Charles Schwab Capabilities
Naftiko 0.5 capability definitions for Charles Schwab - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
ACH Transfer Processing Orchestrator
▼
payments ach splunk snowflake
Processes ACH transfers by validating bank details, running fraud screening via Splunk, submitting to the payment gateway, logging in Snowflake, and notifying the client via email.
naftiko: "0.5"
info:
label: "ACH Transfer Processing Orchestrator"
description: "Processes ACH transfers by validating bank details, running fraud screening via Splunk, submitting to the payment gateway, logging in Snowflake, and notifying the client via email."
tags:
- payments
- ach
- splunk
- snowflake
capability:
exposes:
- type: mcp
namespace: ach-processing
port: 8080
tools:
- name: process-ach-transfer
description: "Orchestrate ACH transfer processing across validation, fraud check, payment, and logging."
inputParameters:
- name: account_id
in: body
type: string
description: "Schwab account ID."
- name: amount
in: body
type: number
description: "Transfer amount."
- name: direction
in: body
type: string
description: "Transfer direction (deposit, withdrawal)."
- name: external_account
in: body
type: string
description: "External bank account identifier."
steps:
- name: validate-bank
type: call
call: "banking.validate-external-account"
with:
external_account: "{{external_account}}"
- name: fraud-screen
type: call
call: "splunk.search"
with:
query: "index=ach_fraud account={{account_id}} OR bank={{external_account}} earliest=-90d | stats count as alerts"
- name: submit-transfer
type: call
call: "payments.submit-ach"
with:
account_id: "{{account_id}}"
amount: "{{amount}}"
direction: "{{direction}}"
external_account: "{{external_account}}"
- name: log-transfer
type: call
call: "snowflake.insert-ach-log"
with:
statement: "INSERT INTO ACH_TRANSFER_LOG VALUES ('{{account_id}}', {{amount}}, '{{direction}}', '{{submit-transfer.confirmation_id}}', CURRENT_TIMESTAMP)"
warehouse: "SCHWAB_PAYMENTS_WH"
consumes:
- type: http
namespace: banking
baseUri: "https://core-banking.schwab.com/api/v2"
authentication:
type: bearer
token: "$secrets.banking_api_token"
resources:
- name: validation
path: "/external-accounts/validate"
operations:
- name: validate-external-account
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.schwab.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: payments
baseUri: "https://payments-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.payments_api_token"
resources:
- name: ach
path: "/ach/transfers"
operations:
- name: submit-ach
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-ach-log
method: POST
ADP Payroll Data Retriever
▼
hr payroll adp
Retrieves payroll summary data from ADP for financial operations and compensation analysis.
naftiko: "0.5"
info:
label: "ADP Payroll Data Retriever"
description: "Retrieves payroll summary data from ADP for financial operations and compensation analysis."
tags:
- hr
- payroll
- adp
capability:
exposes:
- type: mcp
namespace: payroll
port: 8080
tools:
- name: get-payroll-summary
description: "Fetch payroll summary data from ADP."
inputParameters:
- name: pay_period
in: body
type: string
description: "Pay period identifier."
- name: department
in: body
type: string
description: "Department filter."
call: "adp.get-payroll"
with:
period: "{{pay_period}}"
department: "{{department}}"
outputParameters:
- name: total_gross
type: number
mapping: "$.summary.total_gross"
- name: headcount
type: integer
mapping: "$.summary.headcount"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com/hr/v2"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: payroll
path: "/payroll-outputs"
operations:
- name: get-payroll
method: GET
Advisor Client Review Prep Orchestrator
▼
advisory client-review snowflake salesforce bloomberg google-docs
Prepares an advisor for a client review by pulling portfolio data from Snowflake, recent interactions from Salesforce, market outlook from Bloomberg, and compiling a briefing in Google Docs.
naftiko: "0.5"
info:
label: "Advisor Client Review Prep Orchestrator"
description: "Prepares an advisor for a client review by pulling portfolio data from Snowflake, recent interactions from Salesforce, market outlook from Bloomberg, and compiling a briefing in Google Docs."
tags:
- advisory
- client-review
- snowflake
- salesforce
- bloomberg
- google-docs
capability:
exposes:
- type: mcp
namespace: review-preparation
port: 8080
tools:
- name: prepare-client-review
description: "Orchestrate client review preparation across multiple data sources."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: advisor_email
in: body
type: string
description: "Advisor email for document sharing."
steps:
- name: get-portfolio
type: call
call: "snowflake.query-portfolio"
with:
statement: "SELECT * FROM PORTFOLIO_SUMMARY WHERE account_id = '{{account_id}}'"
warehouse: "SCHWAB_ANALYTICS_WH"
- name: get-interactions
type: call
call: "salesforce.get-activities"
with:
account_id: "{{account_id}}"
- name: get-market-outlook
type: call
call: "bloomberg.get-research"
with:
topic: "market-outlook"
format: "summary"
- name: create-briefing
type: call
call: "googledocs.create-document"
with:
title: "Client Review: {{account_id}} - {{get-portfolio.client_name}}"
content: "Portfolio Value: {{get-portfolio.total_value}}\nYTD Return: {{get-portfolio.ytd_return}}\nRecent Activity: {{get-interactions.summary}}\nMarket Outlook: {{get-market-outlook.summary}}"
share_with: "{{advisor_email}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-portfolio
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: activities
path: "/sobjects/Account/{{account_id}}/Activities"
inputParameters:
- name: account_id
in: path
operations:
- name: get-activities
method: GET
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: research
path: "/research"
operations:
- name: get-research
method: GET
- type: http
namespace: googledocs
baseUri: "https://docs.googleapis.com/v1"
authentication:
type: bearer
token: "$secrets.google_docs_token"
resources:
- name: documents
path: "/documents"
operations:
- name: create-document
method: POST
Advisor Compensation Calculation Pipeline
▼
compensation payroll snowflake adp google-sheets
Calculates advisor compensation by pulling AUM data from Snowflake, trade commissions from the OMS, computing payouts via ADP, and generating statements in Google Sheets.
naftiko: "0.5"
info:
label: "Advisor Compensation Calculation Pipeline"
description: "Calculates advisor compensation by pulling AUM data from Snowflake, trade commissions from the OMS, computing payouts via ADP, and generating statements in Google Sheets."
tags:
- compensation
- payroll
- snowflake
- adp
- google-sheets
capability:
exposes:
- type: mcp
namespace: advisor-compensation
port: 8080
tools:
- name: calculate-compensation
description: "Orchestrate advisor compensation calculation across Snowflake, OMS, ADP, and Google Sheets."
inputParameters:
- name: advisor_id
in: body
type: string
description: "Advisor employee ID."
- name: pay_period
in: body
type: string
description: "Pay period (e.g., 2026-03)."
steps:
- name: get-aum
type: call
call: "snowflake.query-aum"
with:
statement: "SELECT SUM(market_value) as total_aum FROM ADVISOR_BOOK WHERE advisor_id = '{{advisor_id}}'"
warehouse: "SCHWAB_COMPENSATION_WH"
- name: get-commissions
type: call
call: "oms.get-commissions"
with:
advisor_id: "{{advisor_id}}"
period: "{{pay_period}}"
- name: process-payout
type: call
call: "adp.submit-compensation"
with:
employee_id: "{{advisor_id}}"
base_aum_fee: "{{get-aum.total_aum}}"
commissions: "{{get-commissions.total}}"
period: "{{pay_period}}"
- name: generate-statement
type: call
call: "googlesheets.update-sheet"
with:
spreadsheet_id: "advisor-compensation-tracker"
range: "{{pay_period}}!A:F"
values: "{{process-payout.line_items}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-aum
method: POST
- type: http
namespace: oms
baseUri: "https://oms-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.oms_api_token"
resources:
- name: commissions
path: "/commissions"
operations:
- name: get-commissions
method: GET
- type: http
namespace: adp
baseUri: "https://api.adp.com/hr/v2"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: compensation
path: "/workers/{{employee_id}}/compensation"
inputParameters:
- name: employee_id
in: path
operations:
- name: submit-compensation
method: POST
- type: http
namespace: googlesheets
baseUri: "https://sheets.googleapis.com/v4"
authentication:
type: bearer
token: "$secrets.google_sheets_token"
resources:
- name: values
path: "/spreadsheets/{{spreadsheet_id}}/values/{{range}}"
inputParameters:
- name: spreadsheet_id
in: path
- name: range
in: path
operations:
- name: update-sheet
method: PUT
Alteryx Client Segmentation Workflow
▼
analytics client-segmentation alteryx snowflake
Runs an Alteryx workflow to segment clients by investment behavior, risk tolerance, and asset allocation for targeted advisory services.
naftiko: "0.5"
info:
label: "Alteryx Client Segmentation Workflow"
description: "Runs an Alteryx workflow to segment clients by investment behavior, risk tolerance, and asset allocation for targeted advisory services."
tags:
- analytics
- client-segmentation
- alteryx
- snowflake
capability:
exposes:
- type: mcp
namespace: client-segmentation
port: 8080
tools:
- name: run-segmentation
description: "Execute the Alteryx client segmentation workflow and load results to Snowflake."
inputParameters:
- name: segment_type
in: body
type: string
description: "Segmentation type (risk_profile, asset_allocation, lifecycle, behavioral)."
steps:
- name: trigger-workflow
type: call
call: "alteryx.run-workflow"
with:
workflow_id: "client_segmentation_v3"
parameters: "{\"type\": \"{{segment_type}}\"}"
- name: load-results
type: call
call: "snowflake.run-query"
with:
query: "CALL load_segmentation_results('{{segment_type}}')"
consumes:
- type: http
namespace: alteryx
baseUri: "https://alteryx.schwab.com/api/v3"
authentication:
type: bearer
token: "$secrets.alteryx_token"
resources:
- name: workflows
path: "/workflows/{{workflow_id}}/jobs"
inputParameters:
- name: workflow_id
in: path
operations:
- name: run-workflow
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Amazon S3 Trade Data Archiver
▼
data-engineering archival amazon-s3
Archives historical trade execution data from the operational database to S3 for regulatory retention.
naftiko: "0.5"
info:
label: "Amazon S3 Trade Data Archiver"
description: "Archives historical trade execution data from the operational database to S3 for regulatory retention."
tags:
- data-engineering
- archival
- amazon-s3
capability:
exposes:
- type: mcp
namespace: trade-archival
port: 8080
tools:
- name: archive-trade-data
description: "Archive trade data to S3 for long-term regulatory retention."
inputParameters:
- name: date
in: body
type: string
description: "Date to archive."
- name: asset_class
in: body
type: string
description: "Asset class (equities, fixed_income, options, mutual_funds)."
call: "s3.put-object"
with:
bucket: "schwab-trade-archive"
key: "trades/{{asset_class}}/{{date}}/data.parquet"
outputParameters:
- name: etag
type: string
mapping: "$.ETag"
consumes:
- type: http
namespace: s3
baseUri: "https://schwab-trade-archive.s3.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/{{key}}"
inputParameters:
- name: key
in: path
operations:
- name: put-object
method: PUT
Anti-Money Laundering Alert Processor
▼
compliance aml snowflake servicenow microsoft-teams
When an AML alert fires, enriches it with transaction data from Snowflake, creates a ServiceNow compliance case, and notifies the BSA team via Teams.
naftiko: "0.5"
info:
label: "Anti-Money Laundering Alert Processor"
description: "When an AML alert fires, enriches it with transaction data from Snowflake, creates a ServiceNow compliance case, and notifies the BSA team via Teams."
tags:
- compliance
- aml
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: aml-compliance
port: 8080
tools:
- name: process-aml-alert
description: "Enrich an AML alert with transaction data and create a compliance case."
inputParameters:
- name: alert_id
in: body
type: string
description: "AML alert identifier."
- name: account_number
in: body
type: string
description: "Account under review."
- name: alert_type
in: body
type: string
description: "Alert type (structuring, rapid_movement, high_risk_geo, unusual_pattern)."
steps:
- name: get-transactions
type: call
call: "snowflake.run-query"
with:
query: "SELECT transaction_id, amount, transaction_type, counterparty, country, transaction_date FROM transactions WHERE account_number='{{account_number}}' AND transaction_date >= DATEADD(day, -90, CURRENT_DATE()) ORDER BY transaction_date DESC LIMIT 100"
- name: create-case
type: call
call: "servicenow.create-incident"
with:
short_description: "AML Alert: {{alert_type}} - Account {{account_number}}"
category: "aml_compliance"
urgency: "high"
description: "AML alert {{alert_id}} for account {{account_number}}. Type: {{alert_type}}. Recent transaction count: {{get-transactions.row_count}}."
- name: notify-bsa-team
type: call
call: "msteams.send-message"
with:
channel_id: "bsa_compliance"
text: "AML ALERT [{{alert_type}}]: Account {{account_number}}. Alert: {{alert_id}}. Case: {{create-case.number}}. Review required within 24 hours."
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
API Deprecation Notification Pipeline
▼
platform-engineering api-management jira backstage
Identifies deprecated API endpoints from the service catalog, finds consuming teams via Backstage, creates Jira migration tickets, and sends deprecation notices via email.
naftiko: "0.5"
info:
label: "API Deprecation Notification Pipeline"
description: "Identifies deprecated API endpoints from the service catalog, finds consuming teams via Backstage, creates Jira migration tickets, and sends deprecation notices via email."
tags:
- platform-engineering
- api-management
- jira
- backstage
capability:
exposes:
- type: mcp
namespace: api-deprecation
port: 8080
tools:
- name: process-deprecation
description: "Orchestrate API deprecation notification across Backstage and Jira."
inputParameters:
- name: api_name
in: body
type: string
description: "Deprecated API name."
- name: sunset_date
in: body
type: string
description: "API sunset date in YYYY-MM-DD."
steps:
- name: get-consumers
type: call
call: "backstage.get-api-consumers"
with:
api_name: "{{api_name}}"
- name: create-tickets
type: call
call: "jira.create-bulk-issues"
with:
project: "PLATFORM"
summary_template: "Migrate off deprecated API: {{api_name}} by {{sunset_date}}"
teams: "{{get-consumers.teams}}"
issuetype: "Task"
- name: send-notices
type: call
call: "ses.send-bulk-email"
with:
recipients: "{{get-consumers.team_leads}}"
subject: "API Deprecation Notice: {{api_name}} sunsetting {{sunset_date}}"
body: "The {{api_name}} API will be deprecated on {{sunset_date}}. Jira tickets have been created for your team."
consumes:
- type: http
namespace: backstage
baseUri: "https://backstage.schwab.com/api"
authentication:
type: bearer
token: "$secrets.backstage_token"
resources:
- name: apis
path: "/catalog/entities/by-name/api/{{api_name}}/consumers"
inputParameters:
- name: api_name
in: path
operations:
- name: get-api-consumers
method: GET
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/bulk"
operations:
- name: create-bulk-issues
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: bulk-email
path: "/v2/email/outbound-bulk-emails"
operations:
- name: send-bulk-email
method: POST
AWS CloudWatch Trading Alarms
▼
monitoring alarms cloudwatch aws
Retrieves active CloudWatch alarms for Schwab trading infrastructure including API gateways, Lambda functions, and ECS services.
naftiko: "0.5"
info:
label: "AWS CloudWatch Trading Alarms"
description: "Retrieves active CloudWatch alarms for Schwab trading infrastructure including API gateways, Lambda functions, and ECS services."
tags:
- monitoring
- alarms
- cloudwatch
- aws
capability:
exposes:
- type: mcp
namespace: cloud-alarms
port: 8080
tools:
- name: get-active-alarms
description: "Fetch active CloudWatch alarms for trading infrastructure."
inputParameters:
- name: alarm_prefix
in: body
type: string
description: "Alarm name prefix filter (e.g., trading-, gateway-)."
call: "cloudwatch.describe-alarms"
with:
alarm_name_prefix: "{{alarm_prefix}}"
state_value: "ALARM"
outputParameters:
- name: alarms
type: array
mapping: "$.MetricAlarms"
- name: count
type: integer
mapping: "$.MetricAlarms.length"
consumes:
- type: http
namespace: cloudwatch
baseUri: "https://monitoring.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: alarms
path: "/"
operations:
- name: describe-alarms
method: POST
AWS Lambda Trade Settlement Monitor
▼
serverless trade-settlement aws-lambda
Monitors AWS Lambda function health for Schwab's trade settlement processing, returning invocation count, error rate, and duration metrics.
naftiko: "0.5"
info:
label: "AWS Lambda Trade Settlement Monitor"
description: "Monitors AWS Lambda function health for Schwab's trade settlement processing, returning invocation count, error rate, and duration metrics."
tags:
- serverless
- trade-settlement
- aws-lambda
capability:
exposes:
- type: mcp
namespace: settlement-monitor
port: 8080
tools:
- name: get-settlement-function-health
description: "Check Lambda function health for trade settlement processing."
inputParameters:
- name: function_name
in: body
type: string
description: "Lambda function name."
call: "lambda.get-function"
with:
FunctionName: "{{function_name}}"
outputParameters:
- name: state
type: string
mapping: "$.Configuration.State"
- name: last_modified
type: string
mapping: "$.Configuration.LastModified"
- name: runtime
type: string
mapping: "$.Configuration.Runtime"
consumes:
- type: http
namespace: lambda
baseUri: "https://lambda.us-east-1.amazonaws.com/2015-03-31"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: functions
path: "/functions/{{FunctionName}}"
inputParameters:
- name: FunctionName
in: path
operations:
- name: get-function
method: GET
Azure Data Factory Market Data ETL
▼
data-engineering etl azure-data-factory
Monitors Azure Data Factory pipelines that ingest market data feeds into the analytics warehouse.
naftiko: "0.5"
info:
label: "Azure Data Factory Market Data ETL"
description: "Monitors Azure Data Factory pipelines that ingest market data feeds into the analytics warehouse."
tags:
- data-engineering
- etl
- azure-data-factory
capability:
exposes:
- type: mcp
namespace: market-data-etl
port: 8080
tools:
- name: get-pipeline-status
description: "Check the latest ADF market data pipeline status."
inputParameters:
- name: pipeline_name
in: body
type: string
description: "ADF pipeline name."
call: "adf.get-pipeline-runs"
with:
pipeline_name: "{{pipeline_name}}"
outputParameters:
- name: run_id
type: string
mapping: "$.value[0].runId"
- name: status
type: string
mapping: "$.value[0].status"
consumes:
- type: http
namespace: adf
baseUri: "https://management.azure.com/subscriptions/{{subscription_id}}/resourceGroups/schwab-data-rg/providers/Microsoft.DataFactory/factories/schwab-adf"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: pipeline-runs
path: "/queryPipelineRuns"
operations:
- name: get-pipeline-runs
method: POST
Azure DevOps CI/CD Pipeline Status
▼
devops ci-cd azure-devops
Checks Azure DevOps pipeline status for Schwab's digital platform deployments.
naftiko: "0.5"
info:
label: "Azure DevOps CI/CD Pipeline Status"
description: "Checks Azure DevOps pipeline status for Schwab's digital platform deployments."
tags:
- devops
- ci-cd
- azure-devops
capability:
exposes:
- type: mcp
namespace: cicd-status
port: 8080
tools:
- name: get-pipeline-status
description: "Get the latest Azure DevOps pipeline run status."
inputParameters:
- name: project
in: body
type: string
description: "Project name."
