
- name: board_id
in: body
type: string
description: "The Jira board ID for sprint data."
- name: teams_channel
in: body
type: string
description: "The Teams channel email or ID for the engineering digest."
steps:
- name: get-sprint-data
type: call
call: "jira-sprint.get-sprint-report"
with:
boardId: "{{board_id}}"
state: "closed"
- name: post-velocity
type: call
call: "msteams-agile.send-message"
with:
recipient: "{{teams_channel}}"
message: "Sprint {{get-sprint-data.sprintName}} velocity: {{get-sprint-data.completedPoints}} story points completed."
consumes:
- type: http
namespace: jira-sprint
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: sprint-report
path: "/board/{boardId}/sprint"
inputParameters:
- name: boardId
in: path
- name: state
in: query
operations:
- name: get-sprint-report
method: GET
- type: http
namespace: msteams-agile
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Loan Origination Pipeline Orchestrator
▼
banking databricks snowflake email
Processes loan applications by running credit models in Databricks, updating Snowflake, and notifying via email.
naftiko: "0.5"
info:
label: "Loan Origination Pipeline Orchestrator"
description: "Processes loan applications by running credit models in Databricks, updating Snowflake, and notifying via email."
tags:
- banking
- databricks
- snowflake
- email
capability:
exposes:
- type: mcp
namespace: loan-origination-pipeline
port: 8080
tools:
- name: loan-origination-pipeline
description: "Processes loan applications by running credit models in Databricks."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Loan Origination Pipeline"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Looker Embedded Report Refresh
▼
data looker microsoft-teams reporting analytics
Triggers a Looker Look or dashboard tile refresh for a given content ID and posts the updated embed URL to a Teams channel for executive reporting.
naftiko: "0.5"
info:
label: "Looker Embedded Report Refresh"
description: "Triggers a Looker Look or dashboard tile refresh for a given content ID and posts the updated embed URL to a Teams channel for executive reporting."
tags:
- data
- looker
- microsoft-teams
- reporting
- analytics
capability:
exposes:
- type: mcp
namespace: embedded-analytics
port: 8080
tools:
- name: refresh-looker-report
description: "Given a Looker Look ID, run the query and post the refreshed embed URL to a Teams channel. Use for scheduled executive dashboard updates."
inputParameters:
- name: look_id
in: body
type: string
description: "The Looker Look ID to refresh."
- name: teams_channel_email
in: body
type: string
description: "Teams channel recipient email for embed URL notification."
steps:
- name: run-look
type: call
call: "looker.run-look"
with:
lookId: "{{look_id}}"
result_format: "json"
- name: notify-teams
type: call
call: "msteams-looker.send-message"
with:
recipient: "{{teams_channel_email}}"
message: "Looker report {{look_id}} has been refreshed. View at: {{run-look.embedUrl}}"
consumes:
- type: http
namespace: looker
baseUri: "https://capitalone.cloud.looker.com/api/4.0"
authentication:
type: bearer
token: "$secrets.looker_token"
resources:
- name: look
path: "/looks/{lookId}/run/{result_format}"
inputParameters:
- name: lookId
in: path
- name: result_format
in: path
operations:
- name: run-look
method: GET
- type: http
namespace: msteams-looker
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
Marketing Campaign Performance Orchestrator
▼
marketing google-ads snowflake confluence
Aggregates campaign data from Google Ads, analyzes in Snowflake, and publishes insights to Confluence.
naftiko: "0.5"
info:
label: "Marketing Campaign Performance Orchestrator"
description: "Aggregates campaign data from Google Ads, analyzes in Snowflake, and publishes insights to Confluence."
tags:
- marketing
- google-ads
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: marketing-campaign-performance
port: 8080
tools:
- name: marketing-campaign-performance
description: "Aggregates campaign data from Google Ads."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Marketing Campaign Performance"
- name: get-campaign
type: call
call: "google-ads.get-campaign"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: google-ads
baseUri: "https://googleads.googleapis.com/v14"
authentication:
type: bearer
token: "$secrets.google_ads_token"
resources:
- name: campaigns
path: "/customers/{{customer_id}}/campaigns"
operations:
- name: get-campaign
method: GET
Merchant Dispute Resolution Orchestrator
▼
banking snowflake jira email
Processes card disputes by gathering transaction data from Snowflake, creating Jira tickets, and notifying customers.
naftiko: "0.5"
info:
label: "Merchant Dispute Resolution Orchestrator"
description: "Processes card disputes by gathering transaction data from Snowflake, creating Jira tickets, and notifying customers."
tags:
- banking
- snowflake
- jira
- email
capability:
exposes:
- type: mcp
namespace: merchant-dispute-resolution
port: 8080
tools:
- name: merchant-dispute-resolution
description: "Processes card disputes by gathering transaction data from Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "Merchant Dispute Resolution - {{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Merchant Dispute Resolution"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Microservice Health Dashboard Orchestrator
▼
observability datadog confluence
Collects Datadog service metrics, validates SLOs, and publishes health report to Confluence.
naftiko: "0.5"
info:
label: "Microservice Health Dashboard Orchestrator"
description: "Collects Datadog service metrics, validates SLOs, and publishes health report to Confluence."
tags:
- observability
- datadog
- confluence
capability:
exposes:
- type: mcp
namespace: microservice-health-dashboard
port: 8080
tools:
- name: microservice-health-dashboard
description: "Collects Datadog service metrics."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Microservice Health Dashboard"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
ML Model Governance Orchestrator
▼
ml databricks servicenow slack
Validates ML model performance in Databricks, logs governance events in ServiceNow, and notifies data science team.
naftiko: "0.5"
info:
label: "ML Model Governance Orchestrator"
description: "Validates ML model performance in Databricks, logs governance events in ServiceNow, and notifies data science team."
tags:
- ml
- databricks
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: ml-model-governance
port: 8080
tools:
- name: ml-model-governance
description: "Validates ML model performance in Databricks."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "ML Model Governance for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "ML Model Governance processed for {{entity_id}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Mobile App Crash Response Orchestrator
▼
mobile datadog jira slack
Detects mobile app crashes via Datadog, creates Jira bugs, and notifies the mobile team via Slack.
naftiko: "0.5"
info:
label: "Mobile App Crash Response Orchestrator"
description: "Detects mobile app crashes via Datadog, creates Jira bugs, and notifies the mobile team via Slack."
tags:
- mobile
- datadog
- jira
- slack
capability:
exposes:
- type: mcp
namespace: mobile-app-crash-response
port: 8080
tools:
- name: mobile-app-crash-response
description: "Detects mobile app crashes via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "Mobile App Crash Response - {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Mobile App Crash Response processed for {{entity_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
New Hire IT Provisioning Orchestrator
▼
hr okta servicenow slack
Provisions IT resources for new hires by creating Okta accounts, ServiceNow requests, and Slack welcome messages.
