Citi Capabilities
Naftiko 0.5 capability definitions for Citi - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
AI-Assisted Regulatory Document Summarizer
▼
ai sharepoint anthropic microsoft-teams compliance regulatory
When a new regulatory document is uploaded to SharePoint, uses the Anthropic API to generate an executive summary and action item list, posting the output to the compliance Microsoft Teams channel.
naftiko: "0.5"
info:
label: "AI-Assisted Regulatory Document Summarizer"
description: "When a new regulatory document is uploaded to SharePoint, uses the Anthropic API to generate an executive summary and action item list, posting the output to the compliance Microsoft Teams channel."
tags:
- ai
- sharepoint
- anthropic
- microsoft-teams
- compliance
- regulatory
capability:
exposes:
- type: mcp
namespace: reg-doc-ai
port: 8080
tools:
- name: summarize-regulatory-document
description: "Given a SharePoint document ID for a new regulatory filing or guidance update, retrieve the document text and use Claude to generate an executive summary with required action items, then post to the compliance Teams channel."
inputParameters:
- name: document_id
in: body
type: string
description: "The SharePoint document unique ID."
- name: site_id
in: body
type: string
description: "The SharePoint site ID where the regulatory document is stored."
- name: document_title
in: body
type: string
description: "The title of the regulatory document."
steps:
- name: get-document
type: call
call: sharepoint.get-document-content
with:
site_id: "{{site_id}}"
document_id: "{{document_id}}"
- name: generate-summary
type: call
call: anthropic.create-message
with:
model: "claude-3-5-sonnet-20241022"
prompt: "You are a financial regulatory compliance analyst. Summarize the following regulatory document for executive review. Include: 1) Key requirements, 2) Compliance deadlines, 3) Required action items for a global bank. Document: {{get-document.content}}"
- name: post-summary
type: call
call: msteams.post-reg-summary
with:
channel_id: "compliance-team"
text: "Regulatory Document Summary: {{document_title}}\n\n{{generate-summary.content}}"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: document-content
path: "/sites/{{site_id}}/drive/items/{{document_id}}/content"
inputParameters:
- name: site_id
in: path
- name: document_id
in: path
operations:
- name: get-document-content
method: GET
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: compliance-messages
path: "/teams/compliance/channels/general/messages"
operations:
- name: post-reg-summary
method: POST
AML Transaction Monitoring Alert
▼
banking aml compliance snowflake servicenow
When an AML alert fires, enriches the transaction from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer via Teams.
naftiko: "0.5"
info:
label: "AML Transaction Monitoring Alert"
description: "When an AML alert fires, enriches the transaction from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer via Teams."
tags:
- banking
- aml
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: aml-ops
port: 8080
tools:
- name: handle-aml-alert
description: "Given a transaction ID and alert type, enrich from Snowflake, create a SAR investigation in ServiceNow, and notify the BSA officer."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Transaction ID."
- name: alert_type
in: body
type: string
description: "AML alert type."
- name: bsa_officer_upn
in: body
type: string
description: "BSA officer UPN."
steps:
- name: enrich-txn
type: call
call: snowflake.get-transaction
with:
transaction_id: "{{transaction_id}}"
- name: create-sar
type: call
call: snow.create-sar
with:
short_description: "AML Alert: {{transaction_id}} — {{alert_type}}"
description: "Amount: {{enrich-txn.amount}} | Customer: {{enrich-txn.customer_name}}"
- name: notify-bsa
type: call
call: msteams.send-message
with:
recipient_upn: "{{bsa_officer_upn}}"
text: "AML alert: {{transaction_id}} — {{alert_type}}. Amount: {{enrich-txn.amount}}. SAR: {{create-sar.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-transaction
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: sar
path: "/table/u_sar_investigation"
operations:
- name: create-sar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
AML Transaction Monitoring Workflow
▼
banking aml compliance snowflake servicenow
When an AML alert fires, enriches from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer.
naftiko: "0.5"
info:
label: "AML Transaction Monitoring Workflow"
description: "When an AML alert fires, enriches from Snowflake, creates a SAR investigation in ServiceNow, and notifies the BSA officer."
tags:
- banking
- aml
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: aml-ops
port: 8080
tools:
- name: handle-aml-alert
description: "Given a transaction ID and alert type, enrich from Snowflake, create a SAR in ServiceNow, and notify BSA."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Transaction ID."
- name: alert_type
in: body
type: string
description: "Alert type."
- name: bsa_upn
in: body
type: string
description: "BSA officer UPN."
steps:
- name: enrich
type: call
call: snowflake.get-transaction
with:
transaction_id: "{{transaction_id}}"
- name: create-sar
type: call
call: snow.create-sar
with:
short_description: "AML: {{transaction_id}} — {{alert_type}}"
description: "Amount: {{enrich.amount}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{bsa_upn}}"
text: "AML: {{transaction_id}} — {{alert_type}}. Amount: {{enrich.amount}}. SAR: {{create-sar.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-transaction
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: sar
path: "/table/u_sar_investigation"
operations:
- name: create-sar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Azure DevOps Build Status Lookup
▼
banking devops azure-devops cicd lookup
Retrieves the latest build run for an Azure DevOps pipeline, returning status and result.
naftiko: "0.5"
info:
label: "Azure DevOps Build Status Lookup"
description: "Retrieves the latest build run for an Azure DevOps pipeline, returning status and result."
tags:
- banking
- devops
- azure-devops
- cicd
- lookup
capability:
exposes:
- type: mcp
namespace: cicd-ops
port: 8080
tools:
- name: get-build-status
description: "Given an Azure DevOps project and pipeline ID, return the latest build status and result."
inputParameters:
- name: project
in: body
type: string
description: "Azure DevOps project name."
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
call: azdo.get-run
with:
project: "{{project}}"
pipelineId: "{{pipeline_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].state"
- name: result
type: string
mapping: "$.value[0].result"
consumes:
- namespace: azdo
type: http
baseUri: "https://dev.azure.com/citi"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: cicd-ops
path: "/{{id}}"
operations:
- name: get-run
method: GET
Azure Kubernetes Cluster Scaling Handler
▼
banking devops kubernetes azure datadog
Responds to AKS scaling alerts by checking Datadog metrics, triggering node pool scaling via Azure, and notifying the platform team in Teams.
naftiko: "0.5"
info:
label: "Azure Kubernetes Cluster Scaling Handler"
description: "Responds to AKS scaling alerts by checking Datadog metrics, triggering node pool scaling via Azure, and notifying the platform team in Teams."
tags:
- banking
- devops
- kubernetes
- azure
- datadog
capability:
exposes:
- type: mcp
namespace: platform-ops
port: 8080
tools:
- name: handle-aks-scaling
description: "Given an AKS cluster name and CPU utilization, check Datadog metrics, scale Azure node pool, and notify platform team in Teams."
inputParameters:
- name: cluster_name
in: body
type: string
description: "AKS cluster name."
- name: cpu_utilization
in: body
type: number
description: "CPU utilization percentage."
- name: platform_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: check-metrics
type: call
call: datadog.get-cluster-metrics
with:
cluster: "{{cluster_name}}"
- name: scale-nodes
type: call
call: azure.scale-nodepool
with:
cluster: "{{cluster_name}}"
- name: notify-team
type: call
call: msteams.post-channel
with:
channel_id: "{{platform_channel_id}}"
text: "AKS scaling: {{cluster_name}} — CPU: {{cpu_utilization}}%. Trend: {{check-metrics.trend}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query?query=kubernetes.cpu.usage{{cluster}}"
inputParameters:
- name: cluster
in: query
operations:
- name: get-cluster-metrics
method: GET
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: nodepools
path: "/subscriptions/{{subId}}/resourceGroups/aks-rg/providers/Microsoft.ContainerService/managedClusters/{{cluster}}/agentPools/default"
inputParameters:
- name: cluster
in: path
operations:
- name: scale-nodepool
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Azure Resource Group Cost Check
▼
banking cloud azure finops lookup
Queries Azure Cost Management for the current month spend of a specified resource group.
naftiko: "0.5"
info:
label: "Azure Resource Group Cost Check"
description: "Queries Azure Cost Management for the current month spend of a specified resource group."
tags:
- banking
- cloud
- azure
- finops
- lookup
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: get-rg-cost
description: "Given an Azure resource group name, return the current month total cost and forecast."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group name."
call: azure-cost.get-cost
with:
resourceGroup: "{{resource_group}}"
outputParameters:
- name: total_cost
type: number
mapping: "$.properties.rows[0][0]"
- name: forecast
type: number
mapping: "$.properties.rows[0][1]"
consumes:
- namespace: azure-cost
type: http
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: cloud-finops
path: "/{{id}}"
operations:
- name: get-cost
method: GET
Bloomberg Security Price Lookup
▼
banking bloomberg market-data trading lookup
Retrieves current market price for a security from Bloomberg Enterprise Data.
naftiko: "0.5"
info:
label: "Bloomberg Security Price Lookup"
description: "Retrieves current market price for a security from Bloomberg Enterprise Data."
tags:
- banking
- bloomberg
- market-data
- trading
- lookup
capability:
exposes:
- type: mcp
namespace: market-ops
port: 8080
tools:
- name: get-security-price
description: "Given a Bloomberg security identifier, return the last price, change, and volume."
inputParameters:
- name: security_id
in: body
type: string
description: "Bloomberg security identifier."
call: bloomberg.get-quote
with:
securities: "{{security_id}}"
outputParameters:
- name: last_price
type: number
mapping: "$.data[0].last_price"
- name: change_pct
type: number
mapping: "$.data[0].change_pct"
consumes:
- namespace: bloomberg
type: http
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_token"
resources:
- name: quotes
path: "/quotes?securities={{securities}}"
operations:
- name: get-quote
method: GET
Business Continuity Drill Coordinator
▼
banking operations business-continuity workday servicenow
Coordinates BC drills by pulling participant lists from Workday, creating tasks in ServiceNow, and distributing instructions via Teams.
naftiko: "0.5"
info:
label: "Business Continuity Drill Coordinator"
description: "Coordinates BC drills by pulling participant lists from Workday, creating tasks in ServiceNow, and distributing instructions via Teams."
tags:
- banking
- operations
- business-continuity
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: bcp-ops
port: 8080
tools:
- name: coordinate-bc-drill
description: "Given a drill scenario and date, pull department staff from Workday, create drill tasks in ServiceNow, and post instructions to Teams."
inputParameters:
- name: drill_scenario
in: body
type: string
description: "Drill scenario."
- name: drill_date
in: body
type: string
description: "Drill date."
- name: bcp_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-participants
type: call
call: workday.get-staff
with:
scenario: "{{drill_scenario}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "BC Drill: {{drill_scenario}} — {{drill_date}}"
description: "Participants: {{get-participants.count}}"
- name: notify-channel
type: call
call: msteams.post-channel
with:
channel_id: "{{bcp_channel_id}}"
text: "BC Drill: {{drill_scenario}} on {{drill_date}}. Participants: {{get-participants.count}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: staff
path: "/workers"
operations:
- name: get-staff
method: GET
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_bc_drill"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Client Portfolio Review Preparation
▼
banking wealth-management portfolio snowflake salesforce
Prepares a client portfolio review by pulling holdings from Snowflake, generating a performance summary, and distributing to the relationship manager via Teams.
naftiko: "0.5"
info:
label: "Client Portfolio Review Preparation"
description: "Prepares a client portfolio review by pulling holdings from Snowflake, generating a performance summary, and distributing to the relationship manager via Teams."
tags:
- banking
- wealth-management
- portfolio
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: wealth-ops
port: 8080
tools:
- name: prepare-portfolio-review
description: "Given a client ID, pull portfolio holdings from Snowflake, generate performance metrics, and notify the RM in Teams."
inputParameters:
- name: client_id
in: body
type: string
description: "Client ID."
- name: rm_upn
in: body
type: string
description: "Relationship manager UPN."
steps:
- name: get-holdings
type: call
call: snowflake.query-portfolio
with:
client_id: "{{client_id}}"
- name: update-sf
type: call
call: sf.update-review
with:
client_id: "{{client_id}}"
performance: "{{get-holdings.ytd_return}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Portfolio review ready: {{client_id}} — YTD: {{get-holdings.ytd_return}}% | AUM: ${{get-holdings.total_aum}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-portfolio
method: POST
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: reviews
path: "/sobjects/Portfolio_Review__c/{{client_id}}"
inputParameters:
- name: client_id
in: path
operations:
- name: update-review
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Portfolio Review Preparer
▼
banking wealth-management portfolio snowflake salesforce
Prepares portfolio reviews by pulling holdings from Snowflake, updating Salesforce, and notifying the RM.
naftiko: "0.5"
info:
label: "Client Portfolio Review Preparer"
description: "Prepares portfolio reviews by pulling holdings from Snowflake, updating Salesforce, and notifying the RM."
tags:
- banking
- wealth-management
- portfolio
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: wealth-ops
port: 8080
tools:
- name: prepare-portfolio-review
description: "Given a client ID, pull portfolio from Snowflake, update Salesforce, and notify the RM."
inputParameters:
- name: client_id
in: body
type: string
description: "Client ID."
- name: rm_upn
in: body
type: string
description: "RM UPN."
steps:
- name: get-holdings
type: call
call: snowflake.query-portfolio
with:
client_id: "{{client_id}}"
- name: update-sf
type: call
call: sf.update-review
with:
client_id: "{{client_id}}"
ytd: "{{get-holdings.ytd_return}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Portfolio ready: {{client_id}} — YTD: {{get-holdings.ytd_return}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-portfolio
method: POST
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: reviews
path: "/sobjects/Portfolio_Review__c/{{client_id}}"
operations:
- name: update-review
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Compliance Training Completion Tracker
▼
banking compliance training workday servicenow
Tracks compliance training by pulling enrollment data from Workday Learning, checking ServiceNow escalation thresholds, and notifying managers via Teams.
naftiko: "0.5"
info:
label: "Compliance Training Completion Tracker"
description: "Tracks compliance training by pulling enrollment data from Workday Learning, checking ServiceNow escalation thresholds, and notifying managers via Teams."
tags:
- banking
- compliance
- training
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: compliance-training
port: 8080
tools:
- name: track-training-completion
description: "Given a program ID and deadline, query Workday for incomplete enrollments, check escalation status in ServiceNow, and notify managers in Teams."
inputParameters:
- name: program_id
in: body
type: string
description: "Training program ID."