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
call: "azuredevops.get-pipeline-runs"
with:
project: "{{project}}"
pipeline_id: "{{pipeline_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].state"
- name: result
type: string
mapping: "$.value[0].result"
consumes:
- type: http
namespace: azuredevops
baseUri: "https://dev.azure.com/schwab"
authentication:
type: basic
username: ""
password: "$secrets.azuredevops_pat"
resources:
- name: pipeline-runs
path: "/{{project}}/_apis/pipelines/{{pipeline_id}}/runs"
inputParameters:
- name: project
in: path
- name: pipeline_id
in: path
operations:
- name: get-pipeline-runs
method: GET
Beneficiary Update Processing Pipeline
▼
account-services beneficiary salesforce docusign box
Processes beneficiary change requests by validating in Salesforce, sending DocuSign forms, updating the account system, and archiving documents in Box.
naftiko: "0.5"
info:
label: "Beneficiary Update Processing Pipeline"
description: "Processes beneficiary change requests by validating in Salesforce, sending DocuSign forms, updating the account system, and archiving documents in Box."
tags:
- account-services
- beneficiary
- salesforce
- docusign
- box
capability:
exposes:
- type: mcp
namespace: beneficiary-updates
port: 8080
tools:
- name: process-beneficiary-update
description: "Orchestrate beneficiary update across Salesforce, DocuSign, and Box."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: beneficiary_name
in: body
type: string
description: "New beneficiary full name."
- name: relationship
in: body
type: string
description: "Relationship to account holder."
steps:
- name: get-account
type: call
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
- name: send-form
type: call
call: "docusign.create-envelope"
with:
templateId: "beneficiary-change-form"
signerEmail: "{{get-account.email}}"
signerName: "{{get-account.name}}"
- name: archive-request
type: call
call: "box.upload-file"
with:
folder_id: "beneficiary_changes"
filename: "{{account_id}}_beneficiary_{{beneficiary_name}}.pdf"
content: "Beneficiary change: {{beneficiary_name}} ({{relationship}}) for account {{account_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: docusign
baseUri: "https://na4.docusign.net/restapi/v2.1/accounts/$secrets.docusign_account_id"
authentication:
type: bearer
token: "$secrets.docusign_access_token"
resources:
- name: envelopes
path: "/envelopes"
operations:
- name: create-envelope
method: POST
- type: http
namespace: box
baseUri: "https://upload.box.com/api/2.0"
authentication:
type: bearer
token: "$secrets.box_access_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
Bloomberg Market Data Feed
▼
market-data trading bloomberg
Retrieves real-time market data from Bloomberg Enterprise Data for equity, fixed income, and options pricing.
naftiko: "0.5"
info:
label: "Bloomberg Market Data Feed"
description: "Retrieves real-time market data from Bloomberg Enterprise Data for equity, fixed income, and options pricing."
tags:
- market-data
- trading
- bloomberg
capability:
exposes:
- type: mcp
namespace: market-data
port: 8080
tools:
- name: get-market-data
description: "Fetch real-time market data from Bloomberg for a security."
inputParameters:
- name: security_id
in: body
type: string
description: "Bloomberg security identifier (e.g., AAPL US Equity)."
- name: fields
in: body
type: string
description: "Comma-separated Bloomberg fields (e.g., PX_LAST,PX_BID,PX_ASK,VOLUME)."
call: "bloomberg.get-data"
with:
securities: "{{security_id}}"
fields: "{{fields}}"
outputParameters:
- name: last_price
type: number
mapping: "$.data[0].PX_LAST"
- name: bid
type: number
mapping: "$.data[0].PX_BID"
- name: ask
type: number
mapping: "$.data[0].PX_ASK"
- name: volume
type: integer
mapping: "$.data[0].VOLUME"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: data
path: "/snapshots"
operations:
- name: get-data
method: POST
Bloomberg Terminal Analytics Feed
▼
market-data backtesting bloomberg
Retrieves historical price data from Bloomberg for backtesting investment strategies.
naftiko: "0.5"
info:
label: "Bloomberg Terminal Analytics Feed"
description: "Retrieves historical price data from Bloomberg for backtesting investment strategies."
tags:
- market-data
- backtesting
- bloomberg
capability:
exposes:
- type: mcp
namespace: historical-data
port: 8080
tools:
- name: get-historical-prices
description: "Fetch historical price data from Bloomberg for backtesting."
inputParameters:
- name: security_id
in: body
type: string
description: "Bloomberg security ID."
- name: start_date
in: body
type: string
description: "Start date."
- name: end_date
in: body
type: string
description: "End date."
- name: frequency
in: body
type: string
description: "Data frequency (DAILY, WEEKLY, MONTHLY)."
call: "bloomberg.get-history"
with:
securities: "{{security_id}}"
start_date: "{{start_date}}"
end_date: "{{end_date}}"
frequency: "{{frequency}}"
fields: "PX_LAST,PX_VOLUME"
outputParameters:
- name: data
type: array
mapping: "$.data"
- name: count
type: integer
mapping: "$.count"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: history
path: "/histories"
operations:
- name: get-history
method: POST
Box Compliance Document Manager
▼
compliance document-management box
Uploads compliance and regulatory documents to Box with appropriate retention policies for SEC and FINRA requirements.
naftiko: "0.5"
info:
label: "Box Compliance Document Manager"
description: "Uploads compliance and regulatory documents to Box with appropriate retention policies for SEC and FINRA requirements."
tags:
- compliance
- document-management
- box
capability:
exposes:
- type: mcp
namespace: compliance-docs
port: 8080
tools:
- name: upload-compliance-doc
description: "Upload a compliance document to Box with retention settings."
inputParameters:
- name: file_name
in: body
type: string
description: "Document name."
- name: folder_id
in: body
type: string
description: "Box folder ID."
- name: retention_years
in: body
type: integer
description: "Retention period in years."
call: "box.upload-file"
with:
folder_id: "{{folder_id}}"
file_name: "{{file_name}}"
retention_policy: "{{retention_years}}_year"
outputParameters:
- name: file_id
type: string
mapping: "$.entries[0].id"
- name: shared_link
type: string
mapping: "$.entries[0].shared_link.url"
consumes:
- type: http
namespace: box
baseUri: "https://upload.box.com/api/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
Branch Opening Readiness Orchestrator
▼
branch-operations opening solarwinds workday servicenow google-maps
Coordinates new branch opening by verifying network setup in SolarWinds, confirming staffing in Workday, provisioning equipment via ServiceNow, and posting the opening on Google Maps.
naftiko: "0.5"
info:
label: "Branch Opening Readiness Orchestrator"
description: "Coordinates new branch opening by verifying network setup in SolarWinds, confirming staffing in Workday, provisioning equipment via ServiceNow, and posting the opening on Google Maps."
tags:
- branch-operations
- opening
- solarwinds
- workday
- servicenow
- google-maps
capability:
exposes:
- type: mcp
namespace: branch-opening
port: 8080
tools:
- name: check-branch-readiness
description: "Orchestrate branch opening readiness checks across SolarWinds, Workday, ServiceNow, and Google Maps."
inputParameters:
- name: branch_id
in: body
type: string
description: "New branch identifier."
- name: opening_date
in: body
type: string
description: "Planned opening date."
steps:
- name: verify-network
type: call
call: "solarwinds.check-site"
with:
site_id: "{{branch_id}}"
- name: verify-staffing
type: call
call: "workday.get-site-workers"
with:
site_id: "{{branch_id}}"
- name: check-equipment
type: call
call: "servicenow.get-assets"
with:
location: "{{branch_id}}"
status: "deployed"
- name: update-listing
type: call
call: "googlemaps.update-business"
with:
branch_id: "{{branch_id}}"
status: "open"
opening_date: "{{opening_date}}"
consumes:
- type: http
namespace: solarwinds
baseUri: "https://solarwinds.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.solarwinds_token"
resources:
- name: sites
path: "/sites/{{site_id}}/health"
inputParameters:
- name: site_id
in: path
operations:
- name: check-site
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
operations:
- name: get-site-workers
method: GET
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: assets
path: "/table/alm_hardware"
operations:
- name: get-assets
method: GET
- type: http
namespace: googlemaps
baseUri: "https://mybusinessbusinessinformation.googleapis.com/v1"
authentication:
type: bearer
token: "$secrets.google_business_token"
resources:
- name: locations
path: "/locations/{{branch_id}}"
inputParameters:
- name: branch_id
in: path
operations:
- name: update-business
method: PATCH
Calypso Trade Lifecycle Manager
▼
trading lifecycle calypso
Retrieves trade lifecycle events from the Calypso trading platform for fixed income and derivatives position management.
naftiko: "0.5"
info:
label: "Calypso Trade Lifecycle Manager"
description: "Retrieves trade lifecycle events from the Calypso trading platform for fixed income and derivatives position management."
tags:
- trading
- lifecycle
- calypso
capability:
exposes:
- type: mcp
namespace: trade-lifecycle
port: 8080
tools:
- name: get-trade-events
description: "Fetch trade lifecycle events from Calypso."
inputParameters:
- name: trade_id
in: body
type: string
description: "Calypso trade ID."
call: "calypso.get-trade"
with:
trade_id: "{{trade_id}}"
outputParameters:
- name: status
type: string
mapping: "$.trade.status"
- name: product_type
type: string
mapping: "$.trade.product_type"
consumes:
- type: http
namespace: calypso
baseUri: "https://calypso.schwab.com/calypsoserver/api/v1"
authentication:
type: bearer
token: "$secrets.calypso_token"
resources:
- name: trades
path: "/trades/{{trade_id}}"
inputParameters:
- name: trade_id
in: path
operations:
- name: get-trade
method: GET
Client Account Onboarding Orchestrator
▼
client-services onboarding salesforce servicenow sharepoint microsoft-teams
On new client account creation in Salesforce, opens a ServiceNow provisioning ticket, creates a SharePoint document folder, and notifies the relationship manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Account Onboarding Orchestrator"
description: "On new client account creation in Salesforce, opens a ServiceNow provisioning ticket, creates a SharePoint document folder, and notifies the relationship manager via Microsoft Teams."
tags:
- client-services
- onboarding
- salesforce
- servicenow
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: client-onboarding
port: 8080
tools:
- name: trigger-account-onboarding
description: "Orchestrate new client account onboarding across Salesforce, ServiceNow, SharePoint, and Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: client_name
in: body
type: string
description: "Client full name."
- name: account_type
in: body
type: string
description: "Account type (individual, joint, ira, trust, corporate)."
- name: advisor_email
in: body
type: string
description: "Financial advisor email."
steps:
- name: get-account
type: call
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
- name: create-provisioning-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New account setup: {{client_name}} ({{account_type}})"
category: "account_provisioning"
assigned_group: "Client_Operations"
description: "Provision new {{account_type}} account for {{client_name}}. SF Account: {{account_id}}."
- name: provision-folder
type: call
call: "sharepoint.create-folder"
with:
site_id: "client_documents"
folder_path: "Accounts/{{client_name}}_{{account_id}}"
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{advisor_email}}"
text: "New account opened: {{client_name}} ({{account_type}}). Provisioning ticket: {{create-provisioning-ticket.number}}. Documents: {{provision-folder.url}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Address Change Orchestrator
▼
account-services address-change salesforce okta compliance
Processes client address change requests by updating Salesforce CRM, verifying identity via Okta MFA, updating the mailing system, and logging the change in the compliance audit trail.
naftiko: "0.5"
info:
label: "Client Address Change Orchestrator"
description: "Processes client address change requests by updating Salesforce CRM, verifying identity via Okta MFA, updating the mailing system, and logging the change in the compliance audit trail."
tags:
- account-services
- address-change
- salesforce
- okta
- compliance
capability:
exposes:
- type: mcp
namespace: address-changes
port: 8080
tools:
- name: process-address-change
description: "Orchestrate address change across Salesforce, Okta, mailing, and compliance systems."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: new_address
in: body
type: string
description: "New mailing address."
- name: client_email
in: body
type: string
description: "Client email for verification."
steps:
- name: verify-identity
type: call
call: "okta.trigger-mfa"
with:
login: "{{client_email}}"
factor_type: "push"
- name: update-crm
type: call
call: "salesforce.update-account"
with:
account_id: "{{account_id}}"
field: "BillingAddress"
value: "{{new_address}}"
- name: update-mailing
type: call
call: "mailing.update-address"
with:
account_id: "{{account_id}}"
address: "{{new_address}}"
- name: log-audit
type: call
call: "compliance.log-change"
with:
account_id: "{{account_id}}"
change_type: "address_update"
details: "Address changed to: {{new_address}}. MFA verified: {{verify-identity.status}}."
consumes:
- type: http
namespace: okta
baseUri: "https://schwab.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: factors
path: "/users/{{login}}/factors"
inputParameters:
- name: login
in: path
operations:
- name: trigger-mfa
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
- type: http
namespace: mailing
baseUri: "https://mailing-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.mailing_api_token"
resources:
- name: addresses
path: "/addresses"
operations:
- name: update-address
method: PUT
- type: http
namespace: compliance
baseUri: "https://compliance-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.compliance_api_token"
resources:
- name: audit
path: "/audit-trail"
operations:
- name: log-change
method: POST
Client Document Digitization Pipeline
▼
document-management ocr azure-machine-learning amazon-s3 elasticsearch
Digitizes paper client documents by processing scans via Azure AI Document Intelligence, extracting data, storing in Amazon S3, indexing in Elasticsearch, and updating the CRM.
naftiko: "0.5"
info:
label: "Client Document Digitization Pipeline"
description: "Digitizes paper client documents by processing scans via Azure AI Document Intelligence, extracting data, storing in Amazon S3, indexing in Elasticsearch, and updating the CRM."
tags:
- document-management
- ocr
- azure-machine-learning
- amazon-s3
- elasticsearch
capability:
exposes:
- type: mcp
namespace: document-digitization
port: 8080
tools:
- name: digitize-document
description: "Orchestrate document digitization across Azure AI, S3, Elasticsearch, and Salesforce."
inputParameters:
- name: document_url
in: body
type: string
description: "URL of scanned document."
- name: document_type
in: body
type: string
description: "Document type (account-app, w9, transfer-form)."
- name: account_id
in: body
type: string
description: "Associated account ID."
steps:
- name: extract-data
type: call
call: "azure-ai.analyze-document"
with:
modelId: "{{document_type}}"
urlSource: "{{document_url}}"
- name: store-document
type: call
call: "s3.put-object"
with:
bucket: "schwab-digitized-docs"
key: "{{account_id}}/{{document_type}}/{{extract-data.document_id}}.json"
body: "{{extract-data.result}}"
- name: index-document
type: call
call: "elasticsearch.index"
with:
index: "client-documents"
body: "{\"account_id\":\"{{account_id}}\",\"type\":\"{{document_type}}\",\"extracted_data\":{{extract-data.fields}},\"s3_key\":\"{{store-document.key}}\"}"
- name: update-crm
type: call
call: "salesforce.create-content-note"
with:
account_id: "{{account_id}}"
title: "Digitized: {{document_type}}"
content: "Document processed. Fields extracted: {{extract-data.field_count}}."
consumes:
- type: http
namespace: azure-ai
baseUri: "https://schwab-docai.cognitiveservices.azure.com"
authentication:
type: bearer
token: "$secrets.azure_ai_key"
resources:
- name: documents
path: "/formrecognizer/documentModels/{{modelId}}:analyze"
inputParameters:
- name: modelId
in: path
operations:
- name: analyze-document
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- type: http
namespace: elasticsearch
baseUri: "https://es-cluster.schwab.com"
authentication:
type: bearer
token: "$secrets.elasticsearch_token"
resources:
- name: docs
path: "/{{index}}/_doc"
inputParameters:
- name: index
in: path
operations:
- name: index
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: content
path: "/sobjects/ContentNote"
operations:
- name: create-content-note
method: POST
Client Offboarding Orchestrator
▼
account-closure offboarding salesforce amazon-s3
Handles client account closure by processing final distributions, generating tax documents, archiving records in Amazon S3, closing CRM records in Salesforce, and sending confirmation email.
naftiko: "0.5"
info:
label: "Client Offboarding Orchestrator"
description: "Handles client account closure by processing final distributions, generating tax documents, archiving records in Amazon S3, closing CRM records in Salesforce, and sending confirmation email."
tags:
- account-closure
- offboarding
- salesforce
- amazon-s3
capability:
exposes:
- type: mcp
namespace: client-offboarding
port: 8080
tools:
- name: process-offboarding
description: "Orchestrate client account closure across distributions, archival, and CRM."
inputParameters:
- name: account_id
in: body
type: string
description: "Account ID to close."
- name: closure_reason
in: body
type: string
description: "Reason for account closure."
steps:
- name: process-distributions
type: call
call: "accounts.process-final-distribution"
with:
account_id: "{{account_id}}"
- name: generate-final-docs
type: call
call: "reporting.generate-final-statement"
with:
account_id: "{{account_id}}"
- name: archive-records
type: call
call: "s3.put-object"
with:
bucket: "schwab-archived-accounts"
key: "{{account_id}}/final-records.zip"
body: "{{generate-final-docs.archive}}"
- name: close-crm
type: call
call: "salesforce.update-account"
with:
account_id: "{{account_id}}"
status: "Closed"
closure_reason: "{{closure_reason}}"
consumes:
- type: http
namespace: accounts
baseUri: "https://accounts-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.accounts_api_token"
resources:
- name: distributions
path: "/distributions/final"
operations:
- name: process-final-distribution
method: POST
- type: http
namespace: reporting
baseUri: "https://reporting-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.reporting_api_token"
resources:
- name: statements
path: "/statements/final"
operations:
- name: generate-final-statement
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
Client Portfolio Rebalance Orchestrator
▼
portfolio-management rebalancing snowflake microsoft-teams
On advisor rebalance request, retrieves portfolio holdings from Snowflake, runs compliance checks via the internal API, generates trade orders in the OMS, and notifies the advisor via Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Portfolio Rebalance Orchestrator"
description: "On advisor rebalance request, retrieves portfolio holdings from Snowflake, runs compliance checks via the internal API, generates trade orders in the OMS, and notifies the advisor via Microsoft Teams."
tags:
- portfolio-management
- rebalancing
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: portfolio-rebalance
port: 8080
tools:
- name: trigger-rebalance
description: "Orchestrate a portfolio rebalance across holdings analysis, compliance, and order generation."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: target_model
in: body
type: string
description: "Target allocation model name."