naftiko: "0.5"
info:
label: "New Hire IT Provisioning Orchestrator"
description: "Provisions IT resources for new hires by creating Okta accounts, ServiceNow requests, and Slack welcome messages."
tags:
- hr
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: new-hire-it-provisioning
port: 8080
tools:
- name: new-hire-it-provisioning
description: "Provisions IT resources for new hires by creating Okta accounts."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New Hire IT Provisioning for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "New Hire IT Provisioning processed for {{entity_id}}"
- name: check-access
type: call
call: "okta.get-user"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: okta
baseUri: "https://capitalone.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: get-user
method: GET
New Relic APM Performance Digest
▼
observability new-relic slack apm reporting
Queries New Relic for application transaction error rates and Apdex scores across a service tier, then publishes a daily performance summary to the engineering Slack channel.
naftiko: "0.5"
info:
label: "New Relic APM Performance Digest"
description: "Queries New Relic for application transaction error rates and Apdex scores across a service tier, then publishes a daily performance summary to the engineering Slack channel."
tags:
- observability
- new-relic
- slack
- apm
- reporting
capability:
exposes:
- type: mcp
namespace: apm-reporting
port: 8080
tools:
- name: digest-apm-performance
description: "Given a New Relic application name and time window, retrieve error rate and Apdex scores and post a performance digest to Slack. Use for daily engineering health reviews."
inputParameters:
- name: app_name
in: body
type: string
description: "The New Relic application name to report on."
- name: time_window_hours
in: body
type: integer
description: "Number of hours to include in the performance digest."
- name: slack_channel
in: body
type: string
description: "Slack channel ID for the digest notification."
steps:
- name: get-app-metrics
type: call
call: "newrelic.get-metric-data"
with:
appName: "{{app_name}}"
timeWindowHours: "{{time_window_hours}}"
- name: post-digest
type: call
call: "slack-apm.post-message"
with:
channel: "{{slack_channel}}"
text: "APM Digest for {{app_name}}: Error rate {{get-app-metrics.errorRate}}%, Apdex {{get-app-metrics.apdexScore}} over last {{time_window_hours}}h."
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "X-Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: metric-data
path: "/applications.json"
inputParameters:
- name: appName
in: query
- name: timeWindowHours
in: query
operations:
- name: get-metric-data
method: GET
- type: http
namespace: slack-apm
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
inputParameters:
- name: channel
in: body
- name: text
in: body
operations:
- name: post-message
method: POST
New Relic Browser Performance Lookup
▼
observability new-relic
Retrieves browser performance metrics from New Relic.
naftiko: "0.5"
info:
label: "New Relic Browser Performance Lookup"
description: "Retrieves browser performance metrics from New Relic."
tags:
- observability
- new-relic
capability:
exposes:
- type: mcp
namespace: browser-perf
port: 8080
tools:
- name: get-browser-metrics
description: "Look up New Relic browser performance."
inputParameters:
- name: app_id
in: body
type: string
description: "New Relic browser app ID."
call: "newrelic.get-browser-app"
with:
app_id: "{{app_id}}"
outputParameters:
- name: page_load_time
type: number
mapping: "$.browser_application.browser_summary.page_load_time"
- name: ajax_response_time
type: number
mapping: "$.browser_application.browser_summary.ajax_response_time"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "X-Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: browser
path: "/browser_applications/{{app_id}}.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-browser-app
method: GET
Okta MFA Status Lookup
▼
identity okta
Retrieves MFA enrollment status for a user in Okta.
naftiko: "0.5"
info:
label: "Okta MFA Status Lookup"
description: "Retrieves MFA enrollment status for a user in Okta."
tags:
- identity
- okta
capability:
exposes:
- type: mcp
namespace: mfa-status
port: 8080
tools:
- name: get-mfa-status
description: "Look up Okta MFA enrollment status."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address."
call: "okta.get-user-factors"
with:
email: "{{user_email}}"
outputParameters:
- name: factor_count
type: number
mapping: "$.length"
- name: enrolled
type: string
mapping: "$.enrolled"
consumes:
- type: http
namespace: okta
baseUri: "https://capitalone.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: factors
path: "/users/{{email}}/factors"
inputParameters:
- name: email
in: path
operations:
- name: get-user-factors
method: GET
Open Banking API Monitoring Orchestrator
▼
banking datadog servicenow
Monitors open banking API performance via Datadog, detects anomalies, and creates ServiceNow incidents.
naftiko: "0.5"
info:
label: "Open Banking API Monitoring Orchestrator"
description: "Monitors open banking API performance via Datadog, detects anomalies, and creates ServiceNow incidents."
tags:
- banking
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: open-banking-api-monitoring
port: 8080
tools:
- name: open-banking-api-monitoring
description: "Monitors open banking API performance via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Open Banking API Monitoring for {{entity_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
OpenAI Customer Support Response Drafter
▼
ai customer-support openai salesforce
When a new Salesforce Service Cloud case is opened, uses OpenAI to draft an initial customer response based on the case description and relevant knowledge base articles.
naftiko: "0.5"
info:
label: "OpenAI Customer Support Response Drafter"
description: "When a new Salesforce Service Cloud case is opened, uses OpenAI to draft an initial customer response based on the case description and relevant knowledge base articles."
tags:
- ai
- customer-support
- openai
- salesforce
capability:
exposes:
- type: mcp
namespace: support-ai
port: 8080
tools:
- name: draft-customer-support-response
description: "Given a Salesforce case ID, fetch the case details and use OpenAI to generate a draft customer response. Update the case with the draft for agent review. Use for first-response SLA optimization."
inputParameters:
- name: case_id
in: body
type: string
description: "The Salesforce Service Cloud case ID."
steps:
- name: get-case
type: call
call: "salesforce-case.get-case"
with:
caseId: "{{case_id}}"
- name: draft-response
type: call
call: "openai.create-completion"
with:
model: "gpt-4o"
messages: "[{\"role\": \"system\", \"content\": \"You are a Capital One customer support agent.\"}, {\"role\": \"user\", \"content\": \"Draft a professional response to this customer case: {{get-case.description}}\"}]"
- name: update-case
type: call
call: "salesforce-case-update.update-case"
with:
caseId: "{{case_id}}"
internalComments: "AI Draft: {{draft-response.choices.0.message.content}}"
consumes:
- type: http
namespace: salesforce-case
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: case
path: "/sobjects/Case/{caseId}"
inputParameters:
- name: caseId
in: path
operations:
- name: get-case
method: GET
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completion
path: "/chat/completions"
inputParameters:
- name: model
in: body
- name: messages
in: body
operations:
- name: create-completion
method: POST
- type: http
namespace: salesforce-case-update
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: case
path: "/sobjects/Case/{caseId}"
inputParameters:
- name: caseId
in: path
- name: internalComments
in: body
operations:
- name: update-case
method: PATCH
Oracle Hyperion Budget Lookup
▼
finance oracle-hyperion
Retrieves budget data from Oracle Hyperion for a cost center.