- name: deadline
in: body
type: string
description: "Deadline date."
steps:
- name: get-enrollments
type: call
call: workday.get-training-status
with:
program_id: "{{program_id}}"
- name: check-escalation
type: call
call: snow.check-escalation
with:
program_id: "{{program_id}}"
deadline: "{{deadline}}"
- name: notify-managers
type: call
call: msteams.send-notification
with:
subject: "Training overdue: {{program_id}}"
body: "Deadline: {{deadline}}. Incomplete: {{get-enrollments.incomplete_count}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Learning/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: training
path: "/learning-enrollments?program={{program_id}}"
inputParameters:
- name: program_id
in: query
operations:
- name: get-training-status
method: GET
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: escalation
path: "/table/u_training_compliance"
operations:
- name: check-escalation
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Conference Room Booking Notification
▼
banking facilities microsoft-graph microsoft-teams scheduling
Books a conference room via Microsoft Graph, creates the calendar event, and notifies attendees in Teams.
naftiko: "0.5"
info:
label: "Conference Room Booking Notification"
description: "Books a conference room via Microsoft Graph, creates the calendar event, and notifies attendees in Teams."
tags:
- banking
- facilities
- microsoft-graph
- microsoft-teams
- scheduling
capability:
exposes:
- type: mcp
namespace: facilities-ops
port: 8080
tools:
- name: book-conference-room
description: "Given a room email, start/end times, and organizer, check availability, create the booking, and notify in Teams."
inputParameters:
- name: room_email
in: body
type: string
description: "Room resource email."
- name: start_time
in: body
type: string
description: "Start time (ISO 8601)."
- name: end_time
in: body
type: string
description: "End time (ISO 8601)."
- name: organizer_upn
in: body
type: string
description: "Organizer UPN."
steps:
- name: check-availability
type: call
call: msgraph.get-schedule
with:
room: "{{room_email}}"
start: "{{start_time}}"
- name: create-booking
type: call
call: msgraph.create-event
with:
room: "{{room_email}}"
start: "{{start_time}}"
end: "{{end_time}}"
- name: notify-organizer
type: call
call: msteams.send-message
with:
recipient_upn: "{{organizer_upn}}"
text: "Room booked: {{room_email}} from {{start_time}} to {{end_time}}."
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: schedules
path: "/users/{{room}}/calendar/getSchedule"
inputParameters:
- name: room
in: path
operations:
- name: get-schedule
method: POST
- name: events
path: "/users/{{organizer_upn}}/events"
operations:
- name: create-event
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Confluence Incident Post-Mortem Publisher
▼
itsm servicenow confluence microsoft-teams post-mortem incident-response
After a resolved P1 incident, creates a structured post-mortem page in Confluence from ServiceNow incident data and notifies the engineering team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Confluence Incident Post-Mortem Publisher"
description: "After a resolved P1 incident, creates a structured post-mortem page in Confluence from ServiceNow incident data and notifies the engineering team via Microsoft Teams."
tags:
- itsm
- servicenow
- confluence
- microsoft-teams
- post-mortem
- incident-response
capability:
exposes:
- type: mcp
namespace: post-mortem
port: 8080
tools:
- name: publish-post-mortem
description: "Given a resolved ServiceNow P1 incident, retrieve incident timeline and resolution notes, create a structured post-mortem page in Confluence, and notify the engineering team via Teams."
inputParameters:
- name: incident_number
in: body
type: string
description: "The ServiceNow P1 incident number to document."
- name: confluence_space_key
in: body
type: string
description: "The Confluence space key for the post-mortem library (e.g., ITOPS)."
steps:
- name: get-incident
type: call
call: servicenow.get-incident
with:
incident_number: "{{incident_number}}"
- name: create-pm-page
type: call
call: confluence.create-page
with:
space_key: "{{confluence_space_key}}"
title: "Post-Mortem: {{get-incident.short_description}} ({{incident_number}})"
body: "**Incident:** {{incident_number}}\n**Summary:** {{get-incident.short_description}}\n**Duration:** {{get-incident.resolution_time}}\n**Impact:** {{get-incident.business_impact}}\n**Root Cause:** {{get-incident.cause}}\n**Resolution:** {{get-incident.close_notes}}"
- name: notify-eng
type: call
call: msteams.post-pm-notification
with:
channel_id: "engineering"
text: "Post-Mortem Published | Incident: {{incident_number}} | {{get-incident.short_description}} | Confluence: {{create-pm-page.url}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{incident_number}}"
inputParameters:
- name: incident_number
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: "https://citi.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: eng-messages
path: "/teams/engineering/channels/general/messages"
operations:
- name: post-pm-notification
method: POST
Confluence Knowledge Article Search
▼
banking knowledge-management confluence documentation lookup
Searches Confluence for a knowledge article by keyword and returns the page title, space, and URL.
naftiko: "0.5"
info:
label: "Confluence Knowledge Article Search"
description: "Searches Confluence for a knowledge article by keyword and returns the page title, space, and URL."
tags:
- banking
- knowledge-management
- confluence
- documentation
- lookup
capability:
exposes:
- type: mcp
namespace: km-ops
port: 8080
tools:
- name: search-article
description: "Given a keyword, search Confluence for matching articles and return the top result title, space, and URL."
inputParameters:
- name: keyword
in: body
type: string
description: "Search keyword."
call: confluence.search-content
with:
cql: "type=page AND title~{{keyword}}"
outputParameters:
- name: title
type: string
mapping: "$.results[0].title"
- name: space
type: string
mapping: "$.results[0].space.name"
consumes:
- namespace: confluence
type: http
baseUri: "https://citi.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_api_token"
resources:
- name: km-ops
path: "/{{id}}"
operations:
- name: search-content
method: GET
Credit Risk Assessment Handler
▼
banking credit-risk risk-management snowflake salesforce
Performs credit risk assessment by pulling financials from Snowflake, computing risk, and updating Salesforce.
naftiko: "0.5"
info:
label: "Credit Risk Assessment Handler"
description: "Performs credit risk assessment by pulling financials from Snowflake, computing risk, and updating Salesforce."
tags:
- banking
- credit-risk
- risk-management
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: credit-ops
port: 8080
tools:
- name: assess-credit-risk
description: "Given a customer ID and loan amount, pull financials from Snowflake, update Salesforce, and notify the RM."
inputParameters:
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: loan_amount
in: body
type: number
description: "Loan amount."
- name: rm_upn
in: body
type: string
description: "RM UPN."
steps:
- name: get-financials
type: call
call: snowflake.query-financials
with:
customer_id: "{{customer_id}}"
- name: update-sf
type: call
call: sf.update-risk
with:
customer_id: "{{customer_id}}"
risk_score: "{{get-financials.risk_score}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Credit: {{customer_id}} — Risk: {{get-financials.risk_score}} | Loan: ${{loan_amount}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-financials
method: POST
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{customer_id}}"
operations:
- name: update-risk
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Credit Risk Assessment Workflow
▼
banking credit-risk risk-management snowflake salesforce
Performs a credit risk assessment by pulling customer financials from Snowflake, running the risk model, and updating the Salesforce opportunity with the risk rating.
naftiko: "0.5"
info:
label: "Credit Risk Assessment Workflow"
description: "Performs a credit risk assessment by pulling customer financials from Snowflake, running the risk model, and updating the Salesforce opportunity with the risk rating."
tags:
- banking
- credit-risk
- risk-management
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: credit-ops
port: 8080
tools:
- name: assess-credit-risk
description: "Given a customer ID and loan amount, pull financials from Snowflake, compute risk score, and update the Salesforce opportunity."
inputParameters:
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: loan_amount
in: body
type: number
description: "Requested loan amount."
- name: rm_upn
in: body
type: string
description: "Relationship manager UPN."
steps:
- name: get-financials
type: call
call: snowflake.query-financials
with:
customer_id: "{{customer_id}}"
- name: update-opportunity
type: call
call: sf.update-risk-rating
with:
customer_id: "{{customer_id}}"
risk_score: "{{get-financials.risk_score}}"
- name: notify-rm
type: call
call: msteams.send-message
with:
recipient_upn: "{{rm_upn}}"
text: "Credit assessment: {{customer_id}} — Risk score: {{get-financials.risk_score}} | Loan: ${{loan_amount}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-financials
method: POST
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{customer_id}}"
inputParameters:
- name: customer_id
in: path
operations:
- name: update-risk-rating
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Customer Complaint Escalation Handler
▼
banking customer-service salesforce servicenow compliance
When a complaint is received, creates a Salesforce case, opens a ServiceNow investigation task, and notifies the compliance officer via Teams.
naftiko: "0.5"
info:
label: "Customer Complaint Escalation Handler"
description: "When a complaint is received, creates a Salesforce case, opens a ServiceNow investigation task, and notifies the compliance officer via Teams."
tags:
- banking
- customer-service
- salesforce
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: complaints-ops
port: 8080
tools:
- name: escalate-complaint
description: "Given complaint details, create a Salesforce case, open a ServiceNow task, and alert compliance via Teams."
inputParameters:
- name: customer_name
in: body
type: string
description: "Complainant name."
- name: account_number
in: body
type: string
description: "Account or policy number."
- name: complaint_category
in: body
type: string
description: "Complaint category."
- name: compliance_upn
in: body
type: string
description: "UPN of compliance officer."
steps:
- name: create-case
type: call
call: sf.create-case
with:
Subject: "Complaint — {{account_number}} — {{complaint_category}}"
Description: "Customer: {{customer_name}} | Category: {{complaint_category}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "Complaint: {{account_number}}"
description: "SF Case: {{create-case.case_number}} | {{complaint_category}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Complaint escalation: {{customer_name}} — {{complaint_category}}. SF: {{create-case.case_number}} | SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sn_si_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Data Privacy Subject Access Request Handler
▼
banking compliance data-privacy salesforce snowflake servicenow
Processes a data subject access request by searching Salesforce and Snowflake for personal data, compiling results, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Data Privacy Subject Access Request Handler"
description: "Processes a data subject access request by searching Salesforce and Snowflake for personal data, compiling results, and logging in ServiceNow."
tags:
- banking
- compliance
- data-privacy
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: privacy-ops
port: 8080
tools:
- name: process-dsar
description: "Given a data subject email, search for personal data across Salesforce and Snowflake, log the DSAR in ServiceNow, and notify the privacy officer via Teams."
inputParameters:
- name: subject_email
in: body
type: string
description: "Data subject email."
- name: request_type
in: body
type: string
description: "DSAR type: access, deletion."
- name: privacy_officer_upn
in: body
type: string
description: "UPN of privacy officer."
steps:
- name: search-sf
type: call
call: sf.search-person
with:
email: "{{subject_email}}"
- name: search-snowflake
type: call
call: snowflake.search-pii
with:
email: "{{subject_email}}"
- name: log-dsar
type: call
call: snow.create-dsar
with:
short_description: "DSAR: {{request_type}} — {{subject_email}}"
description: "SF: {{search-sf.record_count}} | Snowflake: {{search-snowflake.record_count}}"
- name: notify-officer
type: call
call: msteams.send-message
with:
recipient_upn: "{{privacy_officer_upn}}"
text: "DSAR: {{request_type}} for {{subject_email}}. SF: {{search-sf.record_count}}, SF: {{search-snowflake.record_count}}. SNOW: {{log-dsar.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: search
path: "/parameterizedSearch/?q={{email}}"
inputParameters:
- name: email
in: query
operations:
- name: search-person
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: search-pii
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: dsar
path: "/table/u_dsar_request"
operations:
- name: create-dsar
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Datadog APM Latency Anomaly Digest
▼
observability datadog microsoft-teams performance apm
Retrieves Datadog APM latency metrics for critical banking APIs and posts a weekly performance digest to the platform engineering Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Datadog APM Latency Anomaly Digest"
description: "Retrieves Datadog APM latency metrics for critical banking APIs and posts a weekly performance digest to the platform engineering Microsoft Teams channel."
tags:
- observability
- datadog
- microsoft-teams
- performance
- apm
capability:
exposes:
- type: mcp
namespace: apm-reporting
port: 8080
tools:
- name: digest-api-latency
description: "Retrieve p50, p95, and p99 latency metrics for a set of critical banking APIs from Datadog APM and post a weekly performance digest to the platform engineering Teams channel."
inputParameters:
- name: service_tag
in: body
type: string
description: "The Datadog service tag to filter APM metrics (e.g., service:payments-api)."
- name: reporting_week
in: body
type: string
description: "The week label for the digest (e.g., 'Week of 2026-03-17')."
steps:
- name: get-latency-metrics
type: call
call: datadog.get-apm-metrics
with:
service_tag: "{{service_tag}}"
- name: post-digest
type: call
call: msteams.post-apm-digest
with:
channel_id: "platform-engineering"
text: "API Latency Digest | {{reporting_week}} | Service: {{service_tag}} | p50: {{get-latency-metrics.p50_ms}}ms | p95: {{get-latency-metrics.p95_ms}}ms | p99: {{get-latency-metrics.p99_ms}}ms | Error Rate: {{get-latency-metrics.error_rate_pct}}%"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: apm-metrics
path: "/query"
inputParameters:
- name: service_tag
in: query
operations:
- name: get-apm-metrics
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: platform-messages
path: "/teams/platform-engineering/channels/general/messages"
operations:
- name: post-apm-digest
method: POST
Datadog Application Performance Alert Handler
▼
observability datadog servicenow jira microsoft-teams incident-response
When a Datadog monitor fires for a banking application, creates a ServiceNow P1 incident, opens a Jira investigation issue, and alerts the on-call engineering team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Datadog Application Performance Alert Handler"
description: "When a Datadog monitor fires for a banking application, creates a ServiceNow P1 incident, opens a Jira investigation issue, and alerts the on-call engineering team via Microsoft Teams."
tags:
- observability
- datadog
- servicenow
- jira
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: app-observability
port: 8080
tools:
- name: handle-application-alert
description: "Given a Datadog monitor alert for a critical banking application, create a ServiceNow P1 incident, link a Jira investigation issue, and page the on-call team via Teams."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that triggered the alert."