- name: advisor_email
in: body
type: string
description: "Advisor email for notification."
steps:
- name: get-holdings
type: call
call: "snowflake.query-holdings"
with:
statement: "SELECT * FROM PORTFOLIO_HOLDINGS WHERE account_id = '{{account_id}}'"
warehouse: "SCHWAB_ANALYTICS_WH"
- name: run-compliance
type: call
call: "compliance.check-rebalance"
with:
account_id: "{{account_id}}"
target_model: "{{target_model}}"
holdings: "{{get-holdings.data}}"
- name: generate-orders
type: call
call: "oms.create-orders"
with:
account_id: "{{account_id}}"
trades: "{{run-compliance.approved_trades}}"
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{advisor_email}}"
text: "Rebalance initiated for account {{account_id}}. Orders: {{generate-orders.order_count}}. Compliance status: {{run-compliance.status}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-holdings
method: POST
- type: http
namespace: compliance
baseUri: "https://compliance-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.compliance_api_token"
resources:
- name: checks
path: "/rebalance-check"
operations:
- name: check-rebalance
method: POST
- type: http
namespace: oms
baseUri: "https://oms-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.oms_api_token"
resources:
- name: orders
path: "/orders/batch"
operations:
- name: create-orders
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Risk Profile Update Orchestrator
▼
risk-profiling suitability salesforce databricks microsoft-teams
Updates client risk profiles by collecting questionnaire results from Salesforce, running risk scoring in Databricks, updating the account system, and notifying the advisor via Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Risk Profile Update Orchestrator"
description: "Updates client risk profiles by collecting questionnaire results from Salesforce, running risk scoring in Databricks, updating the account system, and notifying the advisor via Microsoft Teams."
tags:
- risk-profiling
- suitability
- salesforce
- databricks
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: risk-profiling
port: 8080
tools:
- name: update-risk-profile
description: "Orchestrate risk profile update across Salesforce, Databricks, and Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: questionnaire_id
in: body
type: string
description: "Completed questionnaire ID."
steps:
- name: get-responses
type: call
call: "salesforce.get-questionnaire"
with:
questionnaire_id: "{{questionnaire_id}}"
- name: calculate-score
type: call
call: "databricks.run-risk-model"
with:
responses: "{{get-responses.data}}"
model: "client-risk-scoring-v3"
- name: update-account
type: call
call: "accounts.update-risk-profile"
with:
account_id: "{{account_id}}"
risk_score: "{{calculate-score.score}}"
risk_category: "{{calculate-score.category}}"
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-responses.advisor_email}}"
text: "Risk profile updated: Account {{account_id}}. New score: {{calculate-score.score}} ({{calculate-score.category}}). Review recommended."
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: questionnaires
path: "/sobjects/Risk_Questionnaire__c/{{questionnaire_id}}"
inputParameters:
- name: questionnaire_id
in: path
operations:
- name: get-questionnaire
method: GET
- type: http
namespace: databricks
baseUri: "https://schwab.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: serving
path: "/serving-endpoints/client-risk-scoring-v3/invocations"
operations:
- name: run-risk-model
method: POST
- type: http
namespace: accounts
baseUri: "https://accounts-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.accounts_api_token"
resources:
- name: risk-profiles
path: "/accounts/{{account_id}}/risk-profile"
inputParameters:
- name: account_id
in: path
operations:
- name: update-risk-profile
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Sentiment Analysis Pipeline
▼
analytics sentiment salesforce azure-machine-learning snowflake microsoft-teams
Analyzes client sentiment by extracting survey responses from Salesforce, running NLP analysis via Azure ML, updating client satisfaction scores in Snowflake, and alerting account managers via Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Sentiment Analysis Pipeline"
description: "Analyzes client sentiment by extracting survey responses from Salesforce, running NLP analysis via Azure ML, updating client satisfaction scores in Snowflake, and alerting account managers via Microsoft Teams."
tags:
- analytics
- sentiment
- salesforce
- azure-machine-learning
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sentiment-analysis
port: 8080
tools:
- name: analyze-sentiment
description: "Orchestrate client sentiment analysis across Salesforce, Azure ML, Snowflake, and Teams."
inputParameters:
- name: survey_batch_id
in: body
type: string
description: "Survey batch identifier."
steps:
- name: get-responses
type: call
call: "salesforce.get-survey-responses"
with:
batch_id: "{{survey_batch_id}}"
- name: run-analysis
type: call
call: "azure-ml.score-sentiment"
with:
texts: "{{get-responses.comments}}"
model: "client-sentiment-v2"
- name: update-scores
type: call
call: "snowflake.update-satisfaction"
with:
statement: "CALL UPDATE_CLIENT_SATISFACTION('{{survey_batch_id}}', '{{run-analysis.scores}}')"
warehouse: "SCHWAB_ANALYTICS_WH"
- name: alert-managers
type: call
call: "msteams.send-channel-message"
with:
team_id: "client-experience"
channel: "sentiment-alerts"
text: "Sentiment analysis complete: Batch {{survey_batch_id}}. Avg score: {{run-analysis.avg_score}}. Negative: {{run-analysis.negative_count}}. Positive: {{run-analysis.positive_count}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: surveys
path: "/sobjects/Survey_Response__c"
operations:
- name: get-survey-responses
method: GET
- type: http
namespace: azure-ml
baseUri: "https://schwab-ml.centralus.inference.ml.azure.com"
authentication:
type: bearer
token: "$secrets.azure_ml_token"
resources:
- name: scoring
path: "/score"
operations:
- name: score-sentiment
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: update-satisfaction
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
Client Tax Document Generation Pipeline
▼
tax document-generation teradata intuit amazon-s3
Generates annual tax documents by querying Teradata for transaction history, computing gains via Intuit tax engine, storing in Amazon S3, and notifying the client via email.
naftiko: "0.5"
info:
label: "Client Tax Document Generation Pipeline"
description: "Generates annual tax documents by querying Teradata for transaction history, computing gains via Intuit tax engine, storing in Amazon S3, and notifying the client via email."
tags:
- tax
- document-generation
- teradata
- intuit
- amazon-s3
capability:
exposes:
- type: mcp
namespace: tax-documents
port: 8080
tools:
- name: generate-tax-docs
description: "Orchestrate tax document generation across Teradata, Intuit, S3, and email."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: tax_year
in: body
type: integer
description: "Tax year."
steps:
- name: get-transactions
type: call
call: "teradata.query-tax-data"
with:
query: "SELECT * FROM TAX_LOTS WHERE account_id = '{{account_id}}' AND tax_year = {{tax_year}}"
- name: compute-gains
type: call
call: "intuit.calculate-gains"
with:
account_id: "{{account_id}}"
transactions: "{{get-transactions.data}}"
tax_year: "{{tax_year}}"
- name: store-document
type: call
call: "s3.put-object"
with:
bucket: "schwab-tax-documents"
key: "{{tax_year}}/{{account_id}}/1099-B.pdf"
body: "{{compute-gains.document}}"
- name: notify-client
type: call
call: "ses.send-email"
with:
to: "{{compute-gains.client_email}}"
subject: "Your {{tax_year}} Schwab Tax Documents Are Ready"
body: "Your 1099-B tax document is now available in your Schwab account document center."
consumes:
- type: http
namespace: teradata
baseUri: "https://teradata.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.teradata_token"
resources:
- name: queries
path: "/queries"
operations:
- name: query-tax-data
method: POST
- type: http
namespace: intuit
baseUri: "https://tax-engine.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.intuit_api_token"
resources:
- name: calculations
path: "/gains-calculation"
operations:
- name: calculate-gains
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- type: http
namespace: ses
baseUri: "https://email.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: emails
path: "/v2/email/outbound-emails"
operations:
- name: send-email
method: POST
Cloudflare DDoS Protection Monitor
▼
security ddos cloudflare
Monitors Cloudflare DDoS protection status and traffic analytics for Schwab's public-facing web properties.
naftiko: "0.5"
info:
label: "Cloudflare DDoS Protection Monitor"
description: "Monitors Cloudflare DDoS protection status and traffic analytics for Schwab's public-facing web properties."
tags:
- security
- ddos
- cloudflare
capability:
exposes:
- type: mcp
namespace: ddos-monitoring
port: 8080
tools:
- name: get-traffic-analytics
description: "Retrieve Cloudflare traffic analytics and DDoS event data."
inputParameters:
- name: zone_id
in: body
type: string
description: "Cloudflare zone ID."
- name: time_range
in: body
type: string
description: "Time range in minutes."
call: "cloudflare.get-analytics"
with:
zone_id: "{{zone_id}}"
since: "-{{time_range}}min"
outputParameters:
- name: requests_total
type: integer
mapping: "$.result.totals.requests.all"
- name: threats_total
type: integer
mapping: "$.result.totals.threats.all"
consumes:
- type: http
namespace: cloudflare
baseUri: "https://api.cloudflare.com/client/v4"
authentication:
type: bearer
token: "$secrets.cloudflare_token"
resources:
- name: analytics
path: "/zones/{{zone_id}}/analytics/dashboard"
inputParameters:
- name: zone_id
in: path
operations:
- name: get-analytics
method: GET
Compliance Training Deadline Enforcer
▼
compliance training pluralsight workday microsoft-outlook servicenow
Checks overdue compliance training in Pluralsight, retrieves employee data from Workday, sends reminder emails via Microsoft Outlook, and logs escalations in ServiceNow.
naftiko: "0.5"
info:
label: "Compliance Training Deadline Enforcer"
description: "Checks overdue compliance training in Pluralsight, retrieves employee data from Workday, sends reminder emails via Microsoft Outlook, and logs escalations in ServiceNow."
tags:
- compliance
- training
- pluralsight
- workday
- microsoft-outlook
- servicenow
capability:
exposes:
- type: mcp
namespace: compliance-training
port: 8080
tools:
- name: enforce-training-deadline
description: "Orchestrate compliance training deadline enforcement across Pluralsight, Workday, Outlook, and ServiceNow."
inputParameters:
- name: training_id
in: body
type: string
description: "Compliance training course ID."
- name: deadline_date
in: body
type: string
description: "Deadline date in YYYY-MM-DD."
steps:
- name: get-overdue
type: call
call: "pluralsight.get-overdue-users"
with:
course_id: "{{training_id}}"
deadline: "{{deadline_date}}"
- name: get-managers
type: call
call: "workday.get-managers"
with:
employee_ids: "{{get-overdue.user_ids}}"
- name: send-reminders
type: call
call: "outlook.send-bulk-email"
with:
recipients: "{{get-overdue.emails}}"
subject: "URGENT: Compliance Training Past Due - {{training_id}}"
body: "Your required compliance training is past the {{deadline_date}} deadline. Please complete immediately."
- name: create-escalation
type: call
call: "servicenow.create-incident"
with:
short_description: "Compliance training overdue: {{training_id}} - {{get-overdue.count}} employees"
category: "compliance"
assigned_group: "Compliance_Operations"
description: "{{get-overdue.count}} employees overdue. Managers notified: {{get-managers.manager_names}}."
consumes:
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/api/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: reports
path: "/reports/course-completion"
operations:
- name: get-overdue-users
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/managers"
operations:
- name: get-managers
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/compliance@schwab.com/sendMail"
operations:
- name: send-bulk-email
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Confluence Investment Research Publisher
▼
research knowledge-management confluence microsoft-teams
Publishes investment research notes to Confluence and notifies the research distribution team via Teams.
naftiko: "0.5"
info:
label: "Confluence Investment Research Publisher"
description: "Publishes investment research notes to Confluence and notifies the research distribution team via Teams."
tags:
- research
- knowledge-management
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: research-publishing
port: 8080
tools:
- name: publish-research-note
description: "Create a research note in Confluence and notify the distribution team."
inputParameters:
- name: space_key
in: body
type: string
description: "Confluence space key."
- name: title
in: body
type: string
description: "Research note title."
- name: content
in: body
type: string
description: "Research content."
- name: sector
in: body
type: string
description: "Market sector."
steps:
- name: create-page
type: call
call: "confluence.create-page"
with:
space_key: "{{space_key}}"
title: "{{title}}"
body: "{{content}}"
- name: notify-team
type: call
call: "msteams.send-message"
with:
channel_id: "research_distribution"
text: "New research published: {{title}} ({{sector}}). View: {{create-page.url}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://schwab.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Corporate Action Processing Orchestrator
▼
corporate-actions bloomberg snowflake trading
Processes corporate actions by retrieving event data from Bloomberg, identifying affected accounts in Snowflake, applying adjustments via the OMS, and notifying advisors via email.
naftiko: "0.5"
info:
label: "Corporate Action Processing Orchestrator"
description: "Processes corporate actions by retrieving event data from Bloomberg, identifying affected accounts in Snowflake, applying adjustments via the OMS, and notifying advisors via email."
tags:
- corporate-actions
- bloomberg
- snowflake
- trading
capability:
exposes:
- type: mcp
namespace: corporate-actions
port: 8080
tools:
- name: process-corporate-action
description: "Orchestrate corporate action processing across Bloomberg, Snowflake, and OMS."
inputParameters:
- name: action_id
in: body
type: string
description: "Corporate action event ID."
- name: action_type
in: body
type: string
description: "Action type (dividend, split, merger, spinoff)."
steps:
- name: get-action-details
type: call
call: "bloomberg.get-corporate-action"
with:
action_id: "{{action_id}}"
- name: get-affected-accounts
type: call
call: "snowflake.query-affected"
with:
statement: "SELECT * FROM HOLDINGS WHERE security_id = '{{get-action-details.security_id}}'"
warehouse: "SCHWAB_OPERATIONS_WH"
- name: apply-adjustments
type: call
call: "oms.apply-corporate-action"
with:
action_type: "{{action_type}}"
details: "{{get-action-details}}"
affected_accounts: "{{get-affected-accounts.data}}"
- name: notify-advisors
type: call
call: "ses.send-bulk-email"
with:
recipients: "{{get-affected-accounts.advisor_emails}}"
subject: "Corporate Action: {{get-action-details.security_name}} - {{action_type}}"
body: "A {{action_type}} has been processed for {{get-action-details.security_name}}. {{get-affected-accounts.count}} accounts affected."
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: corporate-actions
path: "/corporate-actions/{{action_id}}"
inputParameters:
- name: action_id
in: path
operations:
- name: get-corporate-action
method: GET
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-affected
method: POST
- type: http
namespace: oms
baseUri: "https://oms-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.oms_api_token"
resources:
- name: corporate-actions
path: "/corporate-actions/apply"
operations:
- name: apply-corporate-action
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: bulk-email
path: "/v2/email/outbound-bulk-emails"
operations:
- name: send-bulk-email
method: POST
Cost Basis Reconciliation Orchestrator
▼
operations reconciliation teradata calypso snowflake servicenow
Reconciles cost basis records by comparing Teradata positions with Calypso trade records, flagging discrepancies in Snowflake, and creating ServiceNow tickets for resolution.
naftiko: "0.5"
info:
label: "Cost Basis Reconciliation Orchestrator"
description: "Reconciles cost basis records by comparing Teradata positions with Calypso trade records, flagging discrepancies in Snowflake, and creating ServiceNow tickets for resolution."
tags:
- operations
- reconciliation
- teradata
- calypso
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: cost-basis-recon
port: 8080
tools:
- name: reconcile-cost-basis
description: "Orchestrate cost basis reconciliation across Teradata, Calypso, Snowflake, and ServiceNow."
inputParameters:
- name: account_id
in: body
type: string
description: "Account ID to reconcile."
- name: as_of_date
in: body
type: string
description: "Reconciliation date in YYYY-MM-DD."
steps:
- name: get-positions
type: call
call: "teradata.query-positions"
with:
query: "SELECT * FROM COST_BASIS WHERE account_id = '{{account_id}}' AND as_of_date = '{{as_of_date}}'"
- name: get-trades
type: call
call: "calypso.get-trade-history"
with:
account_id: "{{account_id}}"
date: "{{as_of_date}}"
- name: log-discrepancies
type: call
call: "snowflake.insert-discrepancies"
with:
statement: "INSERT INTO RECON_DISCREPANCIES SELECT * FROM TABLE(COMPARE_COST_BASIS('{{account_id}}', '{{as_of_date}}'))"
warehouse: "SCHWAB_OPERATIONS_WH"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "Cost basis discrepancy: {{account_id}} as of {{as_of_date}}"
category: "reconciliation"
assigned_group: "Operations_Reconciliation"
description: "Cost basis reconciliation found discrepancies for account {{account_id}}."
consumes:
- type: http
namespace: teradata
baseUri: "https://teradata.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.teradata_token"
resources:
- name: queries
path: "/queries"
operations:
- name: query-positions
method: POST
- type: http
namespace: calypso
baseUri: "https://calypso.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.calypso_token"
resources:
- name: trades
path: "/trades/history"
operations:
- name: get-trade-history
method: GET
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-discrepancies
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Crystal Reports Client Statement Generator
▼
reporting crystal-reports snowflake
Generates client account statements using Crystal Reports with Snowflake data for quarterly mailings.
naftiko: "0.5"
info:
label: "Crystal Reports Client Statement Generator"
description: "Generates client account statements using Crystal Reports with Snowflake data for quarterly mailings."
tags:
- reporting
- crystal-reports
- snowflake
capability:
exposes:
- type: mcp
namespace: client-statements
port: 8080
tools:
- name: generate-statement
description: "Generate a client statement using Crystal Reports."
inputParameters:
- name: account_number
in: body
type: string
description: "Account number."
- name: period
in: body
type: string
description: "Statement period."
steps:
- name: fetch-data
type: call
call: "snowflake.run-query"
with:
query: "SELECT * FROM client_statement_data WHERE account_number='{{account_number}}' AND period='{{period}}'"
- name: generate-report
type: call
call: "crystal-reports.generate"
with:
template: "client_statement"
data: "{{fetch-data.results}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: crystal-reports
baseUri: "https://reports.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.crystal_reports_token"
resources:
- name: reports
path: "/reports/generate"
operations:
- name: generate
method: POST
Databricks Risk Analytics Model
▼
risk-management analytics databricks snowflake
Runs a portfolio risk analytics model in Databricks calculating VaR, stress tests, and correlation analysis, then stores results in Snowflake.
naftiko: "0.5"
info:
label: "Databricks Risk Analytics Model"
description: "Runs a portfolio risk analytics model in Databricks calculating VaR, stress tests, and correlation analysis, then stores results in Snowflake."
tags:
- risk-management
- analytics
- databricks
- snowflake
capability:
exposes:
- type: mcp
namespace: risk-analytics
port: 8080
tools:
- name: run-risk-model
description: "Execute the Databricks risk model and store results in Snowflake."
inputParameters:
- name: portfolio_id
in: body
type: string
description: "Portfolio identifier."
- name: model_type
in: body
type: string
description: "Risk model type (var_historical, var_parametric, monte_carlo, stress_test)."
- name: confidence_level
in: body
type: number
description: "Confidence level (e.g., 0.95, 0.99)."
steps:
- name: run-notebook
type: call
call: "databricks.run-notebook"
with:
notebook_path: "/Shared/risk_models/{{model_type}}"
parameters: "{\"portfolio_id\": \"{{portfolio_id}}\", \"confidence\": {{confidence_level}}}"
- name: load-results
type: call
call: "snowflake.run-query"
with:
query: "CALL load_risk_results('{{portfolio_id}}', '{{model_type}}')"
consumes:
- type: http
namespace: databricks
baseUri: "https://schwab.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/runs/submit"
operations:
- name: run-notebook
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Databricks Risk Model Deployment Pipeline
▼
machine-learning risk-modeling databricks microsoft-teams
Deploys risk models from Databricks to production by validating model metrics, registering in MLflow, deploying to the serving endpoint, and notifying the risk team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Databricks Risk Model Deployment Pipeline"
description: "Deploys risk models from Databricks to production by validating model metrics, registering in MLflow, deploying to the serving endpoint, and notifying the risk team via Microsoft Teams."
tags:
- machine-learning
- risk-modeling
- databricks
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ml-deployment
port: 8080
tools:
- name: deploy-risk-model
description: "Orchestrate risk model deployment across Databricks, MLflow, and Teams."
inputParameters:
- name: model_name
in: body
type: string
description: "Model name in the registry."