naftiko: "0.5"
info:
label: "Oracle Hyperion Budget Lookup"
description: "Retrieves budget data from Oracle Hyperion for a cost center."
tags:
- finance
- oracle-hyperion
capability:
exposes:
- type: mcp
namespace: budget-data
port: 8080
tools:
- name: get-budget-data
description: "Look up Oracle Hyperion budget for a cost center."
inputParameters:
- name: cost_center
in: body
type: string
description: "Cost center code."
call: "hyperion.get-budget"
with:
cost_center: "{{cost_center}}"
outputParameters:
- name: budget_amount
type: number
mapping: "$.data.budget"
- name: actual_amount
type: number
mapping: "$.data.actual"
consumes:
- type: http
namespace: hyperion
baseUri: "https://hyperion.capitalone.com/api/v1"
authentication:
type: bearer
token: "$secrets.hyperion_token"
resources:
- name: budgets
path: "/planning/budget/{{cost_center}}"
inputParameters:
- name: cost_center
in: path
operations:
- name: get-budget
method: GET
Oracle Hyperion Budget Variance Report
▼
finance budgeting oracle-hyperion oracle-ebs power-bi
Pulls actuals from Oracle EBS and budget data from Oracle Hyperion, computes variance by cost center, and publishes a Power BI dashboard refresh.
naftiko: "0.5"
info:
label: "Oracle Hyperion Budget Variance Report"
description: "Pulls actuals from Oracle EBS and budget data from Oracle Hyperion, computes variance by cost center, and publishes a Power BI dashboard refresh."
tags:
- finance
- budgeting
- oracle-hyperion
- oracle-ebs
- power-bi
capability:
exposes:
- type: mcp
namespace: finance-reporting
port: 8080
tools:
- name: publish-budget-variance-report
description: "Given a fiscal period and cost center, fetch actuals from Oracle EBS, compare to Hyperion budget targets, and trigger a Power BI dataset refresh. Use for monthly close reporting."
inputParameters:
- name: fiscal_period
in: body
type: string
description: "The fiscal period in YYYY-MM format."
- name: cost_center
in: body
type: string
description: "The cost center code to report on."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID to refresh."
steps:
- name: get-actuals
type: call
call: "oracle-ebs.get-actuals"
with:
fiscalPeriod: "{{fiscal_period}}"
costCenter: "{{cost_center}}"
- name: get-budget
type: call
call: "oracle-hyperion.get-budget"
with:
fiscalPeriod: "{{fiscal_period}}"
costCenter: "{{cost_center}}"
- name: refresh-dataset
type: call
call: "powerbi.trigger-refresh"
with:
datasetId: "{{dataset_id}}"
consumes:
- type: http
namespace: oracle-ebs
baseUri: "https://capitalone-ebs.oraclecloud.com/fscmRestApi/resources/11.13.18.05"
authentication:
type: bearer
token: "$secrets.oracle_ebs_token"
resources:
- name: actuals
path: "/generalLedgerJournalEntries"
inputParameters:
- name: fiscalPeriod
in: query
- name: costCenter
in: query
operations:
- name: get-actuals
method: GET
- type: http
namespace: oracle-hyperion
baseUri: "https://capitalone-hyperion.oraclecloud.com/HyperionPlanning/rest/v3"
authentication:
type: bearer
token: "$secrets.hyperion_token"
resources:
- name: budget
path: "/applications/Planning/plans"
inputParameters:
- name: fiscalPeriod
in: query
- name: costCenter
in: query
operations:
- name: get-budget
method: GET
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refresh
path: "/datasets/{datasetId}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
Palo Alto Firewall Policy Audit
▼
security palo-alto-networks servicenow compliance audit
Queries Palo Alto Networks for firewall rules modified in the last 24 hours, cross-references with ServiceNow approved changes, and flags unauthorized modifications.
naftiko: "0.5"
info:
label: "Palo Alto Firewall Policy Audit"
description: "Queries Palo Alto Networks for firewall rules modified in the last 24 hours, cross-references with ServiceNow approved changes, and flags unauthorized modifications."
tags:
- security
- palo-alto-networks
- servicenow
- compliance
- audit
capability:
exposes:
- type: mcp
namespace: security-audit
port: 8080
tools:
- name: audit-firewall-policy-changes
description: "Retrieve recent Palo Alto firewall rule changes and compare against ServiceNow approved change requests. Create a ServiceNow security incident for any unauthorized modifications."
inputParameters:
- name: hours_back
in: body
type: integer
description: "Number of hours to look back for firewall rule changes."
steps:
- name: get-fw-changes
type: call
call: "paloalto-audit.get-config-audit"
with:
hoursBack: "{{hours_back}}"
- name: check-change-approval
type: call
call: "servicenow-audit.get-approved-changes"
with:
timeWindow: "{{hours_back}}"
- name: create-security-incident
type: call
call: "servicenow-si.create-security-incident"
with:
short_description: "Unauthorized firewall change detected"
description: "Firewall rule {{get-fw-changes.ruleName}} modified without matching approved change."
category: "Security"
urgency: "1"
consumes:
- type: http
namespace: paloalto-audit
baseUri: "https://capitalone-pa.example.com/restapi/v10.1"
authentication:
type: apikey
key: "X-PAN-KEY"
value: "$secrets.paloalto_api_key"
placement: header
resources:
- name: config-audit
path: "/Objects/SecurityRules"
inputParameters:
- name: hoursBack
in: query
operations:
- name: get-config-audit
method: GET
- type: http
namespace: servicenow-audit
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: approved-changes
path: "/table/change_request"
inputParameters:
- name: timeWindow
in: query
- name: state
in: query
operations:
- name: get-approved-changes
method: GET
- type: http
namespace: servicenow-si
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: security-incident
path: "/table/sn_si_incident"
inputParameters:
- name: short_description
in: body
- name: description
in: body
- name: category
in: body
- name: urgency
in: body
operations:
- name: create-security-incident
method: POST
Palo Alto Firewall Rule Lookup
▼
security palo-alto-networks
Retrieves firewall rule details from Palo Alto Networks Panorama.
naftiko: "0.5"
info:
label: "Palo Alto Firewall Rule Lookup"
description: "Retrieves firewall rule details from Palo Alto Networks Panorama."
tags:
- security
- palo-alto-networks
capability:
exposes:
- type: mcp
namespace: firewall-rules
port: 8080
tools:
- name: get-rule-details
description: "Look up Palo Alto firewall rule."
inputParameters:
- name: rule_name
in: body
type: string
description: "Firewall rule name."
call: "paloalto.get-rule"
with:
rule_name: "{{rule_name}}"
outputParameters:
- name: action
type: string
mapping: "$.result.action"
- name: source_zones
type: string
mapping: "$.result.from"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.capitalone.com/restapi/v10.1"
authentication:
type: bearer
token: "$secrets.paloalto_token"
resources:
- name: rules
path: "/Policies/SecurityRules"
operations:
- name: get-rule
method: GET
Payment Processing Latency Orchestrator
▼
banking datadog servicenow slack
Monitors payment latency via Datadog, creates ServiceNow incidents for SLA breaches, and alerts operations.