- name: monitor_name
in: body
type: string
description: "The human-readable Datadog monitor name."
- name: application_name
in: body
type: string
description: "The name of the affected banking application."
- name: severity
in: body
type: string
description: "Alert severity: CRITICAL or WARNING."
steps:
- name: create-snow-incident
type: call
call: servicenow.create-incident
with:
short_description: "[{{severity}}] {{application_name}} performance degradation: {{monitor_name}}"
category: "application_performance"
priority: "1"
assigned_group: "Application_Support"
- name: create-jira-issue
type: call
call: jira.create-issue
with:
project_key: "APPOPS"
issuetype: "Incident"
summary: "App Alert: {{application_name}} - {{monitor_name}}"
description: "Monitor ID: {{monitor_id}}\nSeverity: {{severity}}\nServiceNow: {{create-snow-incident.number}}"
- name: alert-oncall
type: call
call: msteams.send-oncall-alert
with:
channel_id: "oncall-engineering"
text: "P1 APP ALERT | {{application_name}} | {{monitor_name}} | Severity: {{severity}} | SNOW: {{create-snow-incident.number}} | Jira: {{create-jira-issue.key}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: oncall-messages
path: "/teams/engineering/channels/oncall/messages"
operations:
- name: send-oncall-alert
method: POST
Datadog Service Health Check
▼
banking it-operations datadog monitoring lookup
Queries Datadog for the current health status of a specified service, returning uptime percentage and error rate.
naftiko: "0.5"
info:
label: "Datadog Service Health Check"
description: "Queries Datadog for the current health status of a specified service, returning uptime percentage and error rate."
tags:
- banking
- it-operations
- datadog
- monitoring
- lookup
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: "Given a Datadog service name, return the current uptime percentage, error rate, and active monitor count."
inputParameters:
- name: service_name
in: body
type: string
description: "Datadog service name."
call: datadog.get-slo
with:
service: "{{service_name}}"
outputParameters:
- name: uptime_pct
type: number
mapping: "$.data[0].overall.sli_value"
- name: error_rate
type: number
mapping: "$.data[0].overall.error_budget_remaining"
consumes:
- namespace: datadog
type: http
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: observability
path: "/{{id}}"
operations:
- name: get-slo
method: GET
Datadog SLO Breach Incident Handler
▼
banking sre datadog servicenow pagerduty
When a Datadog SLO breach is detected, creates a ServiceNow incident, pages on-call via PagerDuty, and posts to the reliability channel.
naftiko: "0.5"
info:
label: "Datadog SLO Breach Incident Handler"
description: "When a Datadog SLO breach is detected, creates a ServiceNow incident, pages on-call via PagerDuty, and posts to the reliability channel."
tags:
- banking
- sre
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: sre-ops
port: 8080
tools:
- name: handle-slo-breach
description: "Given an SLO name and current SLI value, create a ServiceNow incident, trigger a PagerDuty alert, and notify the SRE channel in Teams."
inputParameters:
- name: slo_name
in: body
type: string
description: "SLO name."
- name: sli_value
in: body
type: number
description: "Current SLI value."
- name: service_name
in: body
type: string
description: "Affected service."
- name: sre_channel_id
in: body
type: string
description: "SRE Teams channel."
steps:
- name: create-incident
type: call
call: snow.create-incident
with:
short_description: "SLO breach: {{slo_name}} — {{service_name}}"
description: "SLI: {{sli_value}}%"
priority: "2"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: "sre-team"
title: "SLO breach: {{slo_name}} ({{sli_value}}%)"
- name: notify-channel
type: call
call: msteams.post-channel
with:
channel_id: "{{sre_channel_id}}"
text: "SLO Breach: {{slo_name}} — {{service_name}} at {{sli_value}}%. SNOW: {{create-incident.number}}"
consumes:
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
DocuSign Envelope Tracking Lookup
▼
banking legal docusign document-management lookup
Retrieves the status of a DocuSign envelope by ID, returning signing status and sent date.
naftiko: "0.5"
info:
label: "DocuSign Envelope Tracking Lookup"
description: "Retrieves the status of a DocuSign envelope by ID, returning signing status and sent date."
tags:
- banking
- legal
- docusign
- document-management
- lookup
capability:
exposes:
- type: mcp
namespace: doc-ops
port: 8080
tools:
- name: get-envelope-status
description: "Given a DocuSign envelope ID, return the status, sent date, and recipient count."
inputParameters:
- name: envelope_id
in: body
type: string
description: "DocuSign envelope ID."
call: docusign.get-envelope
with:
envelopeId: "{{envelope_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: sent_date
type: string
mapping: "$.sentDateTime"
consumes:
- namespace: docusign
type: http
baseUri: "https://na4.docusign.net/restapi/v2.1"
authentication:
type: bearer
token: "$secrets.docusign_token"
resources:
- name: doc-ops
path: "/{{id}}"
operations:
- name: get-envelope
method: GET
Dynatrace Application Metrics Lookup
▼
banking it-operations dynatrace monitoring lookup
Queries Dynatrace for the response time and failure rate of a specified application.
naftiko: "0.5"
info:
label: "Dynatrace Application Metrics Lookup"
description: "Queries Dynatrace for the response time and failure rate of a specified application."
tags:
- banking
- it-operations
- dynatrace
- monitoring
- lookup
capability:
exposes:
- type: mcp
namespace: apm-ops
port: 8080
tools:
- name: get-app-metrics
description: "Given a Dynatrace entity ID, return the median response time and failure rate."
inputParameters:
- name: entity_id
in: body
type: string
description: "Dynatrace application entity ID."
call: dynatrace.get-metrics
with:
entityId: "{{entity_id}}"
outputParameters:
- name: response_time_ms
type: number
mapping: "$.result[0].data[0].values.median"
- name: failure_rate
type: number
mapping: "$.result[1].data[0].values.avg"
consumes:
- namespace: dynatrace
type: http
baseUri: "https://citi.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: apm-ops
path: "/{{id}}"
operations:
- name: get-metrics
method: GET
Employee Offboarding and Access Revocation
▼
hr workday servicenow microsoft-teams offboarding security
When an employee departure is confirmed in Workday, revokes Microsoft 365 access, closes ServiceNow open tickets, and notifies the IT security team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Employee Offboarding and Access Revocation"
description: "When an employee departure is confirmed in Workday, revokes Microsoft 365 access, closes ServiceNow open tickets, and notifies the IT security team via Microsoft Teams."
tags:
- hr
- workday
- servicenow
- microsoft-teams
- offboarding
- security
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-employee-offboarding
description: "Given a Workday employee ID and last working date, revoke Microsoft 365 access, close open ServiceNow tickets, and alert the IT security team via Teams to confirm full access deprovisioning."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID of the departing employee."
- name: last_working_day
in: body
type: string
description: "The employee's last working day in YYYY-MM-DD format."
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
worker_id: "{{employee_id}}"
- name: revoke-m365
type: call
call: msgraph.disable-user
with:
user_principal_name: "{{get-worker.work_email}}"
- name: close-snow-tickets
type: call
call: servicenow.close-user-assignments
with:
assigned_to: "{{get-worker.work_email}}"
- name: alert-security
type: call
call: msteams.post-offboard-alert
with:
channel_id: "it-security"
text: "Offboarding Complete | {{get-worker.full_name}} | Last Day: {{last_working_day}} | M365: revoked | ServiceNow: tickets closed | Action required: verify all system access revoked."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: users
path: "/users/{{user_principal_name}}"
inputParameters:
- name: user_principal_name
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: user-assignments
path: "/table/incident"
operations:
- name: close-user-assignments
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: security-messages
path: "/teams/it-security/channels/general/messages"
operations:
- name: post-offboard-alert
method: POST
Employee Onboarding Orchestrator
▼
hr workday servicenow microsoft-teams onboarding
When a new hire is created in Workday, provisions a ServiceNow IT ticket, grants Microsoft 365 access, and sends a Microsoft Teams welcome message to the new employee.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "When a new hire is created in Workday, provisions a ServiceNow IT ticket, grants Microsoft 365 access, and sends a Microsoft Teams welcome message to the new employee."
tags:
- hr
- workday
- servicenow
- microsoft-teams
- onboarding
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-employee-onboarding
description: "Given a Workday employee ID and start date, orchestrate full onboarding: open a ServiceNow IT provisioning ticket, provision Microsoft 365, and send a Teams welcome message."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "New hire's start date in YYYY-MM-DD format."
- name: manager_upn
in: body
type: string
description: "The UPN (email) of the new hire's manager in Microsoft 365."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{employee_id}}"
- name: create-it-ticket
type: call
call: servicenow.create-incident
with:
short_description: "IT onboarding for {{get-employee.full_name}} starting {{start_date}}"
category: "hr_onboarding"
assigned_group: "IT_Provisioning"
- name: provision-m365
type: call
call: msgraph.create-user
with:
display_name: "{{get-employee.full_name}}"
mail_nickname: "{{get-employee.first_name}}.{{get-employee.last_name}}"
user_principal_name: "{{get-employee.work_email}}"
- name: send-welcome
type: call
call: msteams.send-message
with:
to_upn: "{{manager_upn}}"
text: "New team member {{get-employee.first_name}} {{get-employee.last_name}} is starting on {{start_date}}. IT ticket: {{create-it-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: chat-messages
path: "/chats"
operations:
- name: send-message
method: POST
Employee Termination Access Revocation
▼
banking hr security workday okta servicenow
When an employee termination is processed in Workday, disables their Okta account, revokes ServiceNow access, and notifies the HR business partner via Teams.
naftiko: "0.5"
info:
label: "Employee Termination Access Revocation"
description: "When an employee termination is processed in Workday, disables their Okta account, revokes ServiceNow access, and notifies the HR business partner via Teams."
tags:
- banking
- hr
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-security
port: 8080
tools:
- name: revoke-terminated-access
description: "Given a Workday employee ID and termination date, disable the Okta account, close open ServiceNow tickets, and notify the HRBP via Teams."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: termination_date
in: body
type: string
description: "Termination date."
- name: hrbp_upn
in: body
type: string
description: "UPN of the HRBP."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
employee_id: "{{employee_id}}"
- name: disable-okta
type: call
call: okta.deactivate-user
with:
login: "{{get-employee.email}}"
- name: notify-hrbp
type: call
call: msteams.send-message
with:
recipient_upn: "{{hrbp_upn}}"
text: "Access revoked for {{get-employee.full_name}} ({{employee_id}}) effective {{termination_date}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: workers
path: "/workers/{{employee_id}}"
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://citi.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{login}}/lifecycle/deactivate"
inputParameters:
- name: login
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Executive KPI Dashboard Digest
▼
banking reporting analytics snowflake power-bi
Compiles an executive KPI digest by pulling metrics from Snowflake, refreshing Power BI, and emailing the C-suite.
naftiko: "0.5"
info:
label: "Executive KPI Dashboard Digest"
description: "Compiles an executive KPI digest by pulling metrics from Snowflake, refreshing Power BI, and emailing the C-suite."
tags:
- banking
- reporting
- analytics
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: exec-reporting
port: 8080
tools:
- name: generate-kpi-digest
description: "Given a reporting period, pull KPIs from Snowflake, refresh the Power BI executive dashboard, and email the digest."
inputParameters:
- name: period
in: body
type: string
description: "Reporting period."
- name: exec_dl
in: body
type: string
description: "Executive DL email."
steps:
- name: get-kpis
type: call
call: snowflake.query-kpis
with:
period: "{{period}}"
- name: refresh-pbi
type: call
call: powerbi.trigger-refresh
with:
datasetId: "executive-dashboard"
- name: send-digest
type: call
call: msgraph.send-mail
with:
to: "{{exec_dl}}"
subject: "Executive KPI Digest — {{period}}"
body: "Key metrics refreshed. Dashboard updated."
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-kpis
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@citi.com/sendMail"
operations:
- name: send-mail
method: POST
GitHub Dependabot Alert Handler
▼
banking security github jira snowflake
When Dependabot alerts are raised, creates Jira tickets for remediation, logs in Snowflake, and alerts the AppSec team via Teams.
naftiko: "0.5"
info:
label: "GitHub Dependabot Alert Handler"
description: "When Dependabot alerts are raised, creates Jira tickets for remediation, logs in Snowflake, and alerts the AppSec team via Teams."
tags:
- banking
- security
- github
- jira
- snowflake
capability:
exposes:
- type: mcp
namespace: appsec-ops
port: 8080
tools:
- name: handle-dependabot-alert
description: "Given a repo and alert severity, create a Jira ticket, log the vulnerability in Snowflake, and notify AppSec in Teams."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository."
- name: cve_id
in: body
type: string
description: "CVE identifier."
- name: severity
in: body
type: string
description: "Alert severity."
- name: appsec_upn
in: body
type: string
description: "UPN of AppSec lead."
steps:
- name: create-jira
type: call
call: jira.create-issue
with:
project: "APPSEC"
summary: "Dependabot: {{cve_id}} in {{repo_name}}"
description: "Severity: {{severity}} | Repo: {{repo_name}}"
- name: log-vuln
type: call
call: snowflake.insert-vuln
with:
repo: "{{repo_name}}"
cve: "{{cve_id}}"
severity: "{{severity}}"
- name: notify-appsec
type: call
call: msteams.send-message
with:
recipient_upn: "{{appsec_upn}}"
text: "Dependabot: {{cve_id}} ({{severity}}) in {{repo_name}}. Jira: {{create-jira.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-vuln
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
GitHub DevSecOps Vulnerability Triage
▼
security github jira microsoft-teams vulnerability-management devsecops
Scans GitHub Advanced Security code scanning alerts for banking application repositories and creates Jira security tickets for critical CVEs, notifying the security team via Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub DevSecOps Vulnerability Triage"
description: "Scans GitHub Advanced Security code scanning alerts for banking application repositories and creates Jira security tickets for critical CVEs, notifying the security team via Microsoft Teams."
tags:
- security
- github
- jira
- microsoft-teams
- vulnerability-management
- devsecops
capability:
exposes:
- type: mcp
namespace: devsecops
port: 8080
tools:
- name: triage-security-alerts
description: "Query GitHub Advanced Security for critical and high-severity code scanning alerts across a banking application repository and create Jira tickets for each unresolved finding, alerting the security team via Teams."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository to scan (format: org/repo)."