- name: model_version
in: body
type: string
description: "Model version to deploy."
steps:
- name: validate-metrics
type: call
call: "databricks.get-model-metrics"
with:
name: "{{model_name}}"
version: "{{model_version}}"
- name: register-model
type: call
call: "databricks.transition-model-stage"
with:
name: "{{model_name}}"
version: "{{model_version}}"
stage: "Production"
- name: deploy-endpoint
type: call
call: "databricks.create-serving-endpoint"
with:
name: "{{model_name}}-serving"
model_name: "{{model_name}}"
model_version: "{{model_version}}"
- name: notify-team
type: call
call: "msteams.send-channel-message"
with:
team_id: "risk-analytics"
channel: "model-deployments"
text: "Risk model deployed: {{model_name}} v{{model_version}}. Metrics: AUC={{validate-metrics.auc}}, F1={{validate-metrics.f1}}. Endpoint: {{deploy-endpoint.url}}."
consumes:
- type: http
namespace: databricks
baseUri: "https://schwab.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: models
path: "/mlflow/model-versions/get"
operations:
- name: get-model-metrics
method: GET
- name: transitions
path: "/mlflow/model-versions/transition-stage"
operations:
- name: transition-model-stage
method: POST
- name: endpoints
path: "/serving-endpoints"
operations:
- name: create-serving-endpoint
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
Datadog Trading Platform Monitor
▼
devops monitoring trading datadog
Queries Datadog for real-time health metrics of the trading platform including order latency and throughput.
naftiko: "0.5"
info:
label: "Datadog Trading Platform Monitor"
description: "Queries Datadog for real-time health metrics of the trading platform including order latency and throughput."
tags:
- devops
- monitoring
- trading
- datadog
capability:
exposes:
- type: mcp
namespace: trading-monitoring
port: 8080
tools:
- name: check-trading-health
description: "Fetch trading platform health metrics from Datadog."
inputParameters:
- name: service_name
in: body
type: string
description: "Trading service name in Datadog."
call: "datadog.query-metrics"
with:
query: "avg:trading.order_latency_ms{service:{{service_name}}}.rollup(avg, 60)"
outputParameters:
- name: avg_latency
type: number
mapping: "$.series[0].pointlist[-1][1]"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
key: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query"
operations:
- name: query-metrics
method: GET
Dividend Reinvestment Processing Pipeline
▼
dividends reinvestment bloomberg trading snowflake
Processes dividend reinvestment by fetching dividend data from Bloomberg, checking DRIP enrollment in the account system, executing reinvestment trades via OMS, and logging in Snowflake.
naftiko: "0.5"
info:
label: "Dividend Reinvestment Processing Pipeline"
description: "Processes dividend reinvestment by fetching dividend data from Bloomberg, checking DRIP enrollment in the account system, executing reinvestment trades via OMS, and logging in Snowflake."
tags:
- dividends
- reinvestment
- bloomberg
- trading
- snowflake
capability:
exposes:
- type: mcp
namespace: drip-processing
port: 8080
tools:
- name: process-drip
description: "Orchestrate dividend reinvestment across Bloomberg, account system, OMS, and Snowflake."
inputParameters:
- name: security_id
in: body
type: string
description: "Security identifier."
- name: ex_date
in: body
type: string
description: "Ex-dividend date."
steps:
- name: get-dividend
type: call
call: "bloomberg.get-dividend"
with:
security_id: "{{security_id}}"
ex_date: "{{ex_date}}"
- name: get-drip-accounts
type: call
call: "accounts.get-drip-enrolled"
with:
security_id: "{{security_id}}"
- name: execute-reinvestment
type: call
call: "oms.create-drip-orders"
with:
security_id: "{{security_id}}"
dividend_per_share: "{{get-dividend.amount}}"
accounts: "{{get-drip-accounts.data}}"
- name: log-processing
type: call
call: "snowflake.insert-drip-log"
with:
statement: "INSERT INTO DRIP_PROCESSING_LOG VALUES ('{{security_id}}', '{{ex_date}}', {{get-drip-accounts.count}}, {{execute-reinvestment.total_shares}}, CURRENT_TIMESTAMP)"
warehouse: "SCHWAB_OPERATIONS_WH"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: dividends
path: "/dividends"
operations:
- name: get-dividend
method: GET
- type: http
namespace: accounts
baseUri: "https://accounts-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.accounts_api_token"
resources:
- name: drip
path: "/drip-enrollment"
operations:
- name: get-drip-enrolled
method: GET
- type: http
namespace: oms
baseUri: "https://oms-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.oms_api_token"
resources:
- name: drip-orders
path: "/orders/drip"
operations:
- name: create-drip-orders
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-drip-log
method: POST
DocuSign Account Agreement Sender
▼
documents e-signature docusign
Sends account opening agreements and disclosure documents to clients for electronic signature via DocuSign.
naftiko: "0.5"
info:
label: "DocuSign Account Agreement Sender"
description: "Sends account opening agreements and disclosure documents to clients for electronic signature via DocuSign."
tags:
- documents
- e-signature
- docusign
capability:
exposes:
- type: mcp
namespace: document-signing
port: 8080
tools:
- name: send-agreement
description: "Send an account agreement envelope for electronic signature via DocuSign."
inputParameters:
- name: client_email
in: body
type: string
description: "Client email address."
- name: client_name
in: body
type: string
description: "Client full name."
- name: template_id
in: body
type: string
description: "DocuSign template ID for the agreement type."
call: "docusign.create-envelope"
with:
templateId: "{{template_id}}"
signerEmail: "{{client_email}}"
signerName: "{{client_name}}"
outputParameters:
- name: envelope_id
type: string
mapping: "$.envelopeId"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: docusign
baseUri: "https://na4.docusign.net/restapi/v2.1/accounts/$secrets.docusign_account_id"
authentication:
type: bearer
token: "$secrets.docusign_access_token"
resources:
- name: envelopes
path: "/envelopes"
operations:
- name: create-envelope
method: POST
Dynatrace Trading Latency Detector
▼
monitoring trading dynatrace
Queries Dynatrace for performance problems affecting the order execution path to detect latency spikes.
naftiko: "0.5"
info:
label: "Dynatrace Trading Latency Detector"
description: "Queries Dynatrace for performance problems affecting the order execution path to detect latency spikes."
tags:
- monitoring
- trading
- dynatrace
capability:
exposes:
- type: mcp
namespace: trading-performance
port: 8080
tools:
- name: get-latency-problems
description: "Retrieve latency-related problems from Dynatrace for trading systems."
inputParameters:
- name: time_range
in: body
type: string
description: "Time range."
call: "dynatrace.get-problems"
with:
relativeTime: "{{time_range}}"
status: "OPEN"
impactLevel: "SERVICE"
outputParameters:
- name: problems
type: array
mapping: "$.result"
- name: total_count
type: integer
mapping: "$.totalCount"
consumes:
- type: http
namespace: dynatrace
baseUri: "https://schwab.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: problems
path: "/problems"
operations:
- name: get-problems
method: GET
Elasticsearch Trade Log Search
▼
compliance logging elasticsearch
Searches Elasticsearch indices for trade execution logs by account, symbol, or time range for compliance audit trails.
naftiko: "0.5"
info:
label: "Elasticsearch Trade Log Search"
description: "Searches Elasticsearch indices for trade execution logs by account, symbol, or time range for compliance audit trails."
tags:
- compliance
- logging
- elasticsearch
capability:
exposes:
- type: mcp
namespace: trade-logs
port: 8080
tools:
- name: search-trade-logs
description: "Search trade execution logs in Elasticsearch."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account identifier."
- name: symbol
in: body
type: string
description: "Security symbol to filter by."
- name: date_from
in: body
type: string
description: "Start date in YYYY-MM-DD format."
call: "elasticsearch.search"
with:
index: "trade-executions-*"
query: "{\"bool\":{\"must\":[{\"term\":{\"account_id\":\"{{account_id}}\"}},{\"term\":{\"symbol\":\"{{symbol}}\"}},{\"range\":{\"timestamp\":{\"gte\":\"{{date_from}}\"}}}]}}"
outputParameters:
- name: trades
type: array
mapping: "$.hits.hits"
- name: total
type: integer
mapping: "$.hits.total.value"
consumes:
- type: http
namespace: elasticsearch
baseUri: "https://es-cluster.schwab.com"
authentication:
type: bearer
token: "$secrets.elasticsearch_token"
resources:
- name: search
path: "/{{index}}/_search"
inputParameters:
- name: index
in: path
operations:
- name: search
method: POST
ETF Prospectus Update Orchestrator
▼
fund-management prospectus factset snowflake sharepoint microsoft-teams
On SEC filing detection, retrieves prospectus data from FactSet, updates the fund database in Snowflake, publishes to the client portal via SharePoint, and notifies compliance via Microsoft Teams.
naftiko: "0.5"
info:
label: "ETF Prospectus Update Orchestrator"
description: "On SEC filing detection, retrieves prospectus data from FactSet, updates the fund database in Snowflake, publishes to the client portal via SharePoint, and notifies compliance via Microsoft Teams."
tags:
- fund-management
- prospectus
- factset
- snowflake
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: prospectus-management
port: 8080
tools:
- name: process-prospectus-update
description: "Orchestrate ETF prospectus update across FactSet, Snowflake, SharePoint, and Teams."
inputParameters:
- name: fund_ticker
in: body
type: string
description: "ETF ticker symbol."
- name: filing_id
in: body
type: string
description: "SEC filing identifier."
steps:
- name: get-prospectus
type: call
call: "factset.get-fund-filing"
with:
ticker: "{{fund_ticker}}"
filing_id: "{{filing_id}}"
- name: update-database
type: call
call: "snowflake.execute-update"
with:
statement: "UPDATE FUND_PROSPECTUS SET content = '{{get-prospectus.content}}', effective_date = '{{get-prospectus.effective_date}}' WHERE ticker = '{{fund_ticker}}'"
warehouse: "SCHWAB_FUND_WH"
- name: publish-portal
type: call
call: "sharepoint.upload-file"
with:
site_id: "fund_documents"
path: "Prospectus/{{fund_ticker}}/{{filing_id}}.pdf"
content: "{{get-prospectus.document}}"
- name: notify-compliance
type: call
call: "msteams.send-channel-message"
with:
team_id: "fund-compliance"
channel: "prospectus-updates"
text: "Prospectus updated: {{fund_ticker}}. Filing: {{filing_id}}. Effective: {{get-prospectus.effective_date}}."
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/content/factset-funds/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: filings
path: "/fund-filings"
operations:
- name: get-fund-filing
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-update
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{path}}:/content"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
F5 Networks Trading Gateway Health
▼
infrastructure trading f5-networks
Checks F5 load balancer pools for the trading gateway infrastructure.
naftiko: "0.5"
info:
label: "F5 Networks Trading Gateway Health"
description: "Checks F5 load balancer pools for the trading gateway infrastructure."
tags:
- infrastructure
- trading
- f5-networks
capability:
exposes:
- type: mcp
namespace: trading-infra
port: 8080
tools:
- name: check-gateway-health
description: "Check F5 pool health for trading gateways."
inputParameters:
- name: pool_name
in: body
type: string
description: "F5 pool name."
call: "f5.get-pool-members"
with:
pool_name: "{{pool_name}}"
outputParameters:
- name: available_count
type: integer
mapping: "$.available_count"
- name: total_count
type: integer
mapping: "$.total_count"
consumes:
- type: http
namespace: f5
baseUri: "https://f5.schwab.com/mgmt/tm/ltm"
authentication:
type: basic
username: "$secrets.f5_user"
password: "$secrets.f5_password"
resources:
- name: pool-members
path: "/pool/{{pool_name}}/members"
inputParameters:
- name: pool_name
in: path
operations:
- name: get-pool-members
method: GET
FactSet Earnings Calendar Retriever
▼
research earnings factset
Retrieves upcoming earnings dates and estimates from FactSet for securities in Schwab client portfolios.
naftiko: "0.5"
info:
label: "FactSet Earnings Calendar Retriever"
description: "Retrieves upcoming earnings dates and estimates from FactSet for securities in Schwab client portfolios."
tags:
- research
- earnings
- factset
capability:
exposes:
- type: mcp
namespace: earnings-research
port: 8080
tools:
- name: get-earnings-calendar
description: "Fetch upcoming earnings dates and consensus estimates from FactSet."
inputParameters:
- name: ticker
in: body
type: string
description: "Stock ticker symbol."
call: "factset.get-earnings"
with:
ids: "{{ticker}}"
outputParameters:
- name: earnings_date
type: string
mapping: "$.data[0].earnings_date"
- name: eps_estimate
type: number
mapping: "$.data[0].eps_consensus"
- name: revenue_estimate
type: number
mapping: "$.data[0].revenue_consensus"
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/content/factset-estimates/v2"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: earnings
path: "/consensus-estimates"
operations:
- name: get-earnings
method: POST
FactSet Research Data Retriever
▼
research fundamentals factset
Retrieves fundamental financial data from FactSet for equity research and investment analysis.
naftiko: "0.5"
info:
label: "FactSet Research Data Retriever"
description: "Retrieves fundamental financial data from FactSet for equity research and investment analysis."
tags:
- research
- fundamentals
- factset
capability:
exposes:
- type: mcp
namespace: equity-research
port: 8080
tools:
- name: get-fundamentals
description: "Fetch fundamental financial data from FactSet for a given company."
inputParameters:
- name: ticker
in: body
type: string
description: "Stock ticker symbol."
- name: metrics
in: body
type: string
description: "Comma-separated metrics (e.g., PE_RATIO,EPS,REVENUE,MARKET_CAP)."
call: "factset.get-fundamentals"
with:
ids: "{{ticker}}"
metrics: "{{metrics}}"
outputParameters:
- name: data
type: object
mapping: "$.data[0]"
- name: company_name
type: string
mapping: "$.data[0].companyName"
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/content"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_api_key"
resources:
- name: fundamentals
path: "/factset-fundamentals/v2/fundamentals"
operations:
- name: get-fundamentals
method: POST
Fixed Income Trade Matching Orchestrator
▼
fixed-income trade-matching calypso tradeweb snowflake jira
Matches fixed income trades by comparing Calypso entries with counterparty confirmations via Tradeweb, reconciling in Snowflake, and escalating breaks via Jira.
naftiko: "0.5"
info:
label: "Fixed Income Trade Matching Orchestrator"
description: "Matches fixed income trades by comparing Calypso entries with counterparty confirmations via Tradeweb, reconciling in Snowflake, and escalating breaks via Jira."
tags:
- fixed-income
- trade-matching
- calypso
- tradeweb
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: fi-matching
port: 8080
tools:
- name: match-fi-trades
description: "Orchestrate fixed income trade matching across Calypso, Tradeweb, Snowflake, and Jira."
inputParameters:
- name: trade_date
in: body
type: string
description: "Trade date in YYYY-MM-DD."
- name: asset_class
in: body
type: string
description: "Asset class (corporate, treasury, muni, agency)."
steps:
- name: get-calypso-trades
type: call
call: "calypso.get-fi-trades"
with:
trade_date: "{{trade_date}}"
asset_class: "{{asset_class}}"
- name: get-counterparty-confirms
type: call
call: "tradeweb.get-confirmations"
with:
date: "{{trade_date}}"
product: "{{asset_class}}"
- name: run-matching
type: call
call: "snowflake.execute-matching"
with:
statement: "CALL FI_TRADE_MATCH('{{trade_date}}', '{{asset_class}}')"
warehouse: "SCHWAB_OPERATIONS_WH"
- name: escalate-breaks
type: call
call: "jira.create-issue"
with:
project: "TRADEOPS"
summary: "FI trade breaks: {{trade_date}} {{asset_class}} - {{run-matching.break_count}} unmatched"
description: "Trade date: {{trade_date}}\nAsset class: {{asset_class}}\nMatched: {{run-matching.matched_count}}\nBreaks: {{run-matching.break_count}}\nTotal notional: {{run-matching.total_notional}}"
issuetype: "Task"
consumes:
- type: http
namespace: calypso
baseUri: "https://calypso.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.calypso_token"
resources:
- name: fi-trades
path: "/trades/fixed-income"
operations:
- name: get-fi-trades
method: GET
- type: http
namespace: tradeweb
baseUri: "https://api.tradeweb.com/v1"
authentication:
type: bearer
token: "$secrets.tradeweb_token"
resources:
- name: confirmations
path: "/confirmations"
operations:
- name: get-confirmations
method: GET
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-matching
method: POST
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
GitHub Actions Platform Deployment
▼
devops deployment github-actions microsoft-teams
Triggers GitHub Actions deployment workflow for Schwab's digital platform and notifies the release team.
naftiko: "0.5"
info:
label: "GitHub Actions Platform Deployment"
description: "Triggers GitHub Actions deployment workflow for Schwab's digital platform and notifies the release team."
tags:
- devops
- deployment
- github-actions
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: platform-deployment
port: 8080
tools:
- name: trigger-deployment
description: "Trigger a GitHub Actions deployment workflow and notify the release team."
inputParameters:
- name: repo
in: body
type: string
description: "Repository (org/repo)."
- name: workflow_id
in: body
type: string
description: "Workflow ID."
- name: environment
in: body
type: string
description: "Target environment."
steps:
- name: dispatch-workflow
type: call
call: "github.dispatch-workflow"
with:
owner_repo: "{{repo}}"
workflow_id: "{{workflow_id}}"
ref: "main"
inputs: "{\"environment\": \"{{environment}}\"}"
- name: notify-team
type: call
call: "msteams.send-message"
with:
channel_id: "release_management"
text: "Deployment triggered: {{repo}} to {{environment}}."
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-dispatches
path: "/repos/{{owner_repo}}/actions/workflows/{{workflow_id}}/dispatches"
inputParameters:
- name: owner_repo
in: path
- name: workflow_id
in: path
operations:
- name: dispatch-workflow
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Google Drive Client Document Organizer
▼
document-management google-drive
Organizes client financial planning documents in Google Drive by account and type.
naftiko: "0.5"
info:
label: "Google Drive Client Document Organizer"
description: "Organizes client financial planning documents in Google Drive by account and type."
tags:
- document-management
- google-drive
capability:
exposes:
- type: mcp
namespace: client-documents
port: 8080
tools:
- name: organize-client-doc
description: "Move a client document to the correct Drive folder."
inputParameters:
- name: file_id
in: body
type: string
description: "File ID."