naftiko: "0.5"
info:
label: "Payment Processing Latency Orchestrator"
description: "Monitors payment latency via Datadog, creates ServiceNow incidents for SLA breaches, and alerts operations."
tags:
- banking
- datadog
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: payment-processing-latency
port: 8080
tools:
- name: payment-processing-latency
description: "Monitors payment latency via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Payment Processing Latency for {{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Payment Processing Latency processed for {{entity_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
PCI Compliance Scan Orchestrator
▼
compliance servicenow jira
Runs PCI compliance scans, logs findings in ServiceNow, and creates Jira remediation tickets.
naftiko: "0.5"
info:
label: "PCI Compliance Scan Orchestrator"
description: "Runs PCI compliance scans, logs findings in ServiceNow, and creates Jira remediation tickets."
tags:
- compliance
- servicenow
- jira
capability:
exposes:
- type: mcp
namespace: pci-compliance-scan
port: 8080
tools:
- name: pci-compliance-scan
description: "Runs PCI compliance scans."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "PCI Compliance Scan for {{entity_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "OPS"
summary: "PCI Compliance Scan - {{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: jira
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Power BI Revenue Dashboard Lookup
▼
analytics power-bi
Retrieves revenue metrics from a Power BI dataset.
naftiko: "0.5"
info:
label: "Power BI Revenue Dashboard Lookup"
description: "Retrieves revenue metrics from a Power BI dataset."
tags:
- analytics
- power-bi
capability:
exposes:
- type: mcp
namespace: revenue-analytics
port: 8080
tools:
- name: get-revenue-metrics
description: "Look up revenue metrics from Power BI."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID."
call: "powerbi.get-dataset-value"
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: total_revenue
type: number
mapping: "$.value[0].total_revenue"
- name: yoy_growth
type: number
mapping: "$.value[0].yoy_growth_pct"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/executeQueries"
operations:
- name: get-dataset-value
method: POST
Quarterly Business Review Orchestrator
▼
analytics snowflake email
Aggregates KPIs from Snowflake, creates executive slides, and distributes via email.
naftiko: "0.5"
info:
label: "Quarterly Business Review Orchestrator"
description: "Aggregates KPIs from Snowflake, creates executive slides, and distributes via email."
tags:
- analytics
- snowflake
- email
capability:
exposes:
- type: mcp
namespace: quarterly-business-review
port: 8080
tools:
- name: quarterly-business-review
description: "Aggregates KPIs from Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Quarterly Business Review"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Quarterly Stress Test Orchestrator
▼
risk snowflake confluence
Runs stress test scenarios in Snowflake, compiles results, and publishes reports to Confluence.
naftiko: "0.5"
info:
label: "Quarterly Stress Test Orchestrator"
description: "Runs stress test scenarios in Snowflake, compiles results, and publishes reports to Confluence."
tags:
- risk
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: quarterly-stress-test
port: 8080
tools:
- name: quarterly-stress-test
description: "Runs stress test scenarios in Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Quarterly Stress Test"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Real-Time Payment Fraud Detection Orchestrator
▼
fraud datadog databricks slack
Monitors payment transactions via Datadog, triggers fraud model in Databricks, and alerts operations via Slack.
naftiko: "0.5"
info:
label: "Real-Time Payment Fraud Detection Orchestrator"
description: "Monitors payment transactions via Datadog, triggers fraud model in Databricks, and alerts operations via Slack."
tags:
- fraud
- datadog
- databricks
- slack
capability:
exposes:
- type: mcp
namespace: real-time-payment-fraud-detect
port: 8080
tools:
- name: real-time-payment-fraud-detection
description: "Monitors payment transactions via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Real-Time Payment Fraud Detection processed for {{entity_id}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Real-Time Transaction Monitoring Orchestrator
▼
fraud datadog databricks slack
Monitors transaction patterns via Datadog, triggers risk scoring in Databricks, and alerts fraud ops.
naftiko: "0.5"
info:
label: "Real-Time Transaction Monitoring Orchestrator"
description: "Monitors transaction patterns via Datadog, triggers risk scoring in Databricks, and alerts fraud ops."
tags:
- fraud
- datadog
- databricks
- slack
capability:
exposes:
- type: mcp
namespace: real-time-transaction-monitori
port: 8080
tools:
- name: real-time-transaction-monitoring
description: "Monitors transaction patterns via Datadog."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: run-model
type: call
call: "databricks.run-job"
with:
entity_id: "{{entity_id}}"
- name: check-metrics
type: call
call: "datadog.get-monitors"
with:
entity_id: "{{entity_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "Real-Time Transaction Monitoring processed for {{entity_id}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://capitalone.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: get-monitors
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Recruiting Pipeline to LinkedIn Job Post
▼
hr recruiting workday linkedin
When a new job requisition is opened in Workday, automatically posts the role to LinkedIn Jobs to accelerate talent sourcing.
naftiko: "0.5"
info:
label: "Recruiting Pipeline to LinkedIn Job Post"
description: "When a new job requisition is opened in Workday, automatically posts the role to LinkedIn Jobs to accelerate talent sourcing."
tags:
- hr
- recruiting
- workday
- linkedin
capability:
exposes:
- type: mcp
namespace: recruiting
port: 8080
tools:
- name: publish-job-to-linkedin
description: "Given a Workday job requisition ID, fetch the job details and post the opening to LinkedIn Jobs. Invoke when a new Capital One requisition needs external sourcing."
inputParameters:
- name: requisition_id
in: body
type: string
description: "The Workday job requisition ID."
steps:
- name: get-requisition
type: call
call: "workday-req.get-job-requisition"
with:
requisitionId: "{{requisition_id}}"
- name: post-linkedin-job
type: call
call: "linkedin.create-job-posting"
with:
title: "{{get-requisition.title}}"
description: "{{get-requisition.description}}"
location: "{{get-requisition.location}}"
company: "Capital One"
consumes:
- type: http
namespace: workday-req
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: job-requisition
path: "/jobRequisitions/{requisitionId}"
inputParameters:
- name: requisitionId
in: path
operations:
- name: get-job-requisition
method: GET
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-posting
path: "/jobPostings"
inputParameters:
- name: title
in: body
- name: description
in: body
- name: location
in: body
- name: company
in: body
operations:
- name: create-job-posting
method: POST
Regulatory Compliance Document Summarizer
▼
ai compliance anthropic sharepoint microsoft-teams financial-services
Uses Anthropic to summarize new regulatory guidance documents stored in SharePoint and publishes a digest to a Microsoft Teams compliance channel.
naftiko: "0.5"
info:
label: "Regulatory Compliance Document Summarizer"
description: "Uses Anthropic to summarize new regulatory guidance documents stored in SharePoint and publishes a digest to a Microsoft Teams compliance channel."
tags:
- ai
- compliance
- anthropic
- sharepoint
- microsoft-teams
- financial-services
capability:
exposes:
- type: mcp
namespace: compliance-ai
port: 8080
tools:
- name: summarize-regulatory-document
description: "Given a SharePoint document ID containing regulatory guidance, fetch the document text, send it to Anthropic for summarization, and post the summary to a Teams compliance channel. Use when new regulatory documents need rapid review."
inputParameters:
- name: document_id
in: body
type: string
description: "The SharePoint document ID to summarize."