- name: min_severity
in: body
type: string
description: "Minimum severity threshold: critical or high."
steps:
- name: get-alerts
type: call
call: github.get-scanning-alerts
with:
repo: "{{repo}}"
severity: "{{min_severity}}"
- name: create-sec-ticket
type: call
call: jira.create-security-issue
with:
project_key: "SEC"
issuetype: "Security"
summary: "[{{min_severity}}] Vulnerability: {{get-alerts.rule_name}} in {{repo}}"
description: "CVE: {{get-alerts.cve_id}}\nRepo: {{repo}}\nFile: {{get-alerts.location_path}}\nURL: {{get-alerts.html_url}}"
- name: alert-security-team
type: call
call: msteams.send-sec-alert
with:
channel_id: "security-engineering"
text: "Security Alert | {{min_severity}} | {{repo}} | {{get-alerts.rule_name}} | Jira: {{create-sec-ticket.key}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: scanning-alerts
path: "/repos/{{repo}}/code-scanning/alerts"
inputParameters:
- name: repo
in: path
- name: severity
in: query
operations:
- name: get-scanning-alerts
method: GET
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: security-issues
path: "/issue"
operations:
- name: create-security-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: security-messages
path: "/teams/security/channels/engineering/messages"
operations:
- name: send-sec-alert
method: POST
GitHub Repository Status Check
▼
banking engineering github devops lookup
Fetches a GitHub repository by name and returns the default branch, open issue count, and last push timestamp.
naftiko: "0.5"
info:
label: "GitHub Repository Status Check"
description: "Fetches a GitHub repository by name and returns the default branch, open issue count, and last push timestamp."
tags:
- banking
- engineering
- github
- devops
- lookup
capability:
exposes:
- type: mcp
namespace: dev-ops
port: 8080
tools:
- name: get-repo-status
description: "Given a GitHub repository full name, return the default branch and last push timestamp."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository full name."
call: github.get-repo
with:
repo: "{{repo_name}}"
outputParameters:
- name: default_branch
type: string
mapping: "$.default_branch"
- name: last_push
type: string
mapping: "$.pushed_at"
consumes:
- namespace: github
type: http
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dev-ops
path: "/{{id}}"
operations:
- name: get-repo
method: GET
HubSpot Marketing Lead Nurture to Salesforce Sync
▼
marketing hubspot salesforce lead-management corporate-banking crm
Syncs HubSpot lead nurture workflow contacts that have reached a buying stage into Salesforce as qualified leads, triggering corporate banking relationship manager assignment.
naftiko: "0.5"
info:
label: "HubSpot Marketing Lead Nurture to Salesforce Sync"
description: "Syncs HubSpot lead nurture workflow contacts that have reached a buying stage into Salesforce as qualified leads, triggering corporate banking relationship manager assignment."
tags:
- marketing
- hubspot
- salesforce
- lead-management
- corporate-banking
- crm
capability:
exposes:
- type: mcp
namespace: lead-nurture-sync
port: 8080
tools:
- name: sync-nurtured-leads
description: "Retrieve contacts from a HubSpot lead nurture workflow that have reached MQL status and create qualified leads in Salesforce for corporate banking RM assignment and follow-up."
inputParameters:
- name: hubspot_workflow_id
in: body
type: string
description: "The HubSpot workflow ID for the lead nurture sequence."
- name: mql_stage
in: body
type: string
description: "The HubSpot lifecycle stage that qualifies a contact as MQL (e.g., 'marketingqualifiedlead')."
steps:
- name: get-mql-contacts
type: call
call: hubspot.get-workflow-contacts
with:
workflow_id: "{{hubspot_workflow_id}}"
lifecycle_stage: "{{mql_stage}}"
- name: create-sf-leads
type: call
call: salesforce.create-lead
with:
first_name: "{{get-mql-contacts.first_name}}"
last_name: "{{get-mql-contacts.last_name}}"
company: "{{get-mql-contacts.company}}"
email: "{{get-mql-contacts.email}}"
lead_source: "HubSpot Nurture"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com/crm/v3"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: workflow-contacts
path: "/objects/contacts"
inputParameters:
- name: workflow_id
in: query
- name: lifecycle_stage
in: query
operations:
- name: get-workflow-contacts
method: GET
- type: http
namespace: salesforce
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead"
operations:
- name: create-lead
method: POST
Interest Rate Risk Sensitivity Analysis
▼
banking risk-management interest-rate snowflake reporting
Analyzes interest rate risk by pulling balance sheet data from Snowflake, running scenarios, and distributing results via Teams.
naftiko: "0.5"
info:
label: "Interest Rate Risk Sensitivity Analysis"
description: "Analyzes interest rate risk by pulling balance sheet data from Snowflake, running scenarios, and distributing results via Teams."
tags:
- banking
- risk-management
- interest-rate
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: alm-ops
port: 8080
tools:
- name: run-ir-sensitivity
description: "Given a scenario set and report date, pull balance sheet from Snowflake, run rate shock scenarios, and post results."
inputParameters:
- name: scenario_set
in: body
type: string
description: "Scenario set name."
- name: report_date
in: body
type: string
description: "Report date."
- name: alm_channel_id
in: body
type: string
description: "ALM channel."
steps:
- name: get-balances
type: call
call: snowflake.query-balances
with:
date: "{{report_date}}"
- name: run-scenarios
type: call
call: snowflake.run-scenarios
with:
scenario: "{{scenario_set}}"
- name: post-results
type: call
call: msteams.post-channel
with:
channel_id: "{{alm_channel_id}}"
text: "IR Sensitivity: {{scenario_set}} — {{report_date}}. NII impact: ${{run-scenarios.nii_impact}} | EVE impact: ${{run-scenarios.eve_impact}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-balances
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
IT Asset Lifecycle Retirement Workflow
▼
banking it-operations asset-management servicenow okta sap
Manages IT asset retirement by updating the ServiceNow CMDB, revoking Okta access, and logging disposal in SAP fixed assets.
naftiko: "0.5"
info:
label: "IT Asset Lifecycle Retirement Workflow"
description: "Manages IT asset retirement by updating the ServiceNow CMDB, revoking Okta access, and logging disposal in SAP fixed assets."
tags:
- banking
- it-operations
- asset-management
- servicenow
- okta
- sap
capability:
exposes:
- type: mcp
namespace: asset-ops
port: 8080
tools:
- name: retire-it-asset
description: "Given a CI name and asset tag, mark as retired in ServiceNow CMDB, revoke Okta access, create SAP disposal entry, and notify IT manager in Teams."
inputParameters:
- name: ci_name
in: body
type: string
description: "ServiceNow CI name."
- name: asset_tag
in: body
type: string
description: "Asset tag number."
- name: it_manager_upn
in: body
type: string
description: "UPN of IT asset manager."
steps:
- name: retire-cmdb
type: call
call: snow.update-ci-status
with:
ci_name: "{{ci_name}}"
status: "Retired"
- name: revoke-access
type: call
call: okta.remove-app-assignment
with:
app_label: "{{ci_name}}"
- name: log-disposal
type: call
call: sap.create-disposal
with:
asset_number: "{{asset_tag}}"
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient_upn: "{{it_manager_upn}}"
text: "Asset retired: {{ci_name}} ({{asset_tag}}). CMDB updated, access revoked."
consumes:
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{ci_name}}"
inputParameters:
- name: ci_name
in: query
operations:
- name: update-ci-status
method: PATCH
- type: http
namespace: okta
baseUri: "https://citi.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: apps
path: "/apps?q={{app_label}}"
inputParameters:
- name: app_label
in: query
operations:
- name: remove-app-assignment
method: DELETE
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_FIXEDASSET_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: disposals
path: "/A_FixedAsset"
operations:
- name: create-disposal
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
IT Security Vulnerability Remediation Workflow
▼
banking security vulnerability-management jira servicenow
When a critical vulnerability is discovered, creates a Jira remediation ticket, updates the CMDB in ServiceNow, and alerts the security team via Teams.
naftiko: "0.5"
info:
label: "IT Security Vulnerability Remediation Workflow"
description: "When a critical vulnerability is discovered, creates a Jira remediation ticket, updates the CMDB in ServiceNow, and alerts the security team via Teams."
tags:
- banking
- security
- vulnerability-management
- jira
- servicenow
capability:
exposes:
- type: mcp
namespace: secops
port: 8080
tools:
- name: remediate-vulnerability
description: "Given a CVE ID, severity, and affected system, create a Jira ticket, update the ServiceNow CMDB, and notify SecOps in Teams."
inputParameters:
- name: cve_id
in: body
type: string
description: "CVE identifier."
- name: severity
in: body
type: string
description: "Severity level."
- name: affected_system
in: body
type: string
description: "Affected system name."
- name: secops_upn
in: body
type: string
description: "UPN of SecOps lead."
steps:
- name: create-ticket
type: call
call: jira.create-issue
with:
project: "SECOPS"
summary: "Remediate {{cve_id}} — {{affected_system}}"
description: "Severity: {{severity}} | System: {{affected_system}}"
- name: update-cmdb
type: call
call: snow.update-ci
with:
ci_name: "{{affected_system}}"
vulnerability: "{{cve_id}} — {{severity}}"
- name: notify-secops
type: call
call: msteams.send-message
with:
recipient_upn: "{{secops_upn}}"
text: "Vulnerability: {{cve_id}} ({{severity}}) on {{affected_system}}. Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{ci_name}}"
inputParameters:
- name: ci_name
in: query
operations:
- name: update-ci
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Jira Backlog Sprint Planning Digest
▼
devops jira microsoft-teams sprint-planning engineering
Queries Jira for all unestimated and high-priority backlog issues on a technology delivery board and posts a sprint planning agenda to the product team's Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Jira Backlog Sprint Planning Digest"
description: "Queries Jira for all unestimated and high-priority backlog issues on a technology delivery board and posts a sprint planning agenda to the product team's Microsoft Teams channel."
tags:
- devops
- jira
- microsoft-teams
- sprint-planning
- engineering
capability:
exposes:
- type: mcp
namespace: sprint-planning
port: 8080
tools:
- name: generate-sprint-agenda
description: "Query Jira for prioritized unestimated backlog issues on a given board and post a sprint planning agenda to the product team Teams channel before the sprint planning ceremony."
inputParameters:
- name: board_id
in: body
type: string
description: "The Jira board ID for the product delivery team."
- name: sprint_name
in: body
type: string
description: "The upcoming sprint name for the agenda header."
steps:
- name: get-backlog
type: call
call: jira.search-backlog
with:
board_id: "{{board_id}}"
- name: post-agenda
type: call
call: msteams.post-sprint-agenda
with:
channel_id: "product-team"
text: "Sprint Planning Agenda: {{sprint_name}} | Board: {{board_id}} | Total backlog: {{get-backlog.total_count}} | Unestimated: {{get-backlog.unestimated}} | P1 items: {{get-backlog.priority_count}}"
consumes:
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: backlog-issues
path: "/search"
inputParameters:
- name: board_id
in: query
operations:
- name: search-backlog
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: team-messages
path: "/teams/technology/channels/product-team/messages"
operations:
- name: post-sprint-agenda
method: POST
Jira Issue Detail Lookup
▼
banking engineering jira project-management lookup
Fetches a Jira issue by key and returns the summary, status, assignee, and priority.
naftiko: "0.5"
info:
label: "Jira Issue Detail Lookup"
description: "Fetches a Jira issue by key and returns the summary, status, assignee, and priority."
tags:
- banking
- engineering
- jira
- project-management
- lookup
capability:
exposes:
- type: mcp
namespace: eng-ops
port: 8080
tools:
- name: get-jira-issue
description: "Given a Jira issue key, return the issue summary, status, assignee, and priority."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key."
call: jira.get-issue
with:
issueKey: "{{issue_key}}"
outputParameters:
- name: summary
type: string
mapping: "$.fields.summary"
- name: status
type: string
mapping: "$.fields.status.name"
- name: assignee
type: string
mapping: "$.fields.assignee.displayName"
consumes:
- namespace: jira
type: http
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: eng-ops
path: "/{{id}}"
operations:
- name: get-issue
method: GET
KYC Customer Onboarding Handler
▼
banking kyc compliance salesforce snowflake servicenow
Processes KYC onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow.
naftiko: "0.5"
info:
label: "KYC Customer Onboarding Handler"
description: "Processes KYC onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow."
tags:
- banking
- kyc
- compliance
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: kyc-ops
port: 8080
tools:
- name: onboard-customer-kyc
description: "Given customer details, verify in Salesforce, run KYC in Snowflake, create a ServiceNow task, and notify compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: compliance_upn
in: body
type: string
description: "Compliance UPN."
steps:
- name: verify
type: call
call: sf.get-customer
with:
customer_id: "{{customer_id}}"
- name: run-kyc
type: call
call: snowflake.run-kyc
with:
customer: "{{customer_name}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "KYC: {{customer_name}}"
description: "Status: {{run-kyc.status}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "KYC: {{customer_name}} — {{run-kyc.status}}. SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: customers
path: "/sobjects/Account/{{customer_id}}"
operations:
- name: get-customer
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-kyc
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_kyc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
KYC Customer Onboarding Workflow
▼
banking kyc compliance salesforce snowflake servicenow
Processes KYC customer onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow.
naftiko: "0.5"
info:
label: "KYC Customer Onboarding Workflow"
description: "Processes KYC customer onboarding by verifying identity in Salesforce, running compliance checks in Snowflake, and creating an onboarding task in ServiceNow."
tags:
- banking
- kyc
- compliance
- salesforce
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: kyc-ops
port: 8080
tools:
- name: onboard-customer-kyc
description: "Given customer details, verify identity in Salesforce, run KYC checks in Snowflake, create onboarding task in ServiceNow, and notify compliance in Teams."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: customer_id
in: body
type: string
description: "Customer ID."