- name: account_number
in: body
type: string
description: "Account number."
call: "google-drive.move-file"
with:
file_id: "{{file_id}}"
target_folder: "clients_{{account_number}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
consumes:
- type: http
namespace: google-drive
baseUri: "https://www.googleapis.com/drive/v3"
authentication:
type: bearer
token: "$secrets.google_drive_token"
resources:
- name: files
path: "/files/{{file_id}}"
inputParameters:
- name: file_id
in: path
operations:
- name: move-file
method: PATCH
Google Sheets Financial Planning Exporter
▼
financial-planning reporting snowflake google-sheets
Exports financial planning model outputs from Snowflake to Google Sheets for advisor use in client meetings.
naftiko: "0.5"
info:
label: "Google Sheets Financial Planning Exporter"
description: "Exports financial planning model outputs from Snowflake to Google Sheets for advisor use in client meetings."
tags:
- financial-planning
- reporting
- snowflake
- google-sheets
capability:
exposes:
- type: mcp
namespace: financial-planning
port: 8080
tools:
- name: export-planning-model
description: "Run a financial planning projection and export to Google Sheets."
inputParameters:
- name: account_number
in: body
type: string
description: "Client account number."
- name: projection_years
in: body
type: integer
description: "Years to project."
- name: spreadsheet_id
in: body
type: string
description: "Google Sheets ID."
steps:
- name: run-projection
type: call
call: "snowflake.run-query"
with:
query: "CALL run_financial_projection('{{account_number}}', {{projection_years}})"
- name: write-sheet
type: call
call: "google-sheets.update-values"
with:
spreadsheet_id: "{{spreadsheet_id}}"
range: "Projection!A1"
values: "{{run-projection.results}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: google-sheets
baseUri: "https://sheets.googleapis.com/v4/spreadsheets"
authentication:
type: bearer
token: "$secrets.google_sheets_token"
resources:
- name: values
path: "/{{spreadsheet_id}}/values/{{range}}"
inputParameters:
- name: spreadsheet_id
in: path
- name: range
in: path
operations:
- name: update-values
method: PUT
Grafana Infrastructure Dashboard Snapshot
▼
infrastructure monitoring grafana
Retrieves a snapshot of infrastructure health metrics from Grafana dashboards for Schwab's trading platform systems.
naftiko: "0.5"
info:
label: "Grafana Infrastructure Dashboard Snapshot"
description: "Retrieves a snapshot of infrastructure health metrics from Grafana dashboards for Schwab's trading platform systems."
tags:
- infrastructure
- monitoring
- grafana
capability:
exposes:
- type: mcp
namespace: infra-monitoring
port: 8080
tools:
- name: get-dashboard-snapshot
description: "Fetch a Grafana dashboard snapshot by dashboard UID."
inputParameters:
- name: dashboard_uid
in: body
type: string
description: "Grafana dashboard UID."
call: "grafana.get-dashboard"
with:
uid: "{{dashboard_uid}}"
outputParameters:
- name: title
type: string
mapping: "$.dashboard.title"
- name: panels
type: array
mapping: "$.dashboard.panels"
consumes:
- type: http
namespace: grafana
baseUri: "https://grafana.schwab.com/api"
authentication:
type: bearer
token: "$secrets.grafana_api_key"
resources:
- name: dashboards
path: "/dashboards/uid/{{uid}}"
inputParameters:
- name: uid
in: path
operations:
- name: get-dashboard
method: GET
HashiCorp Vault Secret Rotation Status
▼
security secrets-management hashicorp-vault
Checks secret rotation status and lease expiration in HashiCorp Vault for Schwab trading platform credentials.
naftiko: "0.5"
info:
label: "HashiCorp Vault Secret Rotation Status"
description: "Checks secret rotation status and lease expiration in HashiCorp Vault for Schwab trading platform credentials."
tags:
- security
- secrets-management
- hashicorp-vault
capability:
exposes:
- type: mcp
namespace: secrets-management
port: 8080
tools:
- name: check-secret-status
description: "Check a secret's lease and rotation status in Vault."
inputParameters:
- name: secret_path
in: body
type: string
description: "Vault secret path (e.g., secret/data/trading/db-creds)."
call: "vault.read-secret-metadata"
with:
path: "{{secret_path}}"
outputParameters:
- name: version
type: integer
mapping: "$.data.current_version"
- name: created_time
type: string
mapping: "$.data.versions.*.created_time"
- name: deletion_time
type: string
mapping: "$.data.versions.*.deletion_time"
consumes:
- type: http
namespace: vault
baseUri: "https://vault.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: metadata
path: "/{{path}}/metadata"
inputParameters:
- name: path
in: path
operations:
- name: read-secret-metadata
method: GET
Informatica Client Data Quality Pipeline
▼
data-quality master-data informatica
Triggers an Informatica data quality job to validate and cleanse client master data records.
naftiko: "0.5"
info:
label: "Informatica Client Data Quality Pipeline"
description: "Triggers an Informatica data quality job to validate and cleanse client master data records."
tags:
- data-quality
- master-data
- informatica
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: run-data-quality-job
description: "Trigger an Informatica data quality validation job for client records."
inputParameters:
- name: job_name
in: body
type: string
description: "Informatica job name."
- name: scope
in: body
type: string
description: "Data scope (all_clients, new_accounts, address_updates)."
call: "informatica.run-job"
with:
job_name: "{{job_name}}"
parameters: "{\"scope\": \"{{scope}}\"}"
outputParameters:
- name: run_id
type: string
mapping: "$.runId"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: informatica
baseUri: "https://na1.dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: jobs
path: "/job"
operations:
- name: run-job
method: POST
Intuit Tax Document Generator
▼
tax reporting snowflake
Generates tax documents (1099-DIV, 1099-INT, 1099-B) for client accounts using tax data from Snowflake.
naftiko: "0.5"
info:
label: "Intuit Tax Document Generator"
description: "Generates tax documents (1099-DIV, 1099-INT, 1099-B) for client accounts using tax data from Snowflake."
tags:
- tax
- reporting
- snowflake
capability:
exposes:
- type: mcp
namespace: tax-reporting
port: 8080
tools:
- name: generate-tax-docs
description: "Generate tax reporting documents from Snowflake data."
inputParameters:
- name: account_number
in: body
type: string
description: "Client account number."
- name: tax_year
in: body
type: string
description: "Tax year."
- name: form_type
in: body
type: string
description: "Form type (1099-DIV, 1099-INT, 1099-B)."
call: "snowflake.run-query"
with:
query: "CALL generate_tax_form('{{account_number}}', '{{tax_year}}', '{{form_type}}')"
outputParameters:
- name: form_data
type: object
mapping: "$.data[0]"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
IRA Rollover Processing Orchestrator
▼
retirement ira-rollover docusign servicenow microsoft-teams
Orchestrates IRA rollover requests by validating eligibility via the account system, sending DocuSign agreements, creating a ServiceNow tracking ticket, and notifying the advisor via Microsoft Teams.
naftiko: "0.5"
info:
label: "IRA Rollover Processing Orchestrator"
description: "Orchestrates IRA rollover requests by validating eligibility via the account system, sending DocuSign agreements, creating a ServiceNow tracking ticket, and notifying the advisor via Microsoft Teams."
tags:
- retirement
- ira-rollover
- docusign
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ira-rollover
port: 8080
tools:
- name: process-rollover
description: "Orchestrate IRA rollover processing across eligibility, DocuSign, ServiceNow, and Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "Source account ID."
- name: rollover_amount
in: body
type: number
description: "Rollover amount."
- name: rollover_type
in: body
type: string
description: "Rollover type (traditional, roth, sep)."
- name: advisor_email
in: body
type: string
description: "Advisor email for notification."
steps:
- name: validate-eligibility
type: call
call: "accounts.check-rollover-eligibility"
with:
account_id: "{{account_id}}"
amount: "{{rollover_amount}}"
type: "{{rollover_type}}"
- name: send-agreement
type: call
call: "docusign.create-envelope"
with:
templateId: "ira-rollover-{{rollover_type}}"
signerEmail: "{{validate-eligibility.client_email}}"
signerName: "{{validate-eligibility.client_name}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "IRA Rollover: {{account_id}} - ${{rollover_amount}}"
category: "retirement_operations"
assigned_group: "Retirement_Services"
description: "{{rollover_type}} rollover for ${{rollover_amount}}. DocuSign: {{send-agreement.envelope_id}}."
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{advisor_email}}"
text: "IRA rollover initiated: {{account_id}}, ${{rollover_amount}} ({{rollover_type}}). Ticket: {{create-ticket.number}}. DocuSign sent to client."
consumes:
- type: http
namespace: accounts
baseUri: "https://accounts-api.schwab.com/v2"
authentication:
type: bearer
token: "$secrets.accounts_api_token"
resources:
- name: rollover
path: "/rollover/eligibility"
operations:
- name: check-rollover-eligibility
method: POST
- type: http
namespace: docusign
baseUri: "https://na4.docusign.net/restapi/v2.1/accounts/$secrets.docusign_account_id"
authentication:
type: bearer
token: "$secrets.docusign_access_token"
resources:
- name: envelopes
path: "/envelopes"
operations:
- name: create-envelope
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Jira Development Sprint Tracker
▼
development project-management jira
Retrieves sprint progress from Jira for the Schwab digital platform engineering team.
naftiko: "0.5"
info:
label: "Jira Development Sprint Tracker"
description: "Retrieves sprint progress from Jira for the Schwab digital platform engineering team."
tags:
- development
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: dev-tracking
port: 8080
tools:
- name: get-sprint-progress
description: "Fetch current sprint progress from Jira."
inputParameters:
- name: board_id
in: body
type: string
description: "Jira board ID."
call: "jira.get-active-sprint"
with:
board_id: "{{board_id}}"
outputParameters:
- name: sprint_name
type: string
mapping: "$.values[0].name"
- name: start_date
type: string
mapping: "$.values[0].startDate"
- name: end_date
type: string
mapping: "$.values[0].endDate"
consumes:
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: sprints
path: "/board/{{board_id}}/sprint"
inputParameters:
- name: board_id
in: path
operations:
- name: get-active-sprint
method: GET
Kafka Trade Event Stream Monitor
▼
streaming kafka trading
Monitors Apache Kafka topic health and consumer lag for Schwab's real-time trade event streaming pipeline.
naftiko: "0.5"
info:
label: "Kafka Trade Event Stream Monitor"
description: "Monitors Apache Kafka topic health and consumer lag for Schwab's real-time trade event streaming pipeline."
tags:
- streaming
- kafka
- trading
capability:
exposes:
- type: mcp
namespace: trade-streaming
port: 8080
tools:
- name: get-topic-health
description: "Check Kafka topic health and consumer lag for trade event streams."
inputParameters:
- name: topic_name
in: body
type: string
description: "Kafka topic name."
- name: consumer_group
in: body
type: string
description: "Consumer group ID."
call: "kafka.get-consumer-lag"
with:
topic: "{{topic_name}}"
group: "{{consumer_group}}"
outputParameters:
- name: total_lag
type: integer
mapping: "$.total_lag"
- name: partitions
type: array
mapping: "$.partitions"
consumes:
- type: http
namespace: kafka
baseUri: "https://kafka-rest.schwab.com/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: consumer-groups
path: "/clusters/schwab-prod/consumer-groups/{{group}}/lags"
inputParameters:
- name: group
in: path
operations:
- name: get-consumer-lag
method: GET
LinkedIn Investor Relations Publisher
▼
investor-relations communications linkedin
Publishes investor relations content on the Schwab LinkedIn company page for earnings and corporate updates.
naftiko: "0.5"
info:
label: "LinkedIn Investor Relations Publisher"
description: "Publishes investor relations content on the Schwab LinkedIn company page for earnings and corporate updates."
tags:
- investor-relations
- communications
- linkedin
capability:
exposes:
- type: mcp
namespace: investor-comms
port: 8080
tools:
- name: publish-ir-post
description: "Post investor relations content to the Schwab LinkedIn page."
inputParameters:
- name: text
in: body
type: string
description: "Post content."
- name: link_url
in: body
type: string
description: "Link URL."
call: "linkedin.create-post"
with:
author: "urn:li:organization:{{schwab_org_id}}"
text: "{{text}}"
link: "{{link_url}}"
outputParameters:
- name: post_id
type: string
mapping: "$.id"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: ugcPosts
path: "/ugcPosts"
operations:
- name: create-post
method: POST
MailChimp Client Newsletter Sender
▼
marketing client-engagement mailchimp
Creates and sends market insight newsletters to Schwab clients segmented by investment interests.
naftiko: "0.5"
info:
label: "MailChimp Client Newsletter Sender"
description: "Creates and sends market insight newsletters to Schwab clients segmented by investment interests."
tags:
- marketing
- client-engagement
- mailchimp
capability:
exposes:
- type: mcp
namespace: client-newsletters
port: 8080
tools:
- name: send-newsletter
description: "Create and send a market insights newsletter via MailChimp."
inputParameters:
- name: list_id
in: body
type: string
description: "MailChimp list ID."
- name: subject
in: body
type: string
description: "Email subject."
- name: template_id
in: body
type: string
description: "MailChimp template ID."
call: "mailchimp.create-campaign"
with:
type: "regular"
recipients_list_id: "{{list_id}}"
subject_line: "{{subject}}"
template_id: "{{template_id}}"
from_name: "Charles Schwab"
outputParameters:
- name: campaign_id
type: string
mapping: "$.id"
consumes:
- type: http
namespace: mailchimp
baseUri: "https://us1.api.mailchimp.com/3.0"
authentication:
type: basic
username: "anystring"
password: "$secrets.mailchimp_api_key"
resources:
- name: campaigns
path: "/campaigns"
operations:
- name: create-campaign
method: POST
Margin Call Alert Pipeline
▼
risk-management margin salesforce twilio servicenow
On margin threshold breach detection, retrieves account details from Salesforce, generates a margin call notice, sends SMS via Twilio, and creates a ServiceNow case.
naftiko: "0.5"
info:
label: "Margin Call Alert Pipeline"
description: "On margin threshold breach detection, retrieves account details from Salesforce, generates a margin call notice, sends SMS via Twilio, and creates a ServiceNow case."
tags:
- risk-management
- margin
- salesforce
- twilio
- servicenow
capability:
exposes:
- type: mcp
namespace: margin-alerts
port: 8080
tools:
- name: process-margin-call
description: "Orchestrate margin call notification across Salesforce, Twilio, and ServiceNow."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: margin_deficit
in: body
type: number
description: "Margin deficit amount."
steps:
- name: get-account
type: call
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
- name: send-sms
type: call
call: "twilio.send-message"
with:
To: "{{get-account.phone}}"
Body: "Schwab Margin Notice: Account {{account_id}} has a margin deficit of ${{margin_deficit}}. Please deposit funds or reduce positions by market close."
From: "+18005407000"
- name: create-case
type: call
call: "servicenow.create-incident"
with:
short_description: "Margin call: {{account_id}} - deficit ${{margin_deficit}}"
category: "margin_operations"
assigned_group: "Margin_Operations"
description: "Margin call for account {{account_id}}. Deficit: ${{margin_deficit}}. Client: {{get-account.name}}. SMS sent: {{send-sms.message_sid}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: twilio
baseUri: "https://api.twilio.com/2010-04-01/Accounts/$secrets.twilio_account_sid"
authentication:
type: basic
username: "$secrets.twilio_account_sid"
password: "$secrets.twilio_auth_token"
resources:
- name: messages
path: "/Messages.json"
operations:
- name: send-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Market Data Feed Failover Orchestrator
▼
market-data failover bloomberg factset microsoft-teams servicenow
On Bloomberg feed disruption, switches to FactSet backup, validates data quality in Snowflake, alerts trading desks via Microsoft Teams, and creates a ServiceNow incident.
naftiko: "0.5"
info:
label: "Market Data Feed Failover Orchestrator"
description: "On Bloomberg feed disruption, switches to FactSet backup, validates data quality in Snowflake, alerts trading desks via Microsoft Teams, and creates a ServiceNow incident."
tags:
- market-data
- failover
- bloomberg
- factset
- microsoft-teams
- servicenow
capability:
exposes:
- type: mcp
namespace: feed-failover
port: 8080
tools:
- name: execute-failover
description: "Orchestrate market data feed failover from Bloomberg to FactSet."
inputParameters:
- name: feed_id
in: body
type: string
description: "Bloomberg feed identifier."
- name: failure_type
in: body
type: string
description: "Type of failure (latency, stale, disconnected)."
steps:
- name: activate-backup
type: call
call: "factset.activate-feed"
with:
feed_type: "{{feed_id}}"
mode: "primary"
- name: validate-quality
type: call
call: "snowflake.query-quality"
with:
statement: "SELECT COUNT(*) as stale_count FROM MARKET_DATA WHERE updated_at < DATEADD(minute, -5, CURRENT_TIMESTAMP)"
warehouse: "SCHWAB_TRADING_WH"
- name: alert-trading
type: call
call: "msteams.send-channel-message"
with:
team_id: "trading-desks"
channel: "market-data-alerts"
text: "ALERT: Bloomberg feed {{feed_id}} failed ({{failure_type}}). Switched to FactSet backup. Data quality check: {{validate-quality.stale_count}} stale records."
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "Bloomberg feed failover: {{feed_id}} - {{failure_type}}"
category: "market_data"
assigned_group: "Market_Data_Ops"
description: "Bloomberg feed {{feed_id}} failed: {{failure_type}}. FactSet backup activated. Stale records: {{validate-quality.stale_count}}."
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/content"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: feeds
path: "/feeds/activate"
operations:
- name: activate-feed
method: POST
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-quality
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Microsoft Graph Client Communication Logger
▼
compliance communications microsoft-graph
Logs client-advisor email communications through Microsoft Graph for compliance recordkeeping.
naftiko: "0.5"
info:
label: "Microsoft Graph Client Communication Logger"
description: "Logs client-advisor email communications through Microsoft Graph for compliance recordkeeping."
tags:
- compliance
- communications
- microsoft-graph
capability:
exposes:
- type: mcp
namespace: comms-logging
port: 8080
tools:
- name: log-client-email
description: "Retrieve and log a client-advisor email communication for compliance."
inputParameters:
- name: user_upn
in: body
type: string
description: "Advisor user principal name."