- name: teams_channel_id
in: body
type: string
description: "The Microsoft Teams channel ID for posting the compliance summary."
steps:
- name: get-document
type: call
call: "sharepoint.get-file-content"
with:
documentId: "{{document_id}}"
- name: summarize-document
type: call
call: "anthropic-comp.create-message"
with:
model: "claude-3-5-sonnet-20241022"
max_tokens: 800
messages: "[{\"role\": \"user\", \"content\": \"Summarize this regulatory document for a compliance officer: {{get-document.content}}\"}]"
- name: post-to-teams
type: call
call: "msteams-comp.post-channel-message"
with:
channelId: "{{teams_channel_id}}"
message: "Regulatory Summary: {{summarize-document.content}}"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: file-content
path: "/sites/root/drive/items/{documentId}/content"
inputParameters:
- name: documentId
in: path
operations:
- name: get-file-content
method: GET
- type: http
namespace: anthropic-comp
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
inputParameters:
- name: model
in: body
- name: max_tokens
in: body
- name: messages
in: body
operations:
- name: create-message
method: POST
- type: http
namespace: msteams-comp
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-message
path: "/teams/{channelId}/channels/{channelId}/messages"
inputParameters:
- name: channelId
in: path
- name: message
in: body
operations:
- name: post-channel-message
method: POST
Regulatory Reporting Submission Orchestrator
▼
compliance snowflake confluence
Compiles regulatory data from Snowflake, validates compliance, and publishes reports to Confluence.
naftiko: "0.5"
info:
label: "Regulatory Reporting Submission Orchestrator"
description: "Compiles regulatory data from Snowflake, validates compliance, and publishes reports to Confluence."
tags:
- compliance
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: regulatory-reporting-submissio
port: 8080
tools:
- name: regulatory-reporting-submission
description: "Compiles regulatory data from Snowflake."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Regulatory Reporting Submission"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Salesforce Lead Enrichment via ZoomInfo
▼
crm sales salesforce zoominfo lead-enrichment
When a new lead is created in Salesforce CRM, automatically enriches the record with firmographic data from ZoomInfo and updates the lead score.
naftiko: "0.5"
info:
label: "Salesforce Lead Enrichment via ZoomInfo"
description: "When a new lead is created in Salesforce CRM, automatically enriches the record with firmographic data from ZoomInfo and updates the lead score."
tags:
- crm
- sales
- salesforce
- zoominfo
- lead-enrichment
capability:
exposes:
- type: mcp
namespace: crm-enrichment
port: 8080
tools:
- name: enrich-salesforce-lead
description: "Given a Salesforce lead ID, look up the contact in ZoomInfo and update the CRM record with company size, revenue, and industry data. Invoke when a new lead record lacks firmographic details."
inputParameters:
- name: lead_id
in: body
type: string
description: "The Salesforce lead ID to enrich."
steps:
- name: get-lead
type: call
call: "salesforce-read.get-lead"
with:
leadId: "{{lead_id}}"
- name: lookup-zoominfo
type: call
call: "zoominfo.search-contact"
with:
email: "{{get-lead.email}}"
company: "{{get-lead.company}}"
- name: update-lead
type: call
call: "salesforce-write.update-lead"
with:
leadId: "{{lead_id}}"
annualRevenue: "{{lookup-zoominfo.revenue}}"
numberOfEmployees: "{{lookup-zoominfo.employeeCount}}"
industry: "{{lookup-zoominfo.industry}}"
consumes:
- type: http
namespace: salesforce-read
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: lead
path: "/sobjects/Lead/{leadId}"
inputParameters:
- name: leadId
in: path
operations:
- name: get-lead
method: GET
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: contact
path: "/contact"
inputParameters:
- name: email
in: body
- name: company
in: body
operations:
- name: search-contact
method: POST
- type: http
namespace: salesforce-write
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: lead
path: "/sobjects/Lead/{leadId}"
inputParameters:
- name: leadId
in: path
- name: annualRevenue
in: body
- name: numberOfEmployees
in: body
- name: industry
in: body
operations:
- name: update-lead
method: PATCH
Salesforce Opportunity Pipeline Digest
▼
crm sales salesforce power-bi reporting
Queries Salesforce for open opportunities by stage and owner, then publishes a Power BI pipeline digest report for sales leadership review.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Pipeline Digest"
description: "Queries Salesforce for open opportunities by stage and owner, then publishes a Power BI pipeline digest report for sales leadership review."
tags:
- crm
- sales
- salesforce
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: sales-reporting
port: 8080
tools:
- name: digest-opportunity-pipeline
description: "Given a sales stage filter and date range, retrieve open Salesforce opportunities and trigger a Power BI dataset refresh. Use for weekly pipeline reviews or executive dashboards."
inputParameters:
- name: stage
in: body
type: string
description: "The opportunity stage to filter by (e.g., Proposal, Negotiation)."
- name: close_date_before
in: body
type: string
description: "Filter opportunities closing before this date (ISO 8601)."
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID to refresh after query."
steps:
- name: query-opportunities
type: call
call: "salesforce-opp.query-opportunities"
with:
stage: "{{stage}}"
closeDateBefore: "{{close_date_before}}"
- name: refresh-powerbi
type: call
call: "powerbi-sales.trigger-refresh"
with:
datasetId: "{{dataset_id}}"
consumes:
- type: http
namespace: salesforce-opp
baseUri: "https://capitalone.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/query"
inputParameters:
- name: q
in: query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: powerbi-sales
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refresh
path: "/datasets/{datasetId}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
SAP Concur Travel Request Lookup
▼
finance sap-concur
Retrieves a travel request status from SAP Concur.
naftiko: "0.5"
info:
label: "SAP Concur Travel Request Lookup"
description: "Retrieves a travel request status from SAP Concur."
tags:
- finance
- sap-concur
capability:
exposes:
- type: mcp
namespace: travel-requests
port: 8080
tools:
- name: get-travel-request
description: "Look up SAP Concur travel request status."
inputParameters:
- name: request_id
in: body
type: string
description: "Concur travel request ID."