- name: compliance_upn
in: body
type: string
description: "Compliance officer UPN."
steps:
- name: verify-identity
type: call
call: sf.get-customer
with:
customer_id: "{{customer_id}}"
- name: run-kyc
type: call
call: snowflake.run-kyc-check
with:
customer_name: "{{customer_name}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "KYC Onboarding: {{customer_name}}"
description: "ID: {{customer_id}} | KYC: {{run-kyc.status}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "KYC onboarding: {{customer_name}} — Status: {{run-kyc.status}}. SNOW: {{create-task.number}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: customers
path: "/sobjects/Account/{{customer_id}}"
inputParameters:
- name: customer_id
in: path
operations:
- name: get-customer
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-kyc-check
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_kyc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
LinkedIn Talent Brand Performance Report
▼
banking hr talent-acquisition linkedin workday
Generates a talent brand performance report by pulling LinkedIn analytics, comparing with Workday hiring data, and posting to Teams.
naftiko: "0.5"
info:
label: "LinkedIn Talent Brand Performance Report"
description: "Generates a talent brand performance report by pulling LinkedIn analytics, comparing with Workday hiring data, and posting to Teams."
tags:
- banking
- hr
- talent-acquisition
- linkedin
- workday
capability:
exposes:
- type: mcp
namespace: ta-ops
port: 8080
tools:
- name: generate-talent-report
description: "Given a reporting week, pull LinkedIn employer brand metrics, compare against Workday requisitions, and post a digest to Teams."
inputParameters:
- name: week
in: body
type: string
description: "Reporting week."
- name: region
in: body
type: string
description: "Region."
- name: ta_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-metrics
type: call
call: linkedin.get-brand-metrics
with:
week: "{{week}}"
region: "{{region}}"
- name: get-reqs
type: call
call: workday.get-open-reqs
with:
region: "{{region}}"
- name: post-digest
type: call
call: msteams.post-channel
with:
channel_id: "{{ta_channel_id}}"
text: "Talent Brand: {{week}} ({{region}}). Impressions: {{get-metrics.impressions}} | Open reqs: {{get-reqs.count}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: analytics
path: "/organizationalEntityShareStatistics"
operations:
- name: get-brand-metrics
method: GET
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Recruiting/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: requisitions
path: "/job-requisitions"
operations:
- name: get-open-reqs
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Loan Origination Document Collection
▼
banking lending salesforce servicenow document-management
Collects loan origination documents by tracking submission status in Salesforce, sending reminders via email, and logging progress in ServiceNow.
naftiko: "0.5"
info:
label: "Loan Origination Document Collection"
description: "Collects loan origination documents by tracking submission status in Salesforce, sending reminders via email, and logging progress in ServiceNow."
tags:
- banking
- lending
- salesforce
- servicenow
- document-management
capability:
exposes:
- type: mcp
namespace: lending-ops
port: 8080
tools:
- name: collect-loan-documents
description: "Given a loan application ID, check document status in Salesforce, send reminders for missing docs, and log progress in ServiceNow."
inputParameters:
- name: application_id
in: body
type: string
description: "Loan application ID."
- name: applicant_email
in: body
type: string
description: "Applicant email."
- name: lo_upn
in: body
type: string
description: "Loan officer UPN."
steps:
- name: check-docs
type: call
call: sf.get-doc-status
with:
application_id: "{{application_id}}"
- name: send-reminder
type: call
call: msgraph.send-mail
with:
to: "{{applicant_email}}"
subject: "Documents Needed: Loan Application {{application_id}}"
body: "Missing: {{check-docs.missing_documents}}"
- name: log-progress
type: call
call: snow.update-task
with:
short_description: "Doc collection: {{application_id}}"
description: "Complete: {{check-docs.complete_count}} | Missing: {{check-docs.missing_count}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: applications
path: "/sobjects/Loan_Application__c/{{application_id}}"
inputParameters:
- name: application_id
in: path
operations:
- name: get-doc-status
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@citi.com/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_loan_task"
operations:
- name: update-task
method: POST
Loan Origination Document Tracker
▼
banking lending salesforce servicenow document-management
Tracks loan document collection by checking Salesforce, sending reminders, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Loan Origination Document Tracker"
description: "Tracks loan document collection by checking Salesforce, sending reminders, and logging in ServiceNow."
tags:
- banking
- lending
- salesforce
- servicenow
- document-management
capability:
exposes:
- type: mcp
namespace: lending-ops
port: 8080
tools:
- name: track-loan-documents
description: "Given a loan application ID, check document status, send reminders, and log progress."
inputParameters:
- name: application_id
in: body
type: string
description: "Application ID."
- name: applicant_email
in: body
type: string
description: "Applicant email."
- name: lo_upn
in: body
type: string
description: "Loan officer UPN."
steps:
- name: check-docs
type: call
call: sf.get-doc-status
with:
application_id: "{{application_id}}"
- name: send-reminder
type: call
call: msgraph.send-mail
with:
to: "{{applicant_email}}"
subject: "Documents Needed: {{application_id}}"
body: "Missing: {{check-docs.missing_documents}}"
- name: log-progress
type: call
call: snow.update-task
with:
short_description: "Docs: {{application_id}}"
description: "Complete: {{check-docs.complete_count}}"
consumes:
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: applications
path: "/sobjects/Loan_Application__c/{{application_id}}"
operations:
- name: get-doc-status
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@citi.com/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_loan_task"
operations:
- name: update-task
method: POST
Market Risk Daily VaR Report
▼
banking market-risk trading snowflake reporting
Generates a daily Value-at-Risk report by pulling positions from Snowflake, computing VaR, and distributing to risk management via Teams.
naftiko: "0.5"
info:
label: "Market Risk Daily VaR Report"
description: "Generates a daily Value-at-Risk report by pulling positions from Snowflake, computing VaR, and distributing to risk management via Teams."
tags:
- banking
- market-risk
- trading
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: risk-ops
port: 8080
tools:
- name: generate-var-report
description: "Given a trading desk and report date, pull positions from Snowflake, compute VaR metrics, and post to the risk channel."
inputParameters:
- name: trading_desk
in: body
type: string
description: "Trading desk name."
- name: report_date
in: body
type: string
description: "Report date."
- name: risk_channel_id
in: body
type: string
description: "Risk Teams channel."
steps:
- name: get-positions
type: call
call: snowflake.query-positions
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: compute-var
type: call
call: snowflake.compute-var
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{risk_channel_id}}"
text: "Daily VaR: {{trading_desk}} — {{report_date}}. VaR(95): ${{compute-var.var_95}} | VaR(99): ${{compute-var.var_99}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-positions
method: POST
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: compute-var
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Market Risk Daily VaR Reporter
▼
banking market-risk trading snowflake reporting
Generates a daily VaR report by pulling positions from Snowflake, computing VaR, and posting to Teams.
naftiko: "0.5"
info:
label: "Market Risk Daily VaR Reporter"
description: "Generates a daily VaR report by pulling positions from Snowflake, computing VaR, and posting to Teams."
tags:
- banking
- market-risk
- trading
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: risk-ops
port: 8080
tools:
- name: generate-var-report
description: "Given a trading desk and date, pull positions, compute VaR, and post to the risk channel."
inputParameters:
- name: trading_desk
in: body
type: string
description: "Trading desk."
- name: report_date
in: body
type: string
description: "Report date."
- name: risk_channel_id
in: body
type: string
description: "Risk channel."
steps:
- name: get-positions
type: call
call: snowflake.query-positions
with:
desk: "{{trading_desk}}"
date: "{{report_date}}"
- name: compute-var
type: call
call: snowflake.compute-var
with:
desk: "{{trading_desk}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{risk_channel_id}}"
text: "VaR: {{trading_desk}} — {{report_date}}. VaR(95): ${{compute-var.var_95}} | VaR(99): ${{compute-var.var_99}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-positions
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Okta MFA Enrollment Compliance Audit
▼
banking security okta mfa servicenow compliance
Audits MFA enrollment by querying Okta for unenrolled users, creating compliance tasks in ServiceNow, and notifying IT security via Teams.
naftiko: "0.5"
info:
label: "Okta MFA Enrollment Compliance Audit"
description: "Audits MFA enrollment by querying Okta for unenrolled users, creating compliance tasks in ServiceNow, and notifying IT security via Teams."
tags:
- banking
- security
- okta
- mfa
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: mfa-ops
port: 8080
tools:
- name: audit-mfa-compliance
description: "Query Okta for users without MFA, create a compliance task in ServiceNow, and notify IT security in Teams."
inputParameters:
- name: department
in: body
type: string
description: "Department to audit."
- name: security_lead_upn
in: body
type: string
description: "UPN of security lead."
steps:
- name: get-unenrolled
type: call
call: okta.list-unenrolled
with:
department: "{{department}}"
- name: create-task
type: call
call: snow.create-task
with:
short_description: "MFA non-compliance: {{department}}"
description: "Unenrolled: {{get-unenrolled.count}}"
- name: notify-lead
type: call
call: msteams.send-message
with:
recipient_upn: "{{security_lead_upn}}"
text: "MFA audit: {{department}} — {{get-unenrolled.count}} unenrolled. Task: {{create-task.number}}"
consumes:
- type: http
namespace: okta
baseUri: "https://citi.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users?filter=profile.department eq \"{{department}}\""
inputParameters:
- name: department
in: query
operations:
- name: list-unenrolled
method: GET
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_compliance_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Okta User Account Status Lookup
▼
banking security okta identity lookup
Looks up an Okta user by email and returns the account status, last login timestamp, and MFA enrollment state.
naftiko: "0.5"
info:
label: "Okta User Account Status Lookup"
description: "Looks up an Okta user by email and returns the account status, last login timestamp, and MFA enrollment state."
tags:
- banking
- security
- okta
- identity
- lookup
capability:
exposes:
- type: mcp
namespace: identity-ops
port: 8080
tools:
- name: get-user-status
description: "Given a user email, return the Okta account status, last login, and MFA enrollment status."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address."
call: okta.get-user
with:
login: "{{user_email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: last_login
type: string
mapping: "$.lastLogin"
consumes:
- namespace: okta
type: http
baseUri: "https://citi.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: identity-ops
path: "/{{id}}"
operations:
- name: get-user
method: GET
PagerDuty On-Call Schedule Lookup
▼
banking it-operations pagerduty incident-management lookup
Retrieves the current on-call engineer for a PagerDuty schedule.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Lookup"
description: "Retrieves the current on-call engineer for a PagerDuty schedule."
tags:
- banking
- it-operations
- pagerduty
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: incident-ops
port: 8080
tools:
- name: get-on-call
description: "Given a PagerDuty schedule ID, return the currently on-call user name and email."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID."
call: pagerduty.get-oncall
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user_name
type: string
mapping: "$.oncalls[0].user.name"
- name: user_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- namespace: pagerduty
type: http
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incident-ops
path: "/{{id}}"
operations:
- name: get-oncall
method: GET
Power BI Dataset Refresh Status Check
▼
banking analytics power-bi reporting lookup
Checks the refresh status of a Power BI dataset and returns the last refresh time and status.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Status Check"
description: "Checks the refresh status of a Power BI dataset and returns the last refresh time and status."
tags:
- banking
- analytics
- power-bi
- reporting
- lookup
capability:
exposes:
- type: mcp
namespace: bi-ops
port: 8080
tools:
- name: get-dataset-refresh
description: "Given a Power BI dataset ID, return the last refresh timestamp and status."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset GUID."
call: pbi.get-refresh
with:
datasetId: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].status"
- name: end_time
type: string
mapping: "$.value[0].endTime"
consumes:
- namespace: pbi
type: http
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: bi-ops
path: "/{{id}}"
operations:
- name: get-refresh
method: GET
Power BI Regulatory Reporting Dashboard Refresh
▼
analytics power-bi snowflake reporting regulatory
Triggers a scheduled Power BI dataset refresh for the regulatory capital and liquidity reporting dashboard, pulling data from Snowflake for submission readiness.
naftiko: "0.5"
info:
label: "Power BI Regulatory Reporting Dashboard Refresh"
description: "Triggers a scheduled Power BI dataset refresh for the regulatory capital and liquidity reporting dashboard, pulling data from Snowflake for submission readiness."
tags:
- analytics
- power-bi
- snowflake
- reporting
- regulatory
capability:
exposes:
- type: mcp
namespace: regulatory-reporting
port: 8080
tools:
- name: refresh-regulatory-dashboard
description: "Trigger an on-demand or scheduled Power BI dataset refresh for the regulatory capital and liquidity reporting dashboard. Use before submission deadlines or for executive review."
inputParameters:
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID for the regulatory reporting dashboard."
call: powerbi.trigger-refresh
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: refresh_id
type: string
mapping: "$.id"
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refreshes
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Quarterly Financial Report Generator
▼
banking finance analytics snowflake power-bi reporting
Generates a quarterly financial report by querying Snowflake for KPIs, refreshing Power BI dashboards, and distributing via email to the executive team.
naftiko: "0.5"
info:
label: "Quarterly Financial Report Generator"
description: "Generates a quarterly financial report by querying Snowflake for KPIs, refreshing Power BI dashboards, and distributing via email to the executive team."
tags:
- banking
- finance
- analytics
- snowflake
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: finance-reporting
port: 8080
tools:
- name: generate-financial-report
description: "Given a reporting quarter, query Snowflake for financial KPIs, trigger a Power BI refresh, and email the report link to executives."
inputParameters:
- name: quarter
in: body
type: string
description: "Reporting quarter."
- name: exec_dl
in: body
type: string
description: "Executive distribution list email."
steps:
- name: query-kpis
type: call
call: snowflake.run-query
with:
query: "SELECT * FROM financial_kpis WHERE quarter='{{quarter}}'"
- name: refresh-pbi
type: call
call: powerbi.trigger-refresh
with:
datasetId: "financial-dashboard"
- name: send-report
type: call
call: msgraph.send-mail
with:
to: "{{exec_dl}}"
subject: "Financial Report — {{quarter}}"
body: "Revenue: {{query-kpis.revenue}} | Expenses: {{query-kpis.expenses}}. Dashboard refreshed."