- name: message_id
in: body
type: string
description: "Email message ID."
call: "msgraph.get-message"
with:
user_upn: "{{user_upn}}"
message_id: "{{message_id}}"
outputParameters:
- name: subject
type: string
mapping: "$.subject"
- name: from
type: string
mapping: "$.from.emailAddress.address"
- name: received_date
type: string
mapping: "$.receivedDateTime"
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{user_upn}}/messages/{{message_id}}"
inputParameters:
- name: user_upn
in: path
- name: message_id
in: path
operations:
- name: get-message
method: GET
Microsoft Intune Device Compliance Checker
▼
security endpoint microsoft-intune
Checks Microsoft Intune device compliance status for Schwab employee devices accessing trading and client data systems.
naftiko: "0.5"
info:
label: "Microsoft Intune Device Compliance Checker"
description: "Checks Microsoft Intune device compliance status for Schwab employee devices accessing trading and client data systems."
tags:
- security
- endpoint
- microsoft-intune
capability:
exposes:
- type: mcp
namespace: device-compliance
port: 8080
tools:
- name: check-device-compliance
description: "Query Microsoft Intune for device compliance status."
inputParameters:
- name: device_id
in: body
type: string
description: "Intune device ID."
call: "intune.get-device-compliance"
with:
device_id: "{{device_id}}"
outputParameters:
- name: compliance_state
type: string
mapping: "$.complianceState"
- name: os_version
type: string
mapping: "$.osVersion"
- name: last_sync
type: string
mapping: "$.lastSyncDateTime"
consumes:
- type: http
namespace: intune
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: devices
path: "/deviceManagement/managedDevices/{{device_id}}"
inputParameters:
- name: device_id
in: path
operations:
- name: get-device-compliance
method: GET
MongoDB Client Preferences Lookup
▼
client-data preferences mongodb
Queries MongoDB for client communication preferences, notification settings, and personalization configuration.
naftiko: "0.5"
info:
label: "MongoDB Client Preferences Lookup"
description: "Queries MongoDB for client communication preferences, notification settings, and personalization configuration."
tags:
- client-data
- preferences
- mongodb
capability:
exposes:
- type: mcp
namespace: client-preferences
port: 8080
tools:
- name: get-client-preferences
description: "Look up client preferences and notification settings from MongoDB."
inputParameters:
- name: client_id
in: body
type: string
description: "Schwab client identifier."
call: "mongodb.find-one"
with:
collection: "client_preferences"
filter: "{\"client_id\": \"{{client_id}}\"}"
outputParameters:
- name: notification_channels
type: array
mapping: "$.notification_channels"
- name: language
type: string
mapping: "$.language_preference"
- name: paperless
type: boolean
mapping: "$.paperless_enrolled"
consumes:
- type: http
namespace: mongodb
baseUri: "https://data.mongodb-api.schwab.com/app/data-schwab/endpoint/data/v1"
authentication:
type: bearer
token: "$secrets.mongodb_api_key"
resources:
- name: find
path: "/action/findOne"
operations:
- name: find-one
method: POST
Mutual Fund Prospectus Delivery Pipeline
▼
mutual-funds prospectus box salesforce
On new mutual fund purchase, retrieves the prospectus from the fund company API, stores in Box, sends to the client via email, and logs compliance delivery in Salesforce.
naftiko: "0.5"
info:
label: "Mutual Fund Prospectus Delivery Pipeline"
description: "On new mutual fund purchase, retrieves the prospectus from the fund company API, stores in Box, sends to the client via email, and logs compliance delivery in Salesforce."
tags:
- mutual-funds
- prospectus
- box
- salesforce
capability:
exposes:
- type: mcp
namespace: prospectus-delivery
port: 8080
tools:
- name: deliver-prospectus
description: "Orchestrate mutual fund prospectus delivery across fund API, Box, email, and Salesforce."
inputParameters:
- name: fund_ticker
in: body
type: string
description: "Mutual fund ticker."
- name: account_id
in: body
type: string
description: "Client account ID."
- name: client_email
in: body
type: string
description: "Client email address."
steps:
- name: get-prospectus
type: call
call: "funds.get-prospectus"
with:
ticker: "{{fund_ticker}}"
- name: store-copy
type: call
call: "box.upload-file"
with:
folder_id: "prospectus_delivery"
filename: "{{fund_ticker}}_{{account_id}}_prospectus.pdf"
content: "{{get-prospectus.document}}"
- name: email-client
type: call
call: "ses.send-email"
with:
to: "{{client_email}}"
subject: "Prospectus for {{get-prospectus.fund_name}}"
body: "Please find attached the prospectus for your recent purchase of {{get-prospectus.fund_name}} ({{fund_ticker}})."
attachment: "{{store-copy.url}}"
- name: log-delivery
type: call
call: "salesforce.create-task"
with:
account_id: "{{account_id}}"
subject: "Prospectus delivered: {{fund_ticker}}"
description: "Prospectus for {{get-prospectus.fund_name}} delivered via email. Box link: {{store-copy.url}}."
consumes:
- type: http
namespace: funds
baseUri: "https://fund-data.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.fund_data_token"
resources:
- name: prospectus
path: "/funds/{{ticker}}/prospectus"
inputParameters:
- name: ticker
in: path
operations:
- name: get-prospectus
method: GET
- type: http
namespace: box
baseUri: "https://upload.box.com/api/2.0"
authentication:
type: bearer
token: "$secrets.box_access_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: emails
path: "/v2/email/outbound-emails"
operations:
- name: send-email
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
New Advisor Provisioning Orchestrator
▼
hr provisioning workday okta salesforce pluralsight
On new financial advisor hire, creates Workday profile, provisions Okta account with MFA, sets up Salesforce user, and assigns Pluralsight training paths.
naftiko: "0.5"
info:
label: "New Advisor Provisioning Orchestrator"
description: "On new financial advisor hire, creates Workday profile, provisions Okta account with MFA, sets up Salesforce user, and assigns Pluralsight training paths."
tags:
- hr
- provisioning
- workday
- okta
- salesforce
- pluralsight
capability:
exposes:
- type: mcp
namespace: advisor-provisioning
port: 8080
tools:
- name: provision-advisor
description: "Orchestrate new advisor provisioning across Workday, Okta, Salesforce, and Pluralsight."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: department
in: body
type: string
description: "Department name."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{employee_id}}"
- name: create-okta-user
type: call
call: "okta.create-user"
with:
email: "{{get-employee.email}}"
firstName: "{{get-employee.first_name}}"
lastName: "{{get-employee.last_name}}"
group: "Financial_Advisors"
- name: create-sf-user
type: call
call: "salesforce.create-user"
with:
email: "{{get-employee.email}}"
name: "{{get-employee.full_name}}"
profile: "Financial_Advisor"
- name: assign-training
type: call
call: "pluralsight.assign-channel"
with:
email: "{{get-employee.email}}"
channel_id: "advisor-onboarding-path"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://schwab.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/sobjects/User"
operations:
- name: create-user
method: POST
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/api/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: assignments
path: "/channel-assignments"
operations:
- name: assign-channel
method: POST
New Relic Application Performance Monitor
▼
monitoring devops new-relic
Retrieves application health metrics from New Relic for Schwab's client-facing web and mobile applications.
naftiko: "0.5"
info:
label: "New Relic Application Performance Monitor"
description: "Retrieves application health metrics from New Relic for Schwab's client-facing web and mobile applications."
tags:
- monitoring
- devops
- new-relic
capability:
exposes:
- type: mcp
namespace: app-health
port: 8080
tools:
- name: get-app-health
description: "Fetch application performance metrics from New Relic."
inputParameters:
- name: app_name
in: body
type: string
description: "New Relic application name."
call: "newrelic.get-app-metrics"
with:
app_name: "{{app_name}}"
outputParameters:
- name: error_rate
type: number
mapping: "$.application.application_summary.error_rate"
- name: response_time
type: number
mapping: "$.application.application_summary.response_time"
- name: throughput
type: number
mapping: "$.application.application_summary.throughput"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apiKey
key: "$secrets.newrelic_api_key"
resources:
- name: applications
path: "/applications.json"
operations:
- name: get-app-metrics
method: GET
Okta User Authentication Status
▼
identity authentication okta
Checks user authentication status and MFA enrollment in Okta for Schwab employee and advisor access management.
naftiko: "0.5"
info:
label: "Okta User Authentication Status"
description: "Checks user authentication status and MFA enrollment in Okta for Schwab employee and advisor access management."
tags:
- identity
- authentication
- okta
capability:
exposes:
- type: mcp
namespace: identity-management
port: 8080
tools:
- name: get-user-auth-status
description: "Check a user's authentication status and MFA enrollment in Okta."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address."
call: "okta.get-user"
with:
login: "{{user_email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: mfa_enrolled
type: boolean
mapping: "$.credentials.provider.type"
- name: last_login
type: string
mapping: "$.lastLogin"
consumes:
- type: http
namespace: okta
baseUri: "https://schwab.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{login}}"
inputParameters:
- name: login
in: path
operations:
- name: get-user
method: GET
Options Expiration Notification Pipeline
▼
options expiration snowflake bloomberg twilio salesforce
Identifies expiring options positions from Snowflake, evaluates in-the-money status from Bloomberg, sends client notifications via Twilio SMS, and logs actions in Salesforce.
naftiko: "0.5"
info:
label: "Options Expiration Notification Pipeline"
description: "Identifies expiring options positions from Snowflake, evaluates in-the-money status from Bloomberg, sends client notifications via Twilio SMS, and logs actions in Salesforce."
tags:
- options
- expiration
- snowflake
- bloomberg
- twilio
- salesforce
capability:
exposes:
- type: mcp
namespace: options-expiration
port: 8080
tools:
- name: process-expirations
description: "Orchestrate options expiration notifications across Snowflake, Bloomberg, Twilio, and Salesforce."
inputParameters:
- name: expiration_date
in: body
type: string
description: "Options expiration date in YYYY-MM-DD."
steps:
- name: get-expiring-positions
type: call
call: "snowflake.query-options"
with:
statement: "SELECT * FROM OPTIONS_POSITIONS WHERE expiration_date = '{{expiration_date}}' AND quantity > 0"
warehouse: "SCHWAB_TRADING_WH"
- name: check-itm-status
type: call
call: "bloomberg.check-options-status"
with:
positions: "{{get-expiring-positions.data}}"
- name: send-notifications
type: call
call: "twilio.send-bulk-sms"
with:
messages: "{{check-itm-status.notifications}}"
from: "+18005407000"
- name: log-notifications
type: call
call: "salesforce.create-activities"
with:
activities: "{{send-notifications.delivery_log}}"
type: "options_expiration_notice"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-options
method: POST
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: options
path: "/options/itm-check"
operations:
- name: check-options-status
method: POST
- type: http
namespace: twilio
baseUri: "https://api.twilio.com/2010-04-01/Accounts/$secrets.twilio_account_sid"
authentication:
type: basic
username: "$secrets.twilio_account_sid"
password: "$secrets.twilio_auth_token"
resources:
- name: messages
path: "/Messages.json"
operations:
- name: send-bulk-sms
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: activities
path: "/sobjects/Activity__c"
operations:
- name: create-activities
method: POST
PagerDuty On-Call Schedule Lookup
▼
incident-management on-call pagerduty
Retrieves the current on-call schedule from PagerDuty for Schwab trading platform engineering teams.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Lookup"
description: "Retrieves the current on-call schedule from PagerDuty for Schwab trading platform engineering teams."
tags:
- incident-management
- on-call
- pagerduty
capability:
exposes:
- type: mcp
namespace: oncall-management
port: 8080
tools:
- name: get-oncall
description: "Fetch current on-call engineers from PagerDuty."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID."
call: "pagerduty.get-oncall"
with:
schedule_ids: "{{schedule_id}}"
outputParameters:
- name: oncall_user
type: string
mapping: "$.oncalls[0].user.summary"
- name: escalation_level
type: integer
mapping: "$.oncalls[0].escalation_level"
- name: start
type: string
mapping: "$.oncalls[0].start"
- name: end
type: string
mapping: "$.oncalls[0].end"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
Palo Alto Networks Firewall Auditor
▼
security compliance palo-alto-networks
Retrieves firewall rules from Palo Alto Panorama for compliance auditing of Schwab's network perimeter protecting client data.
naftiko: "0.5"
info:
label: "Palo Alto Networks Firewall Auditor"
description: "Retrieves firewall rules from Palo Alto Panorama for compliance auditing of Schwab's network perimeter protecting client data."
tags:
- security
- compliance
- palo-alto-networks
capability:
exposes:
- type: mcp
namespace: network-security
port: 8080
tools:
- name: audit-firewall-rules
description: "Fetch firewall security policies from Palo Alto Panorama."
inputParameters:
- name: device_group
in: body
type: string
description: "Device group."
call: "paloalto.get-security-rules"
with:
device_group: "{{device_group}}"
outputParameters:
- name: rules
type: array
mapping: "$.result.entry"
- name: total_rules
type: integer
mapping: "$.result.@count"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.schwab.com/restapi/v10.2"
authentication:
type: apiKey
key: "$secrets.paloalto_api_key"
resources:
- name: security-rules
path: "/Policies/SecurityRules"
operations:
- name: get-security-rules
method: GET
Platform Incident Response Orchestrator
▼
incident-response datadog jira pagerduty microsoft-teams
On critical trading platform incident, queries Datadog for service health, creates a Jira incident, pages on-call via PagerDuty, and posts a status update to Microsoft Teams.
naftiko: "0.5"
info:
label: "Platform Incident Response Orchestrator"
description: "On critical trading platform incident, queries Datadog for service health, creates a Jira incident, pages on-call via PagerDuty, and posts a status update to Microsoft Teams."
tags:
- incident-response
- datadog
- jira
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: incident-response
port: 8080
tools:
- name: trigger-incident-response
description: "Orchestrate incident response across Datadog, Jira, PagerDuty, and Teams."
inputParameters:
- name: service_name
in: body
type: string
description: "Affected service name."
- name: severity
in: body
type: string
description: "Incident severity (P1, P2, P3)."
- name: description
in: body
type: string
description: "Incident description."
steps:
- name: get-service-health
type: call
call: "datadog.get-service-status"
with:
service: "{{service_name}}"
- name: create-incident-ticket
type: call
call: "jira.create-issue"
with:
project: "INCIDENT"
summary: "{{severity}} - {{service_name}}: {{description}}"
description: "Service: {{service_name}}\nSeverity: {{severity}}\nDatadog Status: {{get-service-health.status}}\nDescription: {{description}}"
issuetype: "Incident"
priority: "{{severity}}"
- name: page-oncall
type: call
call: "pagerduty.create-incident"
with:
service_id: "{{service_name}}"
title: "{{severity}} - {{service_name}}: {{description}}"
body: "Jira: {{create-incident-ticket.key}}"
- name: post-status
type: call
call: "msteams.send-channel-message"
with:
team_id: "trading-platform-team"
channel: "incidents"
text: "{{severity}} INCIDENT: {{service_name}} - {{description}}. Jira: {{create-incident-ticket.key}}. On-call paged."
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: services
path: "/check_run"
operations:
- name: get-service-status
method: GET
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
Pluralsight Financial Advisor Training
▼
training licensing pluralsight
Assigns Series 7, Series 66, and CFP study courses in Pluralsight to financial advisors.
naftiko: "0.5"
info:
label: "Pluralsight Financial Advisor Training"
description: "Assigns Series 7, Series 66, and CFP study courses in Pluralsight to financial advisors."
tags:
- training
- licensing
- pluralsight
capability:
exposes:
- type: mcp
namespace: advisor-training
port: 8080
tools:
- name: assign-licensing-course
description: "Assign a licensing preparation course in Pluralsight."
inputParameters:
- name: user_email
in: body
type: string
description: "Advisor email."
- name: path_id
in: body
type: string
description: "Learning path ID."
- name: due_date
in: body
type: string
description: "Due date."
call: "pluralsight.assign-path"
with:
email: "{{user_email}}"
path_id: "{{path_id}}"
due_date: "{{due_date}}"
outputParameters:
- name: assignment_id
type: string
mapping: "$.id"
consumes:
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/api/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: assignments
path: "/learning-paths/{{path_id}}/assignments"
inputParameters:
- name: path_id
in: path
operations:
- name: assign-path
method: POST
Portfolio Holdings Analyzer
▼
portfolio analytics snowflake
Retrieves client portfolio holdings from Snowflake, calculates asset allocation percentages, and returns a summary with sector exposure.
naftiko: "0.5"
info:
label: "Portfolio Holdings Analyzer"
description: "Retrieves client portfolio holdings from Snowflake, calculates asset allocation percentages, and returns a summary with sector exposure."
tags:
- portfolio
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: portfolio-analytics
port: 8080
tools:
- name: analyze-portfolio
description: "Fetch client portfolio holdings from Snowflake and return asset allocation and sector exposure summary."
inputParameters:
- name: account_number
in: body
type: string
description: "Schwab account number."
- name: as_of_date
in: body
type: string
description: "Date for the snapshot in YYYY-MM-DD."
call: "snowflake.run-query"
with:
query: "SELECT h.symbol, h.quantity, h.market_value, s.sector, s.asset_class, ROUND(h.market_value / SUM(h.market_value) OVER() * 100, 2) as allocation_pct FROM portfolio_holdings h JOIN security_master s ON h.symbol = s.symbol WHERE h.account_number='{{account_number}}' AND h.as_of_date='{{as_of_date}}' ORDER BY h.market_value DESC"
outputParameters:
- name: holdings
type: array
mapping: "$.data"
- name: total_positions
type: integer
mapping: "$.resultSetMetaData.numRows"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Postman Trading API Test Suite
▼
qa api-testing postman
Runs Postman test collections for Schwab's trading and account management APIs.
naftiko: "0.5"
info:
label: "Postman Trading API Test Suite"
description: "Runs Postman test collections for Schwab's trading and account management APIs."
tags:
- qa
- api-testing
- postman
capability:
exposes:
- type: mcp
namespace: api-testing
port: 8080
tools:
- name: run-api-tests
description: "Execute a Postman API test collection."
inputParameters:
- name: collection_id
in: body
type: string
description: "Collection UID."
- name: environment_id
in: body
type: string
description: "Environment UID."
call: "postman.run-collection"
with:
collection: "{{collection_id}}"
environment: "{{environment_id}}"
outputParameters:
- name: total_tests
type: integer
mapping: "$.run.stats.tests.total"
- name: failed_tests
type: integer
mapping: "$.run.stats.tests.failed"
consumes:
- type: http
namespace: postman
baseUri: "https://api.getpostman.com"
authentication:
type: apiKey
key: "$secrets.postman_api_key"
resources:
- name: collection-runs
path: "/monitors/{{collection_id}}/run"
inputParameters:
- name: collection_id
in: path
operations:
- name: run-collection
method: POST
Power BI Client Portfolio Dashboard
▼
analytics portfolio power-bi
Triggers a refresh of the Power BI client portfolio analytics dashboard used by financial advisors.
naftiko: "0.5"
info:
label: "Power BI Client Portfolio Dashboard"
description: "Triggers a refresh of the Power BI client portfolio analytics dashboard used by financial advisors."
tags:
- analytics
- portfolio
- power-bi
capability:
exposes:
- type: mcp
namespace: portfolio-reporting
port: 8080
tools:
- name: refresh-portfolio-dashboard
description: "Trigger a Power BI dataset refresh for the portfolio analytics dashboard."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID."
call: "powerbi.trigger-refresh"
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: request_id
type: string
mapping: "$.requestId"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Prometheus Trading Latency Metrics
▼
monitoring performance prometheus
Queries Prometheus for trading platform latency metrics including order execution time, API response times, and queue depth.
naftiko: "0.5"
info:
label: "Prometheus Trading Latency Metrics"
description: "Queries Prometheus for trading platform latency metrics including order execution time, API response times, and queue depth."
tags:
- monitoring
- performance
- prometheus
capability:
exposes:
- type: mcp
namespace: latency-metrics
port: 8080
tools:
- name: query-latency
description: "Query Prometheus for trading latency metrics."
inputParameters:
- name: promql
in: body
type: string
description: "PromQL query expression."