call: "concur.get-request"
with:
request_id: "{{request_id}}"
outputParameters:
- name: status
type: string
mapping: "$.ApprovalStatusName"
- name: total_cost
type: number
mapping: "$.TotalPostedAmount"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: requests
path: "/travelrequest/requests/{{request_id}}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-request
method: GET
Secrets Rotation Orchestrator
▼
security servicenow
Rotates application secrets, updates configurations, and logs rotation events in ServiceNow.
naftiko: "0.5"
info:
label: "Secrets Rotation Orchestrator"
description: "Rotates application secrets, updates configurations, and logs rotation events in ServiceNow."
tags:
- security
- servicenow
capability:
exposes:
- type: mcp
namespace: secrets-rotation
port: 8080
tools:
- name: secrets-rotation
description: "Rotates application secrets."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Secrets Rotation for {{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
ServiceNow Change Management Approval
▼
itsm servicenow change-management microsoft-teams
Creates a ServiceNow change request for a planned infrastructure change, routes it through the CAB approval workflow, and notifies the change owner via Microsoft Teams.
naftiko: "0.5"
info:
label: "ServiceNow Change Management Approval"
description: "Creates a ServiceNow change request for a planned infrastructure change, routes it through the CAB approval workflow, and notifies the change owner via Microsoft Teams."
tags:
- itsm
- servicenow
- change-management
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: submit-change-request
description: "Given a change description, risk level, and implementation window, create a ServiceNow change request and notify the change owner via Teams. Use before deploying infrastructure changes."
inputParameters:
- name: description
in: body
type: string
description: "Description of the planned change."
- name: risk_level
in: body
type: string
description: "Risk level: low, medium, high."
- name: start_date
in: body
type: string
description: "Planned implementation start in ISO 8601 format."
- name: owner_email
in: body
type: string
description: "Email of the change owner for Teams notification."
steps:
- name: create-change-request
type: call
call: "servicenow-chg.create-change"
with:
description: "{{description}}"
risk: "{{risk_level}}"
start_date: "{{start_date}}"
- name: notify-owner
type: call
call: "msteams-chg.send-message"
with:
recipient: "{{owner_email}}"
message: "Change request {{create-change-request.changeNumber}} created for {{start_date}}. Risk: {{risk_level}}."
consumes:
- type: http
namespace: servicenow-chg
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: change
path: "/table/change_request"
inputParameters:
- name: description
in: body
- name: risk
in: body
- name: start_date
in: body
operations:
- name: create-change
method: POST
- type: http
namespace: msteams-chg
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/users/{recipient}/sendMail"
inputParameters:
- name: recipient
in: path
- name: message
in: body
operations:
- name: send-message
method: POST
ServiceNow CMDB CI Lookup
▼
infrastructure servicenow
Retrieves configuration item details from ServiceNow CMDB.
naftiko: "0.5"
info:
label: "ServiceNow CMDB CI Lookup"
description: "Retrieves configuration item details from ServiceNow CMDB."
tags:
- infrastructure
- servicenow
capability:
exposes:
- type: mcp
namespace: cmdb-lookup
port: 8080
tools:
- name: get-ci-details
description: "Look up ServiceNow CMDB configuration item."
inputParameters:
- name: ci_name
in: body
type: string
description: "CI name."
call: "servicenow.get-ci"
with:
ci_name: "{{ci_name}}"
outputParameters:
- name: sys_id
type: string
mapping: "$.result.sys_id"
- name: category
type: string
mapping: "$.result.category"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{ci_name}}"
operations:
- name: get-ci
method: GET
ServiceNow P1 Incident Triage
▼
itsm servicenow datadog slack incident-response
When a Priority 1 incident is raised in ServiceNow, enriches the ticket with Datadog monitor details, assigns to the on-call team, and sends a Slack alert to the incident bridge channel.
naftiko: "0.5"
info:
label: "ServiceNow P1 Incident Triage"
description: "When a Priority 1 incident is raised in ServiceNow, enriches the ticket with Datadog monitor details, assigns to the on-call team, and sends a Slack alert to the incident bridge channel."
tags:
- itsm
- servicenow
- datadog
- slack
- incident-response
capability:
exposes:
- type: mcp
namespace: itsm-ops
port: 8080
tools:
- name: triage-p1-incident
description: "Given a ServiceNow P1 incident number, fetch details, query Datadog for correlated monitor states, and post a Slack alert to the incident bridge channel. Invoke for all Priority 1 incidents."
inputParameters:
- name: incident_number
in: body
type: string
description: "The ServiceNow incident number (e.g., INC0012345)."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID for incident bridge notifications."
steps:
- name: get-incident
type: call
call: "servicenow-p1.get-incident"
with:
number: "{{incident_number}}"
- name: get-dd-monitors
type: call
call: "datadog-p1.get-monitors"
with:
tags: "service:{{get-incident.cmdb_ci}}"
- name: post-slack-alert
type: call
call: "slack.post-message"
with:
channel: "{{slack_channel}}"
text: "P1 INCIDENT: {{incident_number}} - {{get-incident.short_description}}. Datadog monitors: {{get-dd-monitors.count}} alerting."
consumes:
- type: http
namespace: servicenow-p1
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: incident
path: "/table/incident"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
- type: http
namespace: datadog-p1
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
inputParameters:
- name: tags
in: query
operations:
- name: get-monitors
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
inputParameters:
- name: channel
in: body
- name: text
in: body
operations:
- name: post-message
method: POST
Slack Channel Membership Lookup
▼
collaboration slack
Retrieves the member count for a Slack channel.
naftiko: "0.5"
info:
label: "Slack Channel Membership Lookup"
description: "Retrieves the member count for a Slack channel."
tags:
- collaboration
- slack
capability:
exposes:
- type: mcp
namespace: slack-info
port: 8080
tools:
- name: get-channel-members
description: "Look up Slack channel member count."
inputParameters:
- name: channel_id
in: body
type: string
description: "Slack channel ID."
call: "slack.get-channel-info"
with:
channel: "{{channel_id}}"
outputParameters:
- name: member_count
type: number
mapping: "$.channel.num_members"
- name: name
type: string
mapping: "$.channel.name"
consumes:
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: channels
path: "/conversations.info?channel={{channel_id}}"
operations:
- name: get-channel-info
method: GET
Snowflake Credit Risk Score Lookup
▼
risk snowflake
Retrieves credit risk score for a customer segment from Snowflake.
naftiko: "0.5"
info:
label: "Snowflake Credit Risk Score Lookup"
description: "Retrieves credit risk score for a customer segment from Snowflake."
tags:
- risk
- snowflake
capability:
exposes:
- type: mcp
namespace: credit-risk
port: 8080
tools:
- name: get-risk-score
description: "Look up credit risk score by customer segment."
inputParameters:
- name: segment_id
in: body
type: string
description: "Customer segment ID."
call: "snowflake.run-query"
with:
segment_id: "{{segment_id}}"
outputParameters:
- name: risk_score
type: number
mapping: "$.data[0][0]"
- name: confidence
type: number
mapping: "$.data[0][1]"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
Snowflake Data Quality Monitor
▼
data snowflake jira data-quality monitoring
Runs automated data quality checks on a Snowflake table and opens a Jira ticket if row count anomalies or null rate violations are detected.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Monitor"
description: "Runs automated data quality checks on a Snowflake table and opens a Jira ticket if row count anomalies or null rate violations are detected."
tags:
- data
- snowflake
- jira
- data-quality
- monitoring
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: run-snowflake-quality-check
description: "Given a Snowflake table name and quality thresholds, execute a row count and null-rate check and create a Jira issue if thresholds are breached. Use for daily data pipeline health monitoring."
inputParameters:
- name: table_name
in: body
type: string
description: "The fully qualified Snowflake table name (database.schema.table)."