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/noreply@citi.com/sendMail"
operations:
- name: send-mail
method: POST
Refinitiv FX Rate Lookup
▼
banking refinitiv foreign-exchange trading lookup
Retrieves the current foreign exchange rate from Refinitiv for a specified currency pair.
naftiko: "0.5"
info:
label: "Refinitiv FX Rate Lookup"
description: "Retrieves the current foreign exchange rate from Refinitiv for a specified currency pair."
tags:
- banking
- refinitiv
- foreign-exchange
- trading
- lookup
capability:
exposes:
- type: mcp
namespace: fx-ops
port: 8080
tools:
- name: get-fx-rate
description: "Given a currency pair, return the current bid, ask, and mid rates."
inputParameters:
- name: currency_pair
in: body
type: string
description: "Currency pair, e.g. EURUSD."
call: refinitiv.get-fx-rate
with:
pair: "{{currency_pair}}"
outputParameters:
- name: bid
type: number
mapping: "$.data[0].bid"
- name: ask
type: number
mapping: "$.data[0].ask"
- name: mid
type: number
mapping: "$.data[0].mid"
consumes:
- namespace: refinitiv
type: http
baseUri: "https://api.refinitiv.com/data/pricing/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: quotes
path: "/quotes/{{pair}}"
operations:
- name: get-fx-rate
method: GET
Regulatory Capital Adequacy Check
▼
banking regulatory capital snowflake sap compliance
Checks regulatory capital adequacy by pulling risk-weighted assets from Snowflake, comparing against SAP capital accounts, and reporting to compliance.
naftiko: "0.5"
info:
label: "Regulatory Capital Adequacy Check"
description: "Checks regulatory capital adequacy by pulling risk-weighted assets from Snowflake, comparing against SAP capital accounts, and reporting to compliance."
tags:
- banking
- regulatory
- capital
- snowflake
- sap
- compliance
capability:
exposes:
- type: mcp
namespace: capital-ops
port: 8080
tools:
- name: check-capital-adequacy
description: "Given a reporting date, pull RWA from Snowflake, compare with SAP capital, and notify the compliance team in Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: compliance_channel_id
in: body
type: string
description: "Compliance Teams channel."
steps:
- name: get-rwa
type: call
call: snowflake.query-rwa
with:
date: "{{report_date}}"
- name: get-capital
type: call
call: sap-fi.get-capital-accounts
with:
date: "{{report_date}}"
- name: notify-compliance
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Capital adequacy: RWA: ${{get-rwa.total}} | Capital: ${{get-capital.total}} | Ratio: {{get-capital.ratio}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-rwa
method: POST
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: capital
path: "/A_JournalEntry?$filter=PostingDate eq '{{date}}'"
inputParameters:
- name: date
in: query
operations:
- name: get-capital-accounts
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Regulatory Capital Adequacy Reporter
▼
banking regulatory capital snowflake sap compliance
Checks capital adequacy by pulling RWA from Snowflake, comparing SAP capital, and reporting to compliance.
naftiko: "0.5"
info:
label: "Regulatory Capital Adequacy Reporter"
description: "Checks capital adequacy by pulling RWA from Snowflake, comparing SAP capital, and reporting to compliance."
tags:
- banking
- regulatory
- capital
- snowflake
- sap
- compliance
capability:
exposes:
- type: mcp
namespace: capital-ops
port: 8080
tools:
- name: check-capital
description: "Given a report date, pull RWA from Snowflake, compare with SAP capital, and notify compliance."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: compliance_channel_id
in: body
type: string
description: "Compliance channel."
steps:
- name: get-rwa
type: call
call: snowflake.query-rwa
with:
date: "{{report_date}}"
- name: get-capital
type: call
call: sap-fi.get-capital
with:
date: "{{report_date}}"
- name: notify
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Capital adequacy: RWA: ${{get-rwa.total}} | Capital: ${{get-capital.total}} | Ratio: {{get-capital.ratio}}%"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-rwa
method: POST
- type: http
namespace: sap-fi
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: capital
path: "/A_JournalEntry"
operations:
- name: get-capital
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Regulatory Compliance Incident Reporter
▼
compliance servicenow jira microsoft-teams regulatory financial-compliance
When a potential regulatory compliance breach is flagged in ServiceNow, creates a Jira compliance investigation ticket and notifies the Chief Compliance Officer via Microsoft Teams.
naftiko: "0.5"
info:
label: "Regulatory Compliance Incident Reporter"
description: "When a potential regulatory compliance breach is flagged in ServiceNow, creates a Jira compliance investigation ticket and notifies the Chief Compliance Officer via Microsoft Teams."
tags:
- compliance
- servicenow
- jira
- microsoft-teams
- regulatory
- financial-compliance
capability:
exposes:
- type: mcp
namespace: compliance-ops
port: 8080
tools:
- name: report-compliance-incident
description: "Given a ServiceNow compliance incident ID, retrieve the details, create a Jira investigation ticket in the Compliance project, and notify the CCO via Teams for immediate awareness."
inputParameters:
- name: incident_id
in: body
type: string
description: "The ServiceNow compliance incident ID."
- name: regulation_type
in: body
type: string
description: "The regulation category (e.g., AML, KYC, SOX, GDPR)."
steps:
- name: get-incident
type: call
call: servicenow.get-compliance-incident
with:
incident_id: "{{incident_id}}"
- name: create-jira-ticket
type: call
call: jira.create-issue
with:
project_key: "COMP"
issuetype: "Compliance Incident"
summary: "[{{regulation_type}}] Compliance breach: {{get-incident.short_description}}"
description: "ServiceNow: {{incident_id}}\nRegulation: {{regulation_type}}\nDetails: {{get-incident.description}}\nReported by: {{get-incident.reported_by}}"
- name: notify-cco
type: call
call: msteams.send-cco-alert
with:
channel_id: "compliance-executive"
text: "COMPLIANCE INCIDENT REPORTED | {{regulation_type}} | {{get-incident.short_description}} | Jira: {{create-jira-ticket.key}} | SN: {{incident_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: compliance-incidents
path: "/table/incident/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-compliance-incident
method: GET
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: compliance-messages
path: "/teams/compliance/channels/executive/messages"
operations:
- name: send-cco-alert
method: POST
Regulatory Filing Deadline Monitor
▼
banking compliance regulatory snowflake servicenow
Monitors regulatory filing deadlines by querying Snowflake, checking preparation status in ServiceNow, and alerting the compliance team in Teams.
naftiko: "0.5"
info:
label: "Regulatory Filing Deadline Monitor"
description: "Monitors regulatory filing deadlines by querying Snowflake, checking preparation status in ServiceNow, and alerting the compliance team in Teams."
tags:
- banking
- compliance
- regulatory
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: regulatory-ops
port: 8080
tools:
- name: track-filing-deadlines
description: "Given a jurisdiction and filing type, check the filing calendar in Snowflake, verify status in ServiceNow, and alert the compliance channel in Teams."
inputParameters:
- name: jurisdiction
in: body
type: string
description: "Jurisdiction."
- name: filing_type
in: body
type: string
description: "Filing type."
- name: compliance_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: get-deadlines
type: call
call: snowflake.query-filings
with:
jurisdiction: "{{jurisdiction}}"
- name: check-status
type: call
call: snow.get-filing-status
with:
jurisdiction: "{{jurisdiction}}"
- name: alert-team
type: call
call: msteams.post-channel
with:
channel_id: "{{compliance_channel_id}}"
text: "Filing deadline: {{filing_type}} for {{jurisdiction}} — Due: {{get-deadlines.next_deadline}} | Status: {{check-status.status}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-filings
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: filings
path: "/table/u_regulatory_filing?sysparm_query=jurisdiction={{jurisdiction}}"
inputParameters:
- name: jurisdiction
in: query
operations:
- name: get-filing-status
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
SailPoint Identity Governance Lookup
▼
banking security sailpoint identity-governance lookup
Looks up a user identity in SailPoint and returns current entitlements and certification status.
naftiko: "0.5"
info:
label: "SailPoint Identity Governance Lookup"
description: "Looks up a user identity in SailPoint and returns current entitlements and certification status."
tags:
- banking
- security
- sailpoint
- identity-governance
- lookup
capability:
exposes:
- type: mcp
namespace: iam-ops
port: 8080
tools:
- name: get-identity-access
description: "Given a SailPoint identity alias, return the display name, entitlement count, and last certification date."
inputParameters:
- name: identity_alias
in: body
type: string
description: "SailPoint identity alias or email."
call: sailpoint.get-identity
with:
alias: "{{identity_alias}}"
outputParameters:
- name: display_name
type: string
mapping: "$.displayName"
- name: entitlement_count
type: integer
mapping: "$.entitlementCount"
consumes:
- namespace: sailpoint
type: http
baseUri: "https://citi.api.identitynow.com/v3"
authentication:
type: bearer
token: "$secrets.sailpoint_token"
resources:
- name: iam-ops
path: "/{{id}}"
operations:
- name: get-identity
method: GET
Salesforce Account Health Enrichment
▼
banking crm salesforce snowflake sap
Enriches Salesforce account health scores by pulling data from Snowflake, checking billing in SAP, and updating the Salesforce record.
naftiko: "0.5"
info:
label: "Salesforce Account Health Enrichment"
description: "Enriches Salesforce account health scores by pulling data from Snowflake, checking billing in SAP, and updating the Salesforce record."
tags:
- banking
- crm
- salesforce
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: account-ops
port: 8080
tools:
- name: enrich-account-health
description: "Given a Salesforce account ID, pull performance data from Snowflake, check billing in SAP, and update the health score in Salesforce."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: account_manager_upn
in: body
type: string
description: "UPN of account manager."
steps:
- name: get-data
type: call
call: snowflake.query-account-data
with:
account_id: "{{account_id}}"
- name: get-billing
type: call
call: sap-fi.get-ar-aging
with:
account_id: "{{account_id}}"
- name: update-sf
type: call
call: sf.update-health-score
with:
account_id: "{{account_id}}"
score: "{{get-data.health_score}}"
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient_upn: "{{account_manager_upn}}"
text: "Account health updated: {{account_id}}. Score: {{get-data.health_score}} | AR: {{get-billing.days_outstanding}} days"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query-account-data
method: POST
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: ar
path: "/A_JournalEntry?$filter=AccountID eq '{{account_id}}'"
inputParameters:
- name: account_id
in: query
operations:
- name: get-ar-aging
method: GET
- type: http
namespace: sf
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-health-score
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Salesforce Client Account Lookup
▼
banking banking salesforce relationship-management lookup
Retrieves a client account from Salesforce by account ID, returning relationship manager, account tier, and total assets under management.
naftiko: "0.5"
info:
label: "Salesforce Client Account Lookup"
description: "Retrieves a client account from Salesforce by account ID, returning relationship manager, account tier, and total assets under management."
tags:
- banking
- banking
- salesforce
- relationship-management
- lookup
capability:
exposes:
- type: mcp
namespace: client-ops
port: 8080
tools:
- name: get-client-account
description: "Given a Salesforce account ID, return the client name, relationship manager, account tier, and AUM."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: sf.get-account
with:
accountId: "{{account_id}}"
outputParameters:
- name: client_name
type: string
mapping: "$.Name"
- name: rm
type: string
mapping: "$.Owner.Name"
- name: tier
type: string
mapping: "$.Tier__c"
consumes:
- namespace: sf
type: http
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: client-ops
path: "/{{id}}"
operations:
- name: get-account
method: GET
Salesforce Client Relationship Renewal Alert
▼
sales salesforce microsoft-teams renewals account-management institutional-banking
Queries Salesforce for high-value institutional client relationships with contract renewals due within 90 days and posts a prioritized alert to the relationship management Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Salesforce Client Relationship Renewal Alert"
description: "Queries Salesforce for high-value institutional client relationships with contract renewals due within 90 days and posts a prioritized alert to the relationship management Microsoft Teams channel."
tags:
- sales
- salesforce
- microsoft-teams
- renewals
- account-management
- institutional-banking
capability:
exposes:
- type: mcp
namespace: rm-renewals
port: 8080
tools:
- name: alert-client-renewals
description: "Query Salesforce for institutional banking client contracts expiring within a given number of days and post a ranked renewal alert to the relationship management Teams channel."
inputParameters:
- name: days_ahead
in: body
type: integer
description: "Number of days ahead to scan for expiring client contracts."