- name: time_range
in: body
type: string
description: "Time range (e.g., 1h, 6h, 24h)."
call: "prometheus.query-range"
with:
query: "{{promql}}"
duration: "{{time_range}}"
outputParameters:
- name: result
type: array
mapping: "$.data.result"
consumes:
- type: http
namespace: prometheus
baseUri: "https://prometheus.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.prometheus_token"
resources:
- name: query
path: "/query_range"
operations:
- name: query-range
method: POST
Qlik Sense Revenue Analytics Dashboard
▼
analytics revenue qlik-sense
Triggers a reload of the Qlik Sense revenue analytics app tracking advisory fees, commission revenue, and net new assets.
naftiko: "0.5"
info:
label: "Qlik Sense Revenue Analytics Dashboard"
description: "Triggers a reload of the Qlik Sense revenue analytics app tracking advisory fees, commission revenue, and net new assets."
tags:
- analytics
- revenue
- qlik-sense
capability:
exposes:
- type: mcp
namespace: revenue-analytics
port: 8080
tools:
- name: reload-revenue-dashboard
description: "Trigger a Qlik Sense app reload for revenue analytics."
inputParameters:
- name: app_id
in: body
type: string
description: "Qlik Sense app ID."
call: "qlik.reload-app"
with:
app_id: "{{app_id}}"
outputParameters:
- name: reload_id
type: string
mapping: "$.id"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: qlik
baseUri: "https://schwab.us.qlikcloud.com/api/v1"
authentication:
type: bearer
token: "$secrets.qlik_api_key"
resources:
- name: reloads
path: "/reloads"
operations:
- name: reload-app
method: POST
Quarterly Client Statement Pipeline
▼
statements reporting snowflake crystal-reports amazon-s3 salesforce
Generates quarterly client statements by querying Snowflake for account data, rendering PDF via Crystal Reports, uploading to Amazon S3, and logging delivery in Salesforce.
naftiko: "0.5"
info:
label: "Quarterly Client Statement Pipeline"
description: "Generates quarterly client statements by querying Snowflake for account data, rendering PDF via Crystal Reports, uploading to Amazon S3, and logging delivery in Salesforce."
tags:
- statements
- reporting
- snowflake
- crystal-reports
- amazon-s3
- salesforce
capability:
exposes:
- type: mcp
namespace: client-statements
port: 8080
tools:
- name: generate-statement
description: "Orchestrate quarterly statement generation across Snowflake, Crystal Reports, S3, and Salesforce."
inputParameters:
- name: account_id
in: body
type: string
description: "Client account ID."
- name: quarter
in: body
type: string
description: "Quarter identifier (e.g., 2026-Q1)."
steps:
- name: get-account-data
type: call
call: "snowflake.query-statement-data"
with:
statement: "SELECT * FROM STATEMENT_DATA WHERE account_id = '{{account_id}}' AND quarter = '{{quarter}}'"
warehouse: "SCHWAB_REPORTING_WH"
- name: render-pdf
type: call
call: "crystalreports.generate-report"
with:
template: "quarterly-statement"
data: "{{get-account-data.data}}"
- name: upload-statement
type: call
call: "s3.put-object"
with:
bucket: "schwab-client-statements"
key: "{{quarter}}/{{account_id}}/statement.pdf"
body: "{{render-pdf.document}}"
- name: log-delivery
type: call
call: "salesforce.create-task"
with:
account_id: "{{account_id}}"
subject: "Q{{quarter}} statement generated"
description: "Statement uploaded to S3: {{upload-statement.url}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-statement-data
method: POST
- type: http
namespace: crystalreports
baseUri: "https://crystal-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.crystal_reports_token"
resources:
- name: reports
path: "/render"
operations:
- name: generate-report
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
Quarterly Earnings Report Orchestrator
▼
investor-relations earnings snowflake tableau sharepoint
Compiles quarterly earnings data from Snowflake, generates visualizations in Tableau, creates the investor relations deck in Google Slides, and publishes to the investor portal via SharePoint.
naftiko: "0.5"
info:
label: "Quarterly Earnings Report Orchestrator"
description: "Compiles quarterly earnings data from Snowflake, generates visualizations in Tableau, creates the investor relations deck in Google Slides, and publishes to the investor portal via SharePoint."
tags:
- investor-relations
- earnings
- snowflake
- tableau
- sharepoint
capability:
exposes:
- type: mcp
namespace: earnings-reporting
port: 8080
tools:
- name: compile-earnings-report
description: "Orchestrate quarterly earnings report across Snowflake, Tableau, and SharePoint."
inputParameters:
- name: quarter
in: body
type: string
description: "Quarter identifier (e.g., 2026-Q1)."
steps:
- name: get-financials
type: call
call: "snowflake.query-financials"
with:
statement: "SELECT * FROM QUARTERLY_FINANCIALS WHERE quarter = '{{quarter}}'"
warehouse: "SCHWAB_FINANCE_WH"
- name: refresh-dashboards
type: call
call: "tableau.refresh-workbook"
with:
workbook_id: "quarterly-earnings"
datasource: "{{get-financials.datasource_id}}"
- name: generate-deck
type: call
call: "googleslides.create-presentation"
with:
template_id: "earnings-deck-template"
data: "{{get-financials.data}}"
title: "Schwab Q{{quarter}} Earnings"
- name: publish-portal
type: call
call: "sharepoint.upload-file"
with:
site_id: "investor-relations"
path: "Earnings/{{quarter}}/earnings-deck.pptx"
content: "{{generate-deck.file}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-financials
method: POST
- type: http
namespace: tableau
baseUri: "https://tableau.schwab.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: workbooks
path: "/sites/default/workbooks/{{workbook_id}}/refresh"
inputParameters:
- name: workbook_id
in: path
operations:
- name: refresh-workbook
method: POST
- type: http
namespace: googleslides
baseUri: "https://slides.googleapis.com/v1"
authentication:
type: bearer
token: "$secrets.google_slides_token"
resources:
- name: presentations
path: "/presentations"
operations:
- name: create-presentation
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{path}}:/content"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: upload-file
method: PUT
Redis Session Cache Lookup
▼
caching session-management redis
Queries the Redis session cache to retrieve active client session data for the Schwab trading platform.
naftiko: "0.5"
info:
label: "Redis Session Cache Lookup"
description: "Queries the Redis session cache to retrieve active client session data for the Schwab trading platform."
tags:
- caching
- session-management
- redis
capability:
exposes:
- type: mcp
namespace: session-cache
port: 8080
tools:
- name: get-session
description: "Look up an active client session from Redis."
inputParameters:
- name: session_id
in: body
type: string
description: "Client session identifier."
call: "redis.get-key"
with:
key: "session:{{session_id}}"
outputParameters:
- name: client_id
type: string
mapping: "$.client_id"
- name: last_activity
type: string
mapping: "$.last_activity"
- name: session_ttl
type: integer
mapping: "$.ttl"
consumes:
- type: http
namespace: redis
baseUri: "https://schwab-redis.internal.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.redis_api_token"
resources:
- name: keys
path: "/get/{{key}}"
inputParameters:
- name: key
in: path
operations:
- name: get-key
method: GET
Regulatory Exam Preparation Orchestrator
▼
regulatory examination snowflake splunk box jira
Prepares for SEC/FINRA examinations by gathering compliance data from Snowflake, pulling audit logs from Splunk, compiling documents in Box, and creating a preparation checklist in Jira.
naftiko: "0.5"
info:
label: "Regulatory Exam Preparation Orchestrator"
description: "Prepares for SEC/FINRA examinations by gathering compliance data from Snowflake, pulling audit logs from Splunk, compiling documents in Box, and creating a preparation checklist in Jira."
tags:
- regulatory
- examination
- snowflake
- splunk
- box
- jira
capability:
exposes:
- type: mcp
namespace: exam-preparation
port: 8080
tools:
- name: prepare-exam-materials
description: "Orchestrate regulatory exam preparation across Snowflake, Splunk, Box, and Jira."
inputParameters:
- name: exam_type
in: body
type: string
description: "Examination type (sec-audit, finra-cycle, state-exam)."
- name: exam_date
in: body
type: string
description: "Scheduled examination date."
steps:
- name: gather-compliance-data
type: call
call: "snowflake.query-compliance"
with:
statement: "SELECT * FROM COMPLIANCE_METRICS WHERE report_date >= DATEADD(year, -2, CURRENT_DATE)"
warehouse: "SCHWAB_COMPLIANCE_WH"
- name: pull-audit-logs
type: call
call: "splunk.search"
with:
query: "index=audit_trail earliest=-2y | stats count by action_type, department"
- name: compile-documents
type: call
call: "box.create-folder"
with:
parent_folder_id: "exam_materials"
name: "{{exam_type}}_{{exam_date}}"
- name: create-checklist
type: call
call: "jira.create-issue"
with:
project: "COMPLIANCE"
summary: "Exam prep: {{exam_type}} - {{exam_date}}"
description: "Compliance data: {{gather-compliance-data.record_count}} records. Audit logs: {{pull-audit-logs.event_count}} events. Documents: {{compile-documents.url}}."
issuetype: "Task"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-compliance
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.schwab.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: box
baseUri: "https://api.box.com/2.0"
authentication:
type: bearer
token: "$secrets.box_access_token"
resources:
- name: folders
path: "/folders"
operations:
- name: create-folder
method: POST
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
RMD Distribution Reminder Pipeline
▼
retirement rmd snowflake twilio salesforce
Identifies clients approaching Required Minimum Distribution deadlines from Snowflake, calculates RMD amounts, sends reminders via email and SMS, and logs outreach in Salesforce.
naftiko: "0.5"
info:
label: "RMD Distribution Reminder Pipeline"
description: "Identifies clients approaching Required Minimum Distribution deadlines from Snowflake, calculates RMD amounts, sends reminders via email and SMS, and logs outreach in Salesforce."
tags:
- retirement
- rmd
- snowflake
- twilio
- salesforce
capability:
exposes:
- type: mcp
namespace: rmd-reminders
port: 8080
tools:
- name: process-rmd-reminders
description: "Orchestrate RMD distribution reminders across Snowflake, Twilio, and Salesforce."
inputParameters:
- name: reminder_days
in: body
type: integer
description: "Days before deadline to send reminder."
steps:
- name: get-rmd-clients
type: call
call: "snowflake.query-rmd"
with:
statement: "SELECT * FROM RMD_SCHEDULE WHERE deadline_date <= DATEADD(day, {{reminder_days}}, CURRENT_DATE) AND distributed = FALSE"
warehouse: "SCHWAB_RETIREMENT_WH"
- name: send-sms-reminders
type: call
call: "twilio.send-bulk-sms"
with:
messages: "{{get-rmd-clients.sms_list}}"
from: "+18005407000"
- name: send-email-reminders
type: call
call: "ses.send-bulk-email"
with:
recipients: "{{get-rmd-clients.email_list}}"
template: "rmd-reminder"
- name: log-outreach
type: call
call: "salesforce.create-bulk-activities"
with:
activities: "{{get-rmd-clients.activity_log}}"
type: "rmd_reminder_sent"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-rmd
method: POST
- type: http
namespace: twilio
baseUri: "https://api.twilio.com/2010-04-01/Accounts/$secrets.twilio_account_sid"
authentication:
type: basic
username: "$secrets.twilio_account_sid"
password: "$secrets.twilio_auth_token"
resources:
- name: messages
path: "/Messages.json"
operations:
- name: send-bulk-sms
method: POST
- type: http
namespace: ses
baseUri: "https://email.us-east-1.amazonaws.com"
authentication:
type: aws-sig-v4
access_key: "$secrets.aws_access_key"
secret_key: "$secrets.aws_secret_key"
resources:
- name: bulk-email
path: "/v2/email/outbound-bulk-emails"
operations:
- name: send-bulk-email
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: activities
path: "/composite/sobjects/Activity__c"
operations:
- name: create-bulk-activities
method: POST
Salesforce Client Relationship Dashboard
▼
crm client-management salesforce
Queries Salesforce for a financial advisor's client book of business with account balances and recent activity.
naftiko: "0.5"
info:
label: "Salesforce Client Relationship Dashboard"
description: "Queries Salesforce for a financial advisor's client book of business with account balances and recent activity."
tags:
- crm
- client-management
- salesforce
capability:
exposes:
- type: mcp
namespace: client-crm
port: 8080
tools:
- name: get-advisor-book
description: "Retrieve a financial advisor's client portfolio from Salesforce."
inputParameters:
- name: advisor_id
in: body
type: string
description: "Advisor Salesforce user ID."
call: "salesforce.query"
with:
q: "SELECT Name, Account_Number__c, Total_Assets__c, Last_Contact_Date__c, Account_Type__c FROM Account WHERE OwnerId = '{{advisor_id}}' AND RecordType.Name = 'Client' ORDER BY Total_Assets__c DESC"
outputParameters:
- name: clients
type: array
mapping: "$.records"
- name: total_clients
type: integer
mapping: "$.totalSize"
consumes:
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: query
path: "/query"
operations:
- name: query
method: GET
SAP Concur Expense Report Processor
▼
finance expenses sap-concur
Retrieves pending expense reports from SAP Concur for financial advisor travel and client event expenses.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Processor"
description: "Retrieves pending expense reports from SAP Concur for financial advisor travel and client event expenses."
tags:
- finance
- expenses
- sap-concur
capability:
exposes:
- type: mcp
namespace: expense-management
port: 8080
tools:
- name: get-pending-expenses
description: "Fetch pending expense reports from SAP Concur."
inputParameters:
- name: approver_id
in: body
type: string
description: "Approver user ID."
call: "concur.get-reports"
with:
approverLoginId: "{{approver_id}}"
status: "SUBMITTED"
outputParameters:
- name: reports
type: array
mapping: "$.Items"
- name: total_amount
type: number
mapping: "$.TotalAmount"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports"
operations:
- name: get-reports
method: GET
Schwab Mobile App Crash Reporter
▼
mobile monitoring new-relic
Retrieves crash reports from New Relic for the Schwab mobile trading application, returning crash rate, affected users, and stack traces.
naftiko: "0.5"
info:
label: "Schwab Mobile App Crash Reporter"
description: "Retrieves crash reports from New Relic for the Schwab mobile trading application, returning crash rate, affected users, and stack traces."
tags:
- mobile
- monitoring
- new-relic
capability:
exposes:
- type: mcp
namespace: mobile-monitoring
port: 8080
tools:
- name: get-crash-reports
description: "Fetch mobile app crash reports from New Relic."
inputParameters:
- name: app_id
in: body
type: string
description: "New Relic mobile application ID."
- name: time_range
in: body
type: string
description: "Time range in hours (e.g., 24, 48, 168)."
call: "newrelic.get-crashes"
with:
application_id: "{{app_id}}"
time_range: "{{time_range}}"
outputParameters:
- name: crash_rate
type: number
mapping: "$.crash_summary.crash_rate"
- name: affected_users
type: integer
mapping: "$.crash_summary.unique_users"
- name: top_crashes
type: array
mapping: "$.crash_summary.top_crashes"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: bearer
token: "$secrets.newrelic_api_key"
resources:
- name: mobile-crashes
path: "/mobile_applications/{{application_id}}/crashes.json"
inputParameters:
- name: application_id
in: path
operations:
- name: get-crashes
method: GET
SEC Regulatory Filing Generator
▼
compliance regulatory sec snowflake sharepoint
Generates SEC regulatory filing data from Snowflake and uploads to SharePoint for legal review before submission.
naftiko: "0.5"
info:
label: "SEC Regulatory Filing Generator"
description: "Generates SEC regulatory filing data from Snowflake and uploads to SharePoint for legal review before submission."
tags:
- compliance
- regulatory
- sec
- snowflake
- sharepoint
capability:
exposes:
- type: mcp
namespace: regulatory-filings
port: 8080
tools:
- name: generate-sec-filing
description: "Generate SEC filing data from Snowflake and upload to SharePoint for review."
inputParameters:
- name: filing_type
in: body
type: string
description: "Filing type (10-K, 10-Q, 8-K, ADV)."
- name: reporting_period
in: body
type: string
description: "Reporting period."
steps:
- name: generate-data
type: call
call: "snowflake.run-query"
with:
query: "CALL generate_sec_filing('{{filing_type}}', '{{reporting_period}}')"
- name: upload-draft
type: call
call: "sharepoint.upload-file"
with:
site_id: "regulatory_filings"
folder_path: "SEC/{{filing_type}}/{{reporting_period}}"
file_name: "{{filing_type}}_draft_{{reporting_period}}.xlsx"
content: "{{generate-data.results}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{folder_path}}/{{file_name}}:/content"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
- name: file_name
in: path
operations:
- name: upload-file
method: PUT
Security Vulnerability Remediation Pipeline
▼
security vulnerability palo-alto-networks jira pagerduty
On vulnerability scan detection, retrieves findings from Palo Alto Networks, creates a Jira remediation ticket, assigns to the service owner via Backstage, and escalates critical items via PagerDuty.
naftiko: "0.5"
info:
label: "Security Vulnerability Remediation Pipeline"
description: "On vulnerability scan detection, retrieves findings from Palo Alto Networks, creates a Jira remediation ticket, assigns to the service owner via Backstage, and escalates critical items via PagerDuty."
tags:
- security
- vulnerability
- palo-alto-networks
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: vuln-remediation
port: 8080
tools:
- name: remediate-vulnerability
description: "Orchestrate vulnerability remediation across Palo Alto, Jira, and PagerDuty."
inputParameters:
- name: scan_id
in: body
type: string
description: "Vulnerability scan ID."
- name: severity
in: body
type: string
description: "Vulnerability severity (critical, high, medium, low)."
steps:
- name: get-findings
type: call
call: "paloalto.get-scan-results"
with:
scan_id: "{{scan_id}}"
- name: create-ticket
type: call
call: "jira.create-issue"
with:
project: "SECOPS"
summary: "Vulnerability: {{get-findings.cve_id}} - {{severity}}"
description: "CVE: {{get-findings.cve_id}}\nSeverity: {{severity}}\nAffected: {{get-findings.affected_hosts}}\nRemediation: {{get-findings.remediation}}"
issuetype: "Bug"
priority: "{{severity}}"
- name: escalate-critical
type: call
call: "pagerduty.create-incident"
with:
service_id: "SECURITY_OPS"
title: "Critical vulnerability: {{get-findings.cve_id}}"
body: "Jira: {{create-ticket.key}}. Affected hosts: {{get-findings.affected_count}}."
consumes:
- type: http
namespace: paloalto
baseUri: "https://prisma.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.prisma_token"
resources:
- name: scans
path: "/scans/{{scan_id}}/results"
inputParameters:
- name: scan_id
in: path
operations:
- name: get-scan-results
method: GET
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
ServiceNow IT Incident Lookup
▼
it-support incident-management servicenow
Retrieves an IT incident from ServiceNow by number and returns current state, assignee, and resolution details.
naftiko: "0.5"
info:
label: "ServiceNow IT Incident Lookup"
description: "Retrieves an IT incident from ServiceNow by number and returns current state, assignee, and resolution details."
tags:
- it-support
- incident-management
- servicenow
capability:
exposes:
- type: mcp
namespace: it-support
port: 8080
tools:
- name: get-incident
description: "Look up a ServiceNow incident by number."
inputParameters:
- name: incident_number
in: body
type: string
description: "Incident number."
call: "servicenow.get-incident"
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result[0].state"
- name: assigned_to
type: string
mapping: "$.result[0].assigned_to.display_value"
- name: short_description
type: string
mapping: "$.result[0].short_description"
consumes:
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
Snowflake Client Activity Report
▼
reporting client-services snowflake
Generates client trading activity reports from Snowflake for quarterly account reviews.
naftiko: "0.5"
info:
label: "Snowflake Client Activity Report"
description: "Generates client trading activity reports from Snowflake for quarterly account reviews."
tags:
- reporting
- client-services
- snowflake
capability:
exposes:
- type: mcp
namespace: client-reporting
port: 8080
tools:
- name: get-client-activity
description: "Query Snowflake for client trading activity summary."
inputParameters:
- name: account_number
in: body
type: string
description: "Account number."