- name: min_row_count
in: body
type: integer
description: "Minimum expected row count; alert if actual is lower."
- name: max_null_rate
in: body
type: number
description: "Maximum acceptable null rate as a decimal (0.0–1.0)."
steps:
- name: check-row-count
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT COUNT(*) AS row_count FROM {{table_name}}"
- name: check-null-rate
type: call
call: "snowflake-null.execute-statement"
with:
statement: "SELECT AVG(CASE WHEN key_col IS NULL THEN 1.0 ELSE 0.0 END) AS null_rate FROM {{table_name}}"
- name: create-jira-issue
type: call
call: "jira-dq.create-issue"
with:
summary: "Data quality violation in {{table_name}}"
description: "Row count: {{check-row-count.row_count}}, null rate: {{check-null-rate.null_rate}}"
project: "DATA"
issuetype: "Bug"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statement
path: "/statements"
inputParameters:
- name: statement
in: body
operations:
- name: execute-statement
method: POST
- type: http
namespace: snowflake-null
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statement
path: "/statements"
inputParameters:
- name: statement
in: body
operations:
- name: execute-statement
method: POST
- type: http
namespace: jira-dq
baseUri: "https://capitalone.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issue
path: "/issue"
inputParameters:
- name: summary
in: body
- name: description
in: body
- name: project
in: body
- name: issuetype
in: body
operations:
- name: create-issue
method: POST
SOC2 Evidence Collection Orchestrator
▼
compliance servicenow github okta confluence
Collects SOC2 compliance evidence from ServiceNow, GitHub, and Okta, then publishes to Confluence.
naftiko: "0.5"
info:
label: "SOC2 Evidence Collection Orchestrator"
description: "Collects SOC2 compliance evidence from ServiceNow, GitHub, and Okta, then publishes to Confluence."
tags:
- compliance
- servicenow
- github
- okta
- confluence
capability:
exposes:
- type: mcp
namespace: soc2-evidence-collection
port: 8080
tools:
- name: soc2-evidence-collection
description: "Collects SOC2 compliance evidence from ServiceNow."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "SOC2 Evidence Collection for {{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "SOC2 Evidence Collection"
- name: check-access
type: call
call: "okta.get-user"
with:
entity_id: "{{entity_id}}"
- name: check-repo
type: call
call: "github.get-alerts"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: okta
baseUri: "https://capitalone.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: get-user
method: GET
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos"
operations:
- name: get-alerts
method: GET
Splunk Fraud Event Lookup
▼
security splunk
Queries Splunk for fraud detection events matching a transaction pattern.
naftiko: "0.5"
info:
label: "Splunk Fraud Event Lookup"
description: "Queries Splunk for fraud detection events matching a transaction pattern."
tags:
- security
- splunk
capability:
exposes:
- type: mcp
namespace: fraud-events
port: 8080
tools:
- name: search-fraud-events
description: "Search Splunk for fraud events."
inputParameters:
- name: transaction_pattern
in: body
type: string
description: "Transaction pattern query."
call: "splunk.search-events"
with:
query: "{{transaction_pattern}}"
outputParameters:
- name: event_count
type: number
mapping: "$.results.length"
- name: risk_level
type: string
mapping: "$.results[0].risk_level"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.capitalone.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs/export"
operations:
- name: search-events
method: GET
Splunk Security Incident Triage
▼
security splunk palo-alto-networks servicenow incident-response
When Splunk raises a security alert, enriches the event with Palo Alto Networks threat intelligence and opens a ServiceNow security incident for the SOC team.
naftiko: "0.5"
info:
label: "Splunk Security Incident Triage"
description: "When Splunk raises a security alert, enriches the event with Palo Alto Networks threat intelligence and opens a ServiceNow security incident for the SOC team."
tags:
- security
- splunk
- palo-alto-networks
- servicenow
- incident-response
capability:
exposes:
- type: mcp
namespace: soc-ops
port: 8080
tools:
- name: triage-splunk-security-alert
description: "Given a Splunk alert ID and source IP, fetch alert details, query Palo Alto for threat context, and open a ServiceNow security incident. Use for automated SOC Level 1 triage."
inputParameters:
- name: alert_id
in: body
type: string
description: "The Splunk alert search ID or SID."
- name: source_ip
in: body
type: string
description: "The source IP address involved in the alert."
steps:
- name: get-alert-details
type: call
call: "splunk.get-alert"
with:
alertId: "{{alert_id}}"
- name: get-threat-intel
type: call
call: "paloalto.get-threat-intel"
with:
sourceIp: "{{source_ip}}"
- name: create-security-incident
type: call
call: "servicenow-soc.create-security-incident"
with:
short_description: "Security alert {{alert_id}}: {{get-alert-details.name}}"
description: "Source IP {{source_ip}} threat score: {{get-threat-intel.threatScore}}"
category: "Security"
urgency: "1"
consumes:
- type: http
namespace: splunk
baseUri: "https://capitalone-splunk.splunkcloud.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: alert
path: "/search/jobs/{alertId}/results"
inputParameters:
- name: alertId
in: path
operations:
- name: get-alert
method: GET
- type: http
namespace: paloalto
baseUri: "https://capitalone-pa.example.com/restapi/v10.1"
authentication:
type: apikey
key: "X-PAN-KEY"
value: "$secrets.paloalto_api_key"
placement: header
resources:
- name: threat-intel
path: "/Objects/Addresses"
inputParameters:
- name: sourceIp
in: query
operations:
- name: get-threat-intel
method: GET
- type: http
namespace: servicenow-soc
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_pass"
resources:
- name: security-incident
path: "/table/sn_si_incident"
inputParameters:
- name: short_description
in: body
- name: description
in: body
- name: category
in: body
- name: urgency
in: body
operations:
- name: create-security-incident
method: POST
Tableau Customer Analytics Lookup
▼
analytics tableau
Retrieves customer analytics dashboard data from Tableau.
naftiko: "0.5"
info:
label: "Tableau Customer Analytics Lookup"
description: "Retrieves customer analytics dashboard data from Tableau."
tags:
- analytics
- tableau
capability:
exposes:
- type: mcp
namespace: customer-analytics
port: 8080
tools:
- name: get-analytics-view
description: "Look up customer analytics from Tableau."