- name: min_revenue_usd
in: body
type: number
description: "Minimum annual revenue threshold to include in the alert."
steps:
- name: get-expiring-contracts
type: call
call: salesforce.get-expiring-contracts
with:
days_ahead: "{{days_ahead}}"
min_revenue: "{{min_revenue_usd}}"
- name: post-renewal-alert
type: call
call: msteams.post-renewal-alert
with:
channel_id: "relationship-management"
text: "Client Renewal Alert | Expiring in {{days_ahead}} days | Contracts: {{get-expiring-contracts.count}} | Total Revenue at Risk: ${{get-expiring-contracts.total_revenue}} | Top Client: {{get-expiring-contracts.top_client}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: expiring-contracts
path: "/query"
inputParameters:
- name: days_ahead
in: query
- name: min_revenue
in: query
operations:
- name: get-expiring-contracts
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: rm-messages
path: "/teams/institutional-banking/channels/rm/messages"
operations:
- name: post-renewal-alert
method: POST
Salesforce Corporate Banking CRM Lead Routing
▼
sales salesforce microsoft-teams crm lead-management corporate-banking
Enriches new Salesforce leads for corporate banking prospects with firmographic data and routes them to the correct relationship manager, notifying via Microsoft Teams.
naftiko: "0.5"
info:
label: "Salesforce Corporate Banking CRM Lead Routing"
description: "Enriches new Salesforce leads for corporate banking prospects with firmographic data and routes them to the correct relationship manager, notifying via Microsoft Teams."
tags:
- sales
- salesforce
- microsoft-teams
- crm
- lead-management
- corporate-banking
capability:
exposes:
- type: mcp
namespace: crm-lead-routing
port: 8080
tools:
- name: route-corporate-lead
description: "Given a Salesforce lead ID for a corporate banking prospect, retrieve the lead, assign it to the appropriate relationship manager based on industry and revenue band, and notify via Teams."
inputParameters:
- name: lead_id
in: body
type: string
description: "The Salesforce lead ID for the corporate banking prospect."
steps:
- name: get-lead
type: call
call: salesforce-lead.get-lead
with:
lead_id: "{{lead_id}}"
- name: assign-lead
type: call
call: salesforce-update.update-lead-owner
with:
lead_id: "{{lead_id}}"
status: "Assigned"
- name: notify-rm
type: call
call: msteams.notify-rm
with:
channel_id: "corporate-banking-rms"
text: "New Corporate Lead Assigned | Company: {{get-lead.company}} | Contact: {{get-lead.first_name}} {{get-lead.last_name}} | Title: {{get-lead.title}} | Lead: {{lead_id}}"
consumes:
- type: http
namespace: salesforce-lead
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead/{{lead_id}}"
inputParameters:
- name: lead_id
in: path
operations:
- name: get-lead
method: GET
- type: http
namespace: salesforce-update
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: lead-updates
path: "/sobjects/Lead/{{lead_id}}"
inputParameters:
- name: lead_id
in: path
operations:
- name: update-lead-owner
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: rm-messages
path: "/teams/corporate-banking/channels/leads/messages"
operations:
- name: notify-rm
method: POST
Salesforce Relationship Manager Assignment Lookup
▼
banking salesforce relationship-management lookup
Retrieves the assigned relationship manager for a client account from Salesforce.
naftiko: "0.5"
info:
label: "Salesforce Relationship Manager Assignment Lookup"
description: "Retrieves the assigned relationship manager for a client account from Salesforce."
tags:
- banking
- salesforce
- relationship-management
- lookup
capability:
exposes:
- type: mcp
namespace: rm-ops
port: 8080
tools:
- name: get-rm-assignment
description: "Given a client account ID, return the relationship manager name, email, and last contact date."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: sf.get-rm
with:
accountId: "{{account_id}}"
outputParameters:
- name: rm_name
type: string
mapping: "$.Owner.Name"
- name: rm_email
type: string
mapping: "$.Owner.Email"
- name: last_contact
type: string
mapping: "$.Last_Contact_Date__c"
consumes:
- namespace: sf
type: http
baseUri: "https://citi.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{accountId}}"
operations:
- name: get-rm
method: GET
Sanctions Screening Handler
▼
banking sanctions compliance snowflake servicenow
Screens customers against sanctions lists in Snowflake, logs in ServiceNow, and escalates matches.
naftiko: "0.5"
info:
label: "Sanctions Screening Handler"
description: "Screens customers against sanctions lists in Snowflake, logs in ServiceNow, and escalates matches."
tags:
- banking
- sanctions
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: sanctions-ops
port: 8080
tools:
- name: screen-sanctions
description: "Given a customer name and country, screen in Snowflake, log in ServiceNow, and notify compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: country
in: body
type: string
description: "Country."
- name: compliance_upn
in: body
type: string
description: "Compliance UPN."
steps:
- name: screen
type: call
call: snowflake.screen-sanctions
with:
customer: "{{customer_name}}"
country: "{{country}}"
- name: log
type: call
call: snow.create-record
with:
short_description: "Sanctions: {{customer_name}}"
description: "Matches: {{screen.match_count}}"
- name: notify
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Sanctions: {{customer_name}} ({{country}}) — {{screen.match_count}} matches. SNOW: {{log.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: screen-sanctions
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: screening
path: "/table/u_sanctions_screening"
operations:
- name: create-record
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
operations:
- name: send-message
method: POST
Sanctions Screening Workflow
▼
banking sanctions compliance snowflake servicenow
Screens customers against sanctions lists by querying Snowflake, logging results in ServiceNow, and escalating matches to the compliance team via Teams.
naftiko: "0.5"
info:
label: "Sanctions Screening Workflow"
description: "Screens customers against sanctions lists by querying Snowflake, logging results in ServiceNow, and escalating matches to the compliance team via Teams."
tags:
- banking
- sanctions
- compliance
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: sanctions-ops
port: 8080
tools:
- name: screen-sanctions
description: "Given a customer name and country, run sanctions screening in Snowflake, log in ServiceNow, and escalate matches to compliance."
inputParameters:
- name: customer_name
in: body
type: string
description: "Customer name."
- name: country
in: body
type: string
description: "Customer country."
- name: compliance_upn
in: body
type: string
description: "Compliance officer UPN."
steps:
- name: run-screening
type: call
call: snowflake.screen-sanctions
with:
customer: "{{customer_name}}"
country: "{{country}}"
- name: log-result
type: call
call: snow.create-screening-record
with:
short_description: "Sanctions: {{customer_name}} ({{country}})"
description: "Match count: {{run-screening.match_count}}"
- name: notify-compliance
type: call
call: msteams.send-message
with:
recipient_upn: "{{compliance_upn}}"
text: "Sanctions screening: {{customer_name}} ({{country}}) — Matches: {{run-screening.match_count}}. SNOW: {{log-result.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: screen-sanctions
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: screening
path: "/table/u_sanctions_screening"
operations:
- name: create-screening-record
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Concur Expense Policy Violation Audit
▼
finance sap-concur jira expense-management compliance audit
Retrieves submitted expense reports from SAP Concur and creates Jira audit tasks for finance compliance when reports exceed policy thresholds or contain restricted categories.
naftiko: "0.5"
info:
label: "SAP Concur Expense Policy Violation Audit"
description: "Retrieves submitted expense reports from SAP Concur and creates Jira audit tasks for finance compliance when reports exceed policy thresholds or contain restricted categories."
tags:
- finance
- sap-concur
- jira
- expense-management
- compliance
- audit
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit-expense-policy-violations
description: "Retrieve expense reports from SAP Concur for a given period and automatically create Jira compliance audit tasks for any reports exceeding the single-transaction threshold or containing flagged categories."
inputParameters:
- name: period
in: body
type: string
description: "The expense period to audit (e.g., '2026-03')."
- name: threshold_usd
in: body
type: number
description: "Single-transaction threshold in USD that triggers a policy flag."
steps:
- name: get-flagged-reports
type: call
call: concur.get-expense-reports
with:
period: "{{period}}"
exceeds_amount: "{{threshold_usd}}"
- name: create-audit-task
type: call
call: jira.create-audit-task
with:
project_key: "FIN"
issuetype: "Task"
summary: "Expense policy violation: {{get-flagged-reports.report_name}} ({{period}})"
description: "Report ID: {{get-flagged-reports.report_id}}\nSubmitter: {{get-flagged-reports.submitted_by}}\nAmount: {{get-flagged-reports.total}}\nThreshold: {{threshold_usd}}"
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports"
inputParameters:
- name: period
in: query
- name: exceeds_amount
in: query
operations:
- name: get-expense-reports
method: GET
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: audit-tasks
path: "/issue"
operations:
- name: create-audit-task
method: POST
SAP Concur Expense Report Status Lookup
▼
banking finance sap-concur expense-management lookup
Retrieves an SAP Concur expense report by ID, returning the total amount, approval status, and owner.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Status Lookup"
description: "Retrieves an SAP Concur expense report by ID, returning the total amount, approval status, and owner."
tags:
- banking
- finance
- sap-concur
- expense-management
- lookup
capability:
exposes:
- type: mcp
namespace: expense-ops
port: 8080
tools:
- name: get-expense-report
description: "Given a Concur report ID, return the total, currency, approval status, and submitter name."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID."
call: concur.get-report
with:
reportId: "{{report_id}}"
outputParameters:
- name: total
type: number
mapping: "$.Total"
- name: status
type: string
mapping: "$.ApprovalStatusName"
- name: owner
type: string
mapping: "$.OwnerName"
consumes:
- namespace: concur
type: http
baseUri: "https://api.citi.com/v1"
authentication:
type: bearer
token: "$secrets.api_token"
resources:
- name: expense-ops
path: "/{{id}}"
operations:
- name: get-report
method: GET
SAP General Ledger Balance Check
▼
banking finance sap accounting lookup
Retrieves the current balance for a specified SAP general ledger account and company code.
naftiko: "0.5"
info:
label: "SAP General Ledger Balance Check"
description: "Retrieves the current balance for a specified SAP general ledger account and company code."
tags:
- banking
- finance
- sap
- accounting
- lookup
capability:
exposes:
- type: mcp
namespace: gl-ops
port: 8080
tools:
- name: get-gl-balance
description: "Given an SAP company code and GL account, return the current balance and currency."
inputParameters:
- name: company_code
in: body
type: string
description: "SAP company code."
- name: gl_account
in: body
type: string
description: "GL account number."
call: sap-fi.get-balance
with:
CompanyCode: "{{company_code}}"
GLAccount: "{{gl_account}}"
outputParameters:
- name: balance
type: number
mapping: "$.d.EndingBalanceAmtInCoCodeCrcy"
- name: currency
type: string
mapping: "$.d.CompanyCodeCurrency"
consumes:
- namespace: sap-fi
type: http
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: gl-ops
path: "/{{id}}"
operations:
- name: get-balance
method: GET
SAP General Ledger Period Close Orchestrator
▼
finance sap microsoft-teams period-close general-ledger
Orchestrates the monthly general ledger period close sequence in SAP S/4HANA, running variance checks, posting journal adjustments, and notifying the controller team via Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP General Ledger Period Close Orchestrator"
description: "Orchestrates the monthly general ledger period close sequence in SAP S/4HANA, running variance checks, posting journal adjustments, and notifying the controller team via Microsoft Teams."
tags:
- finance
- sap
- microsoft-teams
- period-close
- general-ledger
capability:
exposes:
- type: mcp
namespace: gl-period-close
port: 8080
tools:
- name: run-period-close
description: "Initiate the monthly GL period close for a given company code and fiscal period in SAP S/4HANA. Run variance checks and notify the controller team via Teams upon completion."
inputParameters:
- name: company_code
in: body
type: string
description: "The SAP company code for the period close (e.g., 1000)."
- name: fiscal_period
in: body
type: string
description: "The fiscal period in YYYYMM format (e.g., 202603)."
steps:
- name: close-period
type: call
call: sap.close-fiscal-period
with:
company_code: "{{company_code}}"
fiscal_period: "{{fiscal_period}}"
- name: notify-controller
type: call
call: msteams.post-close-notification
with:
channel_id: "finance-controllers"
text: "Period close initiated for Company Code {{company_code}}, Period {{fiscal_period}}. Status: {{close-period.status}}. Run ID: {{close-period.run_id}}"
consumes:
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/FAR_ACCRUAL_API_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: fiscal-periods
path: "/FiscalPeriodCloseSet"
operations:
- name: close-fiscal-period
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: channel-messages
path: "/teams/finance/channels/controllers/messages"
operations:
- name: post-close-notification
method: POST
SAP Invoice Three-Way Match Workflow
▼
banking finance accounts-payable sap servicenow
Performs a three-way match on a vendor invoice by verifying the PO in SAP, confirming goods receipt, and routing for approval with Teams notification.
naftiko: "0.5"
info:
label: "SAP Invoice Three-Way Match Workflow"
description: "Performs a three-way match on a vendor invoice by verifying the PO in SAP, confirming goods receipt, and routing for approval with Teams notification."
tags:
- banking
- finance
- accounts-payable
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: ap-ops
port: 8080
tools:
- name: three-way-match
description: "Given an invoice and PO number, verify the PO in SAP, confirm goods receipt, create an approval in ServiceNow, and notify AP via Teams."
inputParameters:
- name: invoice_number
in: body
type: string
description: "Vendor invoice number."
- name: po_number
in: body
type: string
description: "SAP purchase order number."
- name: ap_manager_upn
in: body
type: string
description: "UPN of AP manager."
steps:
- name: verify-po
type: call
call: sap.get-po
with:
po_number: "{{po_number}}"
- name: check-gr
type: call
call: sap.get-goods-receipt
with:
po_number: "{{po_number}}"
- name: create-approval
type: call
call: snow.create-approval
with:
short_description: "Invoice approval: {{invoice_number}} — PO {{po_number}}"
description: "PO Amount: {{verify-po.total_amount}} | GR: {{check-gr.status}}"
- name: notify-ap
type: call
call: msteams.send-message
with:
recipient_upn: "{{ap_manager_upn}}"
text: "Three-way match: Invoice {{invoice_number}} — PO {{po_number}}. GR: {{check-gr.status}}. Approval: {{create-approval.number}}"
consumes:
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
- name: goods-receipts
path: "/A_PurchaseOrder('{{po_number}}')/to_GoodsReceipt"
inputParameters:
- name: po_number
in: path
operations:
- name: get-goods-receipt
method: GET
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: approvals
path: "/table/sysapproval_approver"
operations:
- name: create-approval
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Period-End Journal Entry Validation
▼
banking finance accounting sap snowflake
Validates period-end journal entries by pulling entries from SAP, cross-checking balances in Snowflake, and notifying the controller via Teams.
naftiko: "0.5"
info:
label: "SAP Period-End Journal Entry Validation"
description: "Validates period-end journal entries by pulling entries from SAP, cross-checking balances in Snowflake, and notifying the controller via Teams."
tags:
- banking
- finance
- accounting
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: gl-ops
port: 8080
tools:
- name: validate-journal-entries
description: "Given a company code and posting period, retrieve journal entries from SAP, validate against Snowflake, and notify the controller of discrepancies."
inputParameters:
- name: company_code
in: body
type: string
description: "SAP company code."
- name: posting_period
in: body
type: string
description: "Posting period."