- name: quarter
in: body
type: string
description: "Fiscal quarter."
call: "snowflake.run-query"
with:
query: "SELECT trade_date, symbol, side, quantity, price, total_value FROM trade_history WHERE account_number='{{account_number}}' AND fiscal_quarter='{{quarter}}' ORDER BY trade_date DESC"
outputParameters:
- name: trades
type: array
mapping: "$.data"
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
SolarWinds Data Center Monitoring
▼
infrastructure solarwinds
Monitors Schwab's data center infrastructure health via SolarWinds.
naftiko: "0.5"
info:
label: "SolarWinds Data Center Monitoring"
description: "Monitors Schwab's data center infrastructure health via SolarWinds."
tags:
- infrastructure
- solarwinds
capability:
exposes:
- type: mcp
namespace: dc-monitoring
port: 8080
tools:
- name: get-dc-health
description: "Retrieve data center health from SolarWinds."
inputParameters:
- name: dc_name
in: body
type: string
description: "Data center name."
call: "solarwinds.get-dc-stats"
with:
datacenter: "{{dc_name}}"
outputParameters:
- name: overall_health
type: string
mapping: "$.status"
- name: nodes_up
type: integer
mapping: "$.nodes_available"
consumes:
- type: http
namespace: solarwinds
baseUri: "https://solarwinds.schwab.com/SolarWinds/InformationService/v3/Json"
authentication:
type: basic
username: "$secrets.solarwinds_user"
password: "$secrets.solarwinds_password"
resources:
- name: query
path: "/Query"
operations:
- name: get-dc-stats
method: POST
Splunk Security Event Analyzer
▼
security siem splunk
Searches Splunk for security events related to unauthorized access attempts and suspicious login patterns.
naftiko: "0.5"
info:
label: "Splunk Security Event Analyzer"
description: "Searches Splunk for security events related to unauthorized access attempts and suspicious login patterns."
tags:
- security
- siem
- splunk
capability:
exposes:
- type: mcp
namespace: security-analysis
port: 8080
tools:
- name: search-security-events
description: "Run a Splunk search for security events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk search query (SPL)."
- name: time_range
in: body
type: string
description: "Time range (e.g., -24h, -7d)."
call: "splunk.create-search"
with:
search: "{{search_query}}"
earliest_time: "{{time_range}}"
outputParameters:
- name: search_id
type: string
mapping: "$.sid"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.schwab.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs"
operations:
- name: create-search
method: POST
Suspicious Activity Report Pipeline
▼
compliance aml teradata salesforce servicenow
On AML alert trigger, retrieves transaction history from Teradata, pulls client KYC data from Salesforce, generates a SAR filing, and logs the case in ServiceNow.
naftiko: "0.5"
info:
label: "Suspicious Activity Report Pipeline"
description: "On AML alert trigger, retrieves transaction history from Teradata, pulls client KYC data from Salesforce, generates a SAR filing, and logs the case in ServiceNow."
tags:
- compliance
- aml
- teradata
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: aml-compliance
port: 8080
tools:
- name: process-sar
description: "Orchestrate suspicious activity report generation across Teradata, Salesforce, and ServiceNow."
inputParameters:
- name: alert_id
in: body
type: string
description: "AML alert identifier."
- name: account_id
in: body
type: string
description: "Client account ID."
steps:
- name: get-transactions
type: call
call: "teradata.query-transactions"
with:
query: "SELECT * FROM TRANSACTION_HISTORY WHERE account_id = '{{account_id}}' AND txn_date >= CURRENT_DATE - 90"
- name: get-kyc
type: call
call: "salesforce.get-kyc"
with:
account_id: "{{account_id}}"
- name: generate-sar
type: call
call: "compliance.create-sar"
with:
alert_id: "{{alert_id}}"
account_id: "{{account_id}}"
transaction_summary: "{{get-transactions.summary}}"
kyc_data: "{{get-kyc.data}}"
- name: log-case
type: call
call: "servicenow.create-incident"
with:
short_description: "SAR filed: Alert {{alert_id}} - Account {{account_id}}"
category: "aml_compliance"
assigned_group: "BSA_Compliance"
description: "SAR reference: {{generate-sar.sar_id}}. Alert: {{alert_id}}. Account: {{account_id}}."
consumes:
- type: http
namespace: teradata
baseUri: "https://teradata.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.teradata_token"
resources:
- name: queries
path: "/queries"
operations:
- name: query-transactions
method: POST
- type: http
namespace: salesforce
baseUri: "https://schwab.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: kyc
path: "/sobjects/KYC_Profile__c/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-kyc
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance-api.schwab.com/v1"
authentication:
type: bearer
token: "$secrets.compliance_api_token"
resources:
- name: sar
path: "/sar"
operations:
- name: create-sar
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Tableau Investment Analytics Embed
▼
analytics visualization tableau
Generates a trusted ticket for embedding Tableau investment analytics dashboards in the advisor portal.
naftiko: "0.5"
info:
label: "Tableau Investment Analytics Embed"
description: "Generates a trusted ticket for embedding Tableau investment analytics dashboards in the advisor portal."
tags:
- analytics
- visualization
- tableau
capability:
exposes:
- type: mcp
namespace: investment-analytics
port: 8080
tools:
- name: get-analytics-dashboard
description: "Generate a Tableau trusted ticket for investment analytics."
inputParameters:
- name: username
in: body
type: string
description: "Tableau username."
call: "tableau.get-trusted-ticket"
with:
username: "{{username}}"
outputParameters:
- name: ticket
type: string
mapping: "$"
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.schwab.com"
authentication:
type: basic
username: "$secrets.tableau_admin_user"
password: "$secrets.tableau_admin_password"
resources:
- name: trusted
path: "/trusted"
operations:
- name: get-trusted-ticket
method: POST
Teradata Historical Performance Query
▼
analytics performance teradata
Runs performance analytics queries against the Teradata warehouse for fund historical returns.
naftiko: "0.5"
info:
label: "Teradata Historical Performance Query"
description: "Runs performance analytics queries against the Teradata warehouse for fund historical returns."
tags:
- analytics
- performance
- teradata
capability:
exposes:
- type: mcp
namespace: performance-analytics
port: 8080
tools:
- name: query-fund-performance
description: "Query Teradata for fund historical performance."
inputParameters:
- name: fund_ticker
in: body
type: string
description: "Fund ticker."
- name: period
in: body
type: string
description: "Period."
call: "teradata.run-query"
with:
query: "SELECT ticker, period_return_pct, benchmark_return_pct, alpha, sharpe_ratio FROM fund_performance WHERE ticker='{{fund_ticker}}' AND period='{{period}}'"
outputParameters:
- name: results
type: object
mapping: "$.results[0]"
consumes:
- type: http
namespace: teradata
baseUri: "https://teradata.schwab.com/api/query/v1"
authentication:
type: basic
username: "$secrets.teradata_user"
password: "$secrets.teradata_password"
resources:
- name: queries
path: "/tdrest/systems/schwab_edw/queries"
operations:
- name: run-query
method: POST
Trade Execution Compliance Checker
▼
compliance trading snowflake servicenow
Validates a trade order against compliance rules in Snowflake, checking for restricted securities, concentration limits, and suitability requirements before execution.
naftiko: "0.5"
info:
label: "Trade Execution Compliance Checker"
description: "Validates a trade order against compliance rules in Snowflake, checking for restricted securities, concentration limits, and suitability requirements before execution."
tags:
- compliance
- trading
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: trade-compliance
port: 8080
tools:
- name: check-trade-compliance
description: "Validate a trade against compliance rules and create a ServiceNow exception if violations are found."
inputParameters:
- name: account_number
in: body
type: string
description: "Client account number."
- name: symbol
in: body
type: string
description: "Security symbol."
- name: side
in: body
type: string
description: "Trade side (BUY, SELL)."
- name: quantity
in: body
type: integer
description: "Order quantity."
- name: order_type
in: body
type: string
description: "Order type (MARKET, LIMIT)."
steps:
- name: check-rules
type: call
call: "snowflake.run-query"
with:
query: "CALL check_trade_compliance('{{account_number}}', '{{symbol}}', '{{side}}', {{quantity}}, '{{order_type}}')"
- name: create-exception
type: call
call: "servicenow.create-incident"
with:
short_description: "Trade compliance exception: {{symbol}} {{side}} {{quantity}} for account {{account_number}}"
category: "compliance"
urgency: "high"
description: "Trade compliance check results: {{check-rules.results}}. Account: {{account_number}}, Symbol: {{symbol}}, Side: {{side}}, Qty: {{quantity}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://schwab.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Trade Failure Resolution Pipeline
▼
trade-operations settlement calypso bloomberg jira pagerduty
On trade settlement failure, retrieves trade details from Calypso, checks counterparty status in Bloomberg, creates a Jira ticket for operations, and escalates via PagerDuty.
naftiko: "0.5"
info:
label: "Trade Failure Resolution Pipeline"
description: "On trade settlement failure, retrieves trade details from Calypso, checks counterparty status in Bloomberg, creates a Jira ticket for operations, and escalates via PagerDuty."
tags:
- trade-operations
- settlement
- calypso
- bloomberg
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: trade-failure
port: 8080
tools:
- name: resolve-trade-failure
description: "Orchestrate trade failure resolution across Calypso, Bloomberg, Jira, and PagerDuty."
inputParameters:
- name: trade_id
in: body
type: string
description: "Failed trade identifier."
- name: failure_reason
in: body
type: string
description: "Settlement failure reason code."
steps:
- name: get-trade
type: call
call: "calypso.get-trade"
with:
trade_id: "{{trade_id}}"
- name: check-counterparty
type: call
call: "bloomberg.get-counterparty"
with:
counterparty_id: "{{get-trade.counterparty_id}}"
- name: create-jira
type: call
call: "jira.create-issue"
with:
project: "TRADEOPS"
summary: "Settlement failure: {{trade_id}} - {{failure_reason}}"
description: "Trade: {{trade_id}}\nCounterparty: {{check-counterparty.name}}\nAmount: {{get-trade.settlement_amount}}\nFailure: {{failure_reason}}"
issuetype: "Incident"
- name: escalate
type: call
call: "pagerduty.create-incident"
with:
service_id: "TRADE_SETTLEMENT"
title: "Trade settlement failure: {{trade_id}}"
body: "Jira: {{create-jira.key}}. Counterparty: {{check-counterparty.name}}."
consumes:
- type: http
namespace: calypso
baseUri: "https://calypso.schwab.com/api/v1"
authentication:
type: bearer
token: "$secrets.calypso_token"
resources:
- name: trades
path: "/trades/{{trade_id}}"
inputParameters:
- name: trade_id
in: path
operations:
- name: get-trade
method: GET
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: counterparties
path: "/counterparties/{{counterparty_id}}"
inputParameters:
- name: counterparty_id
in: path
operations:
- name: get-counterparty
method: GET
- type: http
namespace: jira
baseUri: "https://schwab.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
Twilio Client SMS Notification Sender
▼
notifications sms twilio
Sends SMS notifications to Schwab clients via Twilio for trade confirmations, account alerts, and security notifications.
naftiko: "0.5"
info:
label: "Twilio Client SMS Notification Sender"
description: "Sends SMS notifications to Schwab clients via Twilio for trade confirmations, account alerts, and security notifications."
tags:
- notifications
- sms
- twilio
capability:
exposes:
- type: mcp
namespace: client-notifications
port: 8080
tools:
- name: send-sms
description: "Send an SMS notification to a client via Twilio."
inputParameters:
- name: phone_number
in: body
type: string
description: "Client phone number in E.164 format."
- name: message
in: body
type: string
description: "SMS message body."
call: "twilio.send-message"
with:
To: "{{phone_number}}"
Body: "{{message}}"
From: "+18005407000"
outputParameters:
- name: message_sid
type: string
mapping: "$.sid"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: twilio
baseUri: "https://api.twilio.com/2010-04-01/Accounts/$secrets.twilio_account_sid"
authentication:
type: basic
username: "$secrets.twilio_account_sid"
password: "$secrets.twilio_auth_token"
resources:
- name: messages
path: "/Messages.json"
operations:
- name: send-message
method: POST
WebSphere Legacy Account System Monitor
▼
infrastructure websphere
Monitors WebSphere servers running legacy account management systems.
naftiko: "0.5"
info:
label: "WebSphere Legacy Account System Monitor"
description: "Monitors WebSphere servers running legacy account management systems."
tags:
- infrastructure
- websphere
capability:
exposes:
- type: mcp
namespace: legacy-health
port: 8080
tools:
- name: check-legacy-server
description: "Query WebSphere for legacy server health."
inputParameters:
- name: server_name
in: body
type: string
description: "Server name."
call: "websphere.get-server-status"
with:
server: "{{server_name}}"
outputParameters:
- name: status
type: string
mapping: "$.state"
- name: heap_usage_pct
type: number
mapping: "$.jvm.heap_usage_pct"
consumes:
- type: http
namespace: websphere
baseUri: "https://websphere-admin.schwab.com/IBMJMXConnectorREST"
authentication:
type: basic
username: "$secrets.websphere_admin_user"
password: "$secrets.websphere_admin_password"
resources:
- name: servers
path: "/mbeans/WebSphere:type=Server,name={{server}}"
inputParameters:
- name: server
in: path
operations:
- name: get-server-status
method: GET
Wire Transfer Approval Orchestrator
▼
wire-transfer fraud-detection splunk servicenow microsoft-teams
Processes wire transfer requests by validating the account in the core banking system, running fraud checks via Splunk, creating an approval task in ServiceNow, and notifying the operations team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Wire Transfer Approval Orchestrator"
description: "Processes wire transfer requests by validating the account in the core banking system, running fraud checks via Splunk, creating an approval task in ServiceNow, and notifying the operations team via Microsoft Teams."
tags:
- wire-transfer
- fraud-detection
- splunk
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: wire-transfers
port: 8080
tools:
- name: process-wire-transfer
description: "Orchestrate wire transfer approval across banking system, Splunk, ServiceNow, and Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "Source account ID."
- name: amount
in: body
type: number
description: "Wire transfer amount."
- name: beneficiary_bank
in: body
type: string
description: "Beneficiary bank routing number."
steps:
- name: validate-account
type: call
call: "banking.validate-wire"
with:
account_id: "{{account_id}}"
amount: "{{amount}}"
- name: fraud-check
type: call
call: "splunk.search"
with:
query: "index=fraud_alerts account_id={{account_id}} earliest=-30d | stats count as fraud_count"
- name: create-approval
type: call
call: "servicenow.create-change"
with:
short_description: "Wire transfer: {{account_id}} - ${{amount}}"
category: "wire_transfer"
assigned_group: "Wire_Operations"
description: "Amount: ${{amount}}\nBeneficiary bank: {{beneficiary_bank}}\nFraud alerts (30d): {{fraud-check.fraud_count}}\nAccount status: {{validate-account.status}}"
- name: notify-ops
type: call
call: "msteams.send-channel-message"
with:
team_id: "operations"
channel: "wire-transfers"
text: "Wire transfer pending: {{account_id}}, ${{amount}}. Approval: {{create-approval.number}}. Fraud alerts: {{fraud-check.fraud_count}}."
consumes:
- type: http
namespace: banking
baseUri: "https://core-banking.schwab.com/api/v2"
authentication:
type: bearer
token: "$secrets.banking_api_token"
resources:
- name: wires
path: "/wire-validation"
operations:
- name: validate-wire
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.schwab.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel
in: path
operations:
- name: send-channel-message
method: POST
Workday Employee Directory
▼
hr directory workday
Searches the Workday employee directory for financial advisors and support staff.
naftiko: "0.5"
info:
label: "Workday Employee Directory"
description: "Searches the Workday employee directory for financial advisors and support staff."
tags:
- hr
- directory
- workday
capability:
exposes:
- type: mcp
namespace: hr-directory
port: 8080
tools:
- name: search-employees
description: "Search for employees in Workday."
inputParameters:
- name: search_term
in: body
type: string
description: "Search term."
call: "workday.search-workers"
with:
search: "{{search_term}}"
outputParameters:
- name: employees
type: array
mapping: "$.workers"
- name: total_count
type: integer
mapping: "$.total"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
operations:
- name: search-workers
method: GET
Workday Employee Onboarding Pipeline
▼
hr onboarding workday servicenow microsoft-teams
On new hire in Workday, provisions IT access via ServiceNow, creates a SharePoint folder, and sends a Teams welcome.
naftiko: "0.5"
info:
label: "Workday Employee Onboarding Pipeline"
description: "On new hire in Workday, provisions IT access via ServiceNow, creates a SharePoint folder, and sends a Teams welcome."
tags:
- hr
- onboarding
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Orchestrate employee onboarding across Workday, ServiceNow, and Teams."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID."
- name: start_date
in: body
type: string
description: "Start date."
- name: department
in: body
type: string
description: "Department."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: create-it-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "IT onboarding: {{get-employee.full_name}}"
category: "onboarding"
assigned_group: "IT_Provisioning"
description: "Provision workstation, trading system access, and compliance training for {{get-employee.full_name}} starting {{start_date}} in {{department}}."
- name: send-welcome
type: call
call: "msteams.send-message"
with:
channel_id: "{{department}}_team"
text: "Welcome to Schwab, {{get-employee.first_name}}! IT ticket: {{create-it-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://schwab.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Zoom Client Consultation Scheduler
▼
client-services meetings zoom microsoft-outlook
Creates a Zoom meeting for a client-advisor consultation and sends calendar invites.
naftiko: "0.5"
info:
label: "Zoom Client Consultation Scheduler"
description: "Creates a Zoom meeting for a client-advisor consultation and sends calendar invites."
tags:
- client-services
- meetings
- zoom
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: client-meetings
port: 8080
tools:
- name: schedule-consultation
description: "Create a Zoom meeting for a client consultation and send Outlook invites."
inputParameters:
- name: client_name
in: body
type: string
description: "Client name."
- name: advisor_email
in: body
type: string
description: "Advisor email."
- name: client_email
in: body
type: string
description: "Client email."
- name: date_time
in: body
type: string
description: "Meeting date/time in ISO 8601."
- name: topic
in: body
type: string
description: "Meeting topic."
steps:
- name: create-meeting
type: call
call: "zoom.create-meeting"
with:
topic: "{{topic}} - {{client_name}}"
start_time: "{{date_time}}"
duration: 60
type: 2
- name: send-invite
type: call
call: "outlook.create-event"
with:
subject: "{{topic}} - {{client_name}}"
start_time: "{{date_time}}"
body: "Join Zoom: {{create-meeting.join_url}}"
attendees: "{{advisor_email}},{{client_email}}"
consumes:
- type: http
namespace: zoom
baseUri: "https://api.zoom.us/v2"
authentication:
type: bearer
token: "$secrets.zoom_token"
resources:
- name: meetings
path: "/users/me/meetings"
operations:
- name: create-meeting
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: events
path: "/me/events"
operations:
- name: create-event
method: POST