inputParameters:
- name: view_id
in: body
type: string
description: "Tableau view ID."
call: "tableau.get-view-data"
with:
view_id: "{{view_id}}"
outputParameters:
- name: active_customers
type: number
mapping: "$.data[0].active"
- name: churn_rate
type: number
mapping: "$.data[0].churn_pct"
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.capitalone.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: views
path: "/sites/{{site_id}}/views/{{view_id}}/data"
inputParameters:
- name: view_id
in: path
operations:
- name: get-view-data
method: GET
Tableau Dashboard Refresh Trigger
▼
data tableau slack analytics reporting
Triggers a Tableau Server workbook extract refresh for a given datasource and notifies the analytics team via Slack when the refresh completes.
naftiko: "0.5"
info:
label: "Tableau Dashboard Refresh Trigger"
description: "Triggers a Tableau Server workbook extract refresh for a given datasource and notifies the analytics team via Slack when the refresh completes."
tags:
- data
- tableau
- slack
- analytics
- reporting
capability:
exposes:
- type: mcp
namespace: analytics-ops
port: 8080
tools:
- name: trigger-tableau-refresh
description: "Given a Tableau datasource ID, trigger an extract refresh job and post a Slack notification when complete. Use before scheduled analytics meetings or after data pipeline updates."
inputParameters:
- name: datasource_id
in: body
type: string
description: "The Tableau Server datasource LUID to refresh."
- name: slack_channel
in: body
type: string
description: "The Slack channel ID to notify on completion."
steps:
- name: trigger-refresh
type: call
call: "tableau.trigger-extract-refresh"
with:
datasourceId: "{{datasource_id}}"
- name: notify-slack
type: call
call: "slack-analytics.post-message"
with:
channel: "{{slack_channel}}"
text: "Tableau datasource {{datasource_id}} refresh job {{trigger-refresh.jobId}} has been triggered."
consumes:
- type: http
namespace: tableau
baseUri: "https://capitalone-tableau.example.com/api/2.8"
authentication:
type: apikey
key: "X-Tableau-Auth"
value: "$secrets.tableau_token"
placement: header
resources:
- name: extract-refresh
path: "/sites/{siteId}/datasources/{datasourceId}/refresh"
inputParameters:
- name: siteId
in: path
- name: datasourceId
in: path
operations:
- name: trigger-extract-refresh
method: POST
- type: http
namespace: slack-analytics
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: message
path: "/chat.postMessage"
inputParameters:
- name: channel
in: body
- name: text
in: body
operations:
- name: post-message
method: POST
Third-Party Risk Assessment Orchestrator
▼
risk snowflake servicenow email
Evaluates third-party risk using Snowflake data, creates assessment records in ServiceNow, and notifies stakeholders.
naftiko: "0.5"
info:
label: "Third-Party Risk Assessment Orchestrator"
description: "Evaluates third-party risk using Snowflake data, creates assessment records in ServiceNow, and notifies stakeholders."
tags:
- risk
- snowflake
- servicenow
- email
capability:
exposes:
- type: mcp
namespace: third-party-risk-assessment
port: 8080
tools:
- name: third-party-risk-assessment
description: "Evaluates third-party risk using Snowflake data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Third-Party Risk Assessment for {{entity_id}}"
- name: send-email
type: call
call: "email.send-message"
with:
to: "team@capitalone.com"
subject: "Third-Party Risk Assessment"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: email
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-message
method: POST
Vendor Security Assessment Orchestrator
▼
security servicenow confluence
Assesses vendor security posture, logs findings in ServiceNow, and publishes results to Confluence.
naftiko: "0.5"
info:
label: "Vendor Security Assessment Orchestrator"
description: "Assesses vendor security posture, logs findings in ServiceNow, and publishes results to Confluence."
tags:
- security
- servicenow
- confluence
capability:
exposes:
- type: mcp
namespace: vendor-security-assessment
port: 8080
tools:
- name: vendor-security-assessment
description: "Assesses vendor security posture."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Vendor Security Assessment for {{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Vendor Security Assessment"
consumes:
- type: http
namespace: servicenow
baseUri: "https://capitalone.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Workday Benefits Enrollment Lookup
▼
hr workday
Retrieves benefits enrollment status for an employee in Workday.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Lookup"
description: "Retrieves benefits enrollment status for an employee in Workday."
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: benefits-info
port: 8080
tools:
- name: get-benefits-enrollment
description: "Look up benefits enrollment status."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: "workday.get-benefits"
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: plan_name
type: string
mapping: "$.benefits.current_plan"
- name: status
type: string
mapping: "$.benefits.enrollment_status"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/capitalone/workers/{{worker_id}}/benefits"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-benefits
method: GET
Workday Headcount Snapshot
▼
hr reporting workday headcount
Pulls a headcount snapshot from Workday by cost center and department, returning employee count and full-time equivalent figures for workforce planning.
naftiko: "0.5"
info:
label: "Workday Headcount Snapshot"
description: "Pulls a headcount snapshot from Workday by cost center and department, returning employee count and full-time equivalent figures for workforce planning."
tags:
- hr
- reporting
- workday
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-snapshot
description: "Given a Workday cost center ID and optional department, return total headcount and FTE count. Use for workforce planning dashboards or period-end reporting."
inputParameters:
- name: cost_center_id
in: body
type: string
description: "The Workday cost center ID to filter headcount."
- name: department
in: body
type: string
description: "Optional department name to further filter results."
call: "workday-hc.get-headcount"
with:
costCenterId: "{{cost_center_id}}"
department: "{{department}}"
outputParameters:
- name: total_headcount
type: integer
mapping: "$.data.totalHeadcount"
- name: fte_count
type: number
mapping: "$.data.fteCount"
consumes:
- type: http
namespace: workday-hc
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/headcount"
inputParameters:
- name: costCenterId
in: query
- name: department
in: query
operations:
- name: get-headcount
method: GET
Workforce Planning Forecast Orchestrator
▼
hr workday snowflake confluence
Pulls Workday headcount data, forecasts hiring needs in Snowflake, and publishes plan to Confluence.
naftiko: "0.5"
info:
label: "Workforce Planning Forecast Orchestrator"
description: "Pulls Workday headcount data, forecasts hiring needs in Snowflake, and publishes plan to Confluence."
tags:
- hr
- workday
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: workforce-planning-forecast
port: 8080
tools:
- name: workforce-planning-forecast
description: "Pulls Workday headcount data."
inputParameters:
- name: entity_id
in: body
type: string
description: "Primary entity identifier."
steps:
- name: query-data
type: call
call: "snowflake.run-query"
with:
entity_id: "{{entity_id}}"
- name: publish
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Workforce Planning Forecast"
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{entity_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://capitalone.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- name: run-analysis
method: POST
- type: http
namespace: confluence
baseUri: "https://capitalone.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/capitalone/workers"
operations:
- name: get-worker
method: GET