- name: controller_upn
in: body
type: string
description: "UPN of controller."
steps:
- name: get-entries
type: call
call: sap-fi.get-journal-entries
with:
company_code: "{{company_code}}"
period: "{{posting_period}}"
- name: validate-balances
type: call
call: snowflake.check-recon
with:
company_code: "{{company_code}}"
period: "{{posting_period}}"
- name: notify-controller
type: call
call: msteams.send-message
with:
recipient_upn: "{{controller_upn}}"
text: "Period-end validation: {{company_code}} — {{posting_period}}. Entries: {{get-entries.count}} | Status: {{validate-balances.status}}"
consumes:
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: entries
path: "/A_JournalEntry?$filter=CompanyCode eq '{{company_code}}'"
inputParameters:
- name: company_code
in: query
operations:
- name: get-journal-entries
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-recon
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Purchase Order Status Lookup
▼
finance sap procurement erp
Looks up a SAP S/4HANA purchase order by PO number and returns current approval status, vendor details, and total value for procurement and accounts payable queries.
naftiko: "0.5"
info:
label: "SAP Purchase Order Status Lookup"
description: "Looks up a SAP S/4HANA purchase order by PO number and returns current approval status, vendor details, and total value for procurement and accounts payable queries."
tags:
- finance
- sap
- procurement
- erp
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: "Given a SAP purchase order number, retrieve the PO header status, vendor name, total amount, and currency from SAP S/4HANA. Use for AP reconciliation and procurement approvals."
inputParameters:
- name: po_number
in: body
type: string
description: "The SAP purchase order number (e.g., 4500001234)."
call: sap.get-po
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OverallStatus"
- name: vendor
type: string
mapping: "$.d.Supplier.CompanyName"
- name: total_value
type: string
mapping: "$.d.TotalAmount"
- name: currency
type: string
mapping: "$.d.TransactionCurrency"
consumes:
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
SAP Vendor Master Data Lookup
▼
banking finance sap procurement lookup
Retrieves vendor master data from SAP by vendor number, returning company name, payment terms, and tax ID.
naftiko: "0.5"
info:
label: "SAP Vendor Master Data Lookup"
description: "Retrieves vendor master data from SAP by vendor number, returning company name, payment terms, and tax ID."
tags:
- banking
- finance
- sap
- procurement
- lookup
capability:
exposes:
- type: mcp
namespace: vendor-ops
port: 8080
tools:
- name: get-vendor
description: "Given an SAP vendor number, return the vendor name, payment terms, and tax ID."
inputParameters:
- name: vendor_number
in: body
type: string
description: "SAP vendor account number."
call: sap.get-vendor
with:
Supplier: "{{vendor_number}}"
outputParameters:
- name: vendor_name
type: string
mapping: "$.d.SupplierName"
- name: payment_terms
type: string
mapping: "$.d.PaymentTerms"
consumes:
- namespace: sap
type: http
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: vendor-ops
path: "/{{id}}"
operations:
- name: get-vendor
method: GET
ServiceNow Change Window Compliance Validator
▼
banking it-operations change-management servicenow datadog
Verifies that a change request falls within the approved window by checking ServiceNow, validating service health in Datadog, and notifying the CAB via Teams.
naftiko: "0.5"
info:
label: "ServiceNow Change Window Compliance Validator"
description: "Verifies that a change request falls within the approved window by checking ServiceNow, validating service health in Datadog, and notifying the CAB via Teams."
tags:
- banking
- it-operations
- change-management
- servicenow
- datadog
capability:
exposes:
- type: mcp
namespace: change-ops
port: 8080
tools:
- name: check-change-compliance
description: "Given a change request number and proposed date, verify window compliance in ServiceNow, check Datadog service health, and notify the CAB in Teams."
inputParameters:
- name: change_number
in: body
type: string
description: "Change request number."
- name: proposed_date
in: body
type: string
description: "Proposed date."
- name: cab_channel_id
in: body
type: string
description: "Teams channel ID for CAB."
steps:
- name: check-window
type: call
call: snow.get-change-window
with:
change_number: "{{change_number}}"
- name: check-health
type: call
call: datadog.get-status
with:
date: "{{proposed_date}}"
- name: notify-cab
type: call
call: msteams.post-channel
with:
channel_id: "{{cab_channel_id}}"
text: "Change compliance: {{change_number}} for {{proposed_date}}. Window: {{check-window.status}} | Health: {{check-health.overall}}"
consumes:
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request?sysparm_query=number={{change_number}}"
inputParameters:
- name: change_number
in: query
operations:
- name: get-change-window
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/groups"
operations:
- name: get-status
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
ServiceNow Incident Status Check
▼
banking it-operations servicenow incident-management lookup
Looks up a ServiceNow incident by number and returns current state, priority, and assigned group.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Check"
description: "Looks up a ServiceNow incident by number and returns current state, priority, and assigned group."
tags:
- banking
- it-operations
- servicenow
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: get-incident-status
description: "Given a ServiceNow incident number, return the state, priority, and assignment group."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: snow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
- name: assigned_to
type: string
mapping: "$.result.assignment_group.display_value"
consumes:
- namespace: snow
type: http
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: it-ops
path: "/{{id}}"
operations:
- name: get-incident
method: GET
ServiceNow IT Change Request Approval Digest
▼
itsm servicenow microsoft-teams change-management approval
Retrieves all ServiceNow change requests pending CAB board approval for the upcoming change window and posts a digest to the IT change management Microsoft Teams channel.
naftiko: "0.5"
info:
label: "ServiceNow IT Change Request Approval Digest"
description: "Retrieves all ServiceNow change requests pending CAB board approval for the upcoming change window and posts a digest to the IT change management Microsoft Teams channel."
tags:
- itsm
- servicenow
- microsoft-teams
- change-management
- approval
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: digest-cab-changes
description: "Retrieve all ServiceNow change requests scheduled for the upcoming CAB approval window and post a risk-sorted digest to the IT change management Teams channel."
inputParameters:
- name: change_date
in: body
type: string
description: "The change window date in YYYY-MM-DD format."
steps:
- name: get-pending-changes
type: call
call: servicenow.get-cab-changes
with:
planned_date: "{{change_date}}"
- name: post-digest
type: call
call: msteams.post-cab-digest
with:
channel_id: "it-change-management"
text: "CAB Change Digest | Window: {{change_date}} | Changes: {{get-pending-changes.count}} | High Risk: {{get-pending-changes.high_risk_count}} | Normal: {{get-pending-changes.normal_count}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
inputParameters:
- name: planned_date
in: query
operations:
- name: get-cab-changes
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: change-messages
path: "/teams/it/channels/change-management/messages"
operations:
- name: post-cab-digest
method: POST
ServiceNow Trading Incident Lookup
▼
banking banking trading servicenow incident-management lookup
Looks up a trading platform incident in ServiceNow by incident number and returns status, severity, and affected trading system.
naftiko: "0.5"
info:
label: "ServiceNow Trading Incident Lookup"
description: "Looks up a trading platform incident in ServiceNow by incident number and returns status, severity, and affected trading system."
tags:
- banking
- banking
- trading
- servicenow
- incident-management
- lookup
capability:
exposes:
- type: mcp
namespace: trading-ops
port: 8080
tools:
- name: get-trading-incident
description: "Given a ServiceNow incident number, return the incident state, severity, affected trading system, and resolution target."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: snow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: severity
type: string
mapping: "$.result.severity"
- name: system
type: string
mapping: "$.result.cmdb_ci.display_value"
consumes:
- namespace: snow
type: http
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: trading-ops
path: "/{{id}}"
operations:
- name: get-incident
method: GET
Snowflake Data Pipeline Failure Response
▼
banking data-engineering snowflake jira pagerduty
When a Snowflake pipeline fails, creates a Jira incident, pages the on-call engineer via PagerDuty, and notifies the pipeline owner in Teams.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Failure Response"
description: "When a Snowflake pipeline fails, creates a Jira incident, pages the on-call engineer via PagerDuty, and notifies the pipeline owner in Teams."
tags:
- banking
- data-engineering
- snowflake
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: data-reliability
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a Snowflake task name and error, create a Jira incident, trigger a PagerDuty alert, and notify the owner in Teams."
inputParameters:
- name: task_name
in: body
type: string
description: "Snowflake task name."
- name: error_message
in: body
type: string
description: "Error message."
- name: pipeline_owner
in: body
type: string
description: "Pipeline owner email."
steps:
- name: create-incident
type: call
call: jira.create-issue
with:
project: "DATA"
summary: "Pipeline failure: {{task_name}}"
description: "Error: {{error_message}}"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: "data-engineering"
title: "Pipeline failure: {{task_name}}"
- name: notify-owner
type: call
call: msteams.send-message
with:
recipient_upn: "{{pipeline_owner}}"
text: "Pipeline failure: {{task_name}}. Jira: {{create-incident.key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Snowflake Table Row Count Check
▼
banking data-engineering snowflake analytics lookup
Queries Snowflake to return the row count and last update timestamp for a specified data table.
naftiko: "0.5"
info:
label: "Snowflake Table Row Count Check"
description: "Queries Snowflake to return the row count and last update timestamp for a specified data table."
tags:
- banking
- data-engineering
- snowflake
- analytics
- lookup
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: get-table-stats
description: "Given a Snowflake table name, return the row count and last DML timestamp."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table name."
call: snowflake.query-stats
with:
table: "{{table_name}}"
outputParameters:
- name: row_count
type: integer
mapping: "$.data[0].ROW_COUNT"
- name: last_altered
type: string
mapping: "$.data[0].LAST_ALTERED"
consumes:
- namespace: snowflake
type: http
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: data-ops
path: "/{{id}}"
operations:
- name: query-stats
method: GET
Snowflake Trading Data Quality Check
▼
data snowflake jira data-quality trading
Executes automated data quality assertions on Snowflake trading and position data tables, opening Jira tickets for any rows that breach null rate or value range thresholds.
naftiko: "0.5"
info:
label: "Snowflake Trading Data Quality Check"
description: "Executes automated data quality assertions on Snowflake trading and position data tables, opening Jira tickets for any rows that breach null rate or value range thresholds."
tags:
- data
- snowflake
- jira
- data-quality
- trading
capability:
exposes:
- type: mcp
namespace: trading-data-quality
port: 8080
tools:
- name: check-trading-data-quality
description: "Given a Snowflake trading or position table name and quality thresholds, run null rate and value range assertions. If breached, open a Jira data quality ticket for the data engineering team."
inputParameters:
- name: table_name
in: body
type: string
description: "The fully qualified Snowflake table name (e.g., PROD.TRADING.POSITIONS)."
- name: null_threshold_pct
in: body
type: number
description: "Maximum acceptable null percentage for key columns."
steps:
- name: run-assertions
type: call
call: snowflake.run-quality-assertions
with:
table_name: "{{table_name}}"
null_threshold: "{{null_threshold_pct}}"
- name: open-dq-ticket
type: call
call: jira.create-dq-ticket
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Data quality breach in {{table_name}}"
description: "Table: {{table_name}}\nNull Rate: {{run-assertions.null_rate_pct}}%\nThreshold: {{null_threshold_pct}}%\nAffected Rows: {{run-assertions.affected_row_count}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: run-quality-assertions
method: POST
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: dq-tickets
path: "/issue"
operations:
- name: create-dq-ticket
method: POST
Splunk Security Event Query
▼
banking security splunk siem lookup
Runs a Splunk search for security events matching a query and returns the result count.
naftiko: "0.5"
info:
label: "Splunk Security Event Query"
description: "Runs a Splunk search for security events matching a query and returns the result count."
tags:
- banking
- security
- splunk
- siem
- lookup
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: search-security-events
description: "Given a Splunk search query, execute the search and return the result count and top events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk search query string."
call: splunk.run-search
with:
search: "{{search_query}}"
outputParameters:
- name: result_count
type: integer
mapping: "$.resultCount"
consumes:
- namespace: splunk
type: http
baseUri: "https://citi-splunk.splunkcloud.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: security-ops
path: "/{{id}}"
operations:
- name: run-search
method: GET
Terraform Cloud Network Provisioning Request
▼
cloud terraform servicenow infrastructure network
Triggers a Terraform Cloud workspace run for network infrastructure changes in Citi's cloud environments and creates a ServiceNow change record to gate the deployment approval.
naftiko: "0.5"
info:
label: "Terraform Cloud Network Provisioning Request"
description: "Triggers a Terraform Cloud workspace run for network infrastructure changes in Citi's cloud environments and creates a ServiceNow change record to gate the deployment approval."
tags:
- cloud
- terraform
- servicenow
- infrastructure
- network
capability:
exposes:
- type: mcp
namespace: network-provisioning
port: 8080
tools:
- name: request-network-provisioning
description: "Given a Terraform Cloud workspace ID and change description, trigger an infrastructure plan run for network changes and create a ServiceNow change request for CAB board approval."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Terraform Cloud workspace ID for the network provisioning run."
- name: change_description
in: body
type: string
description: "Description of the network infrastructure change."
- name: environment
in: body
type: string
description: "Target environment (e.g., prod, staging, dr)."
steps:
- name: trigger-run
type: call
call: terraform.create-run
with:
workspace_id: "{{workspace_id}}"
message: "{{change_description}} [env: {{environment}}]"
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: "Network provisioning: {{workspace_id}} in {{environment}}"
description: "{{change_description}}\nTerraform Run: {{trigger-run.run_id}}"
category: "network_infrastructure"
risk: "high"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: create-run
method: POST
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
Terraform Drift Detection and Remediation
▼
banking devops terraform jira infrastructure
Detects Terraform state drift, creates a Jira remediation ticket, and alerts the platform team in Teams.
naftiko: "0.5"
info:
label: "Terraform Drift Detection and Remediation"
description: "Detects Terraform state drift, creates a Jira remediation ticket, and alerts the platform team in Teams."
tags:
- banking
- devops
- terraform
- jira
- infrastructure
capability:
exposes:
- type: mcp
namespace: platform-drift
port: 8080
tools:
- name: handle-terraform-drift
description: "Given a Terraform workspace, check for drift, create a Jira ticket if detected, and notify platform engineering in Teams."
inputParameters:
- name: workspace_name
in: body
type: string
description: "Terraform workspace name."
- name: platform_channel_id
in: body
type: string
description: "Teams channel ID."
steps:
- name: check-drift
type: call
call: tfc.run-plan
with:
workspace: "{{workspace_name}}"
- name: create-ticket
type: call
call: jira.create-issue
with:
project: "PLATFORM"
summary: "Drift detected: {{workspace_name}}"
description: "Changes: {{check-drift.resource_changes}}"
- name: notify-team
type: call
call: msteams.post-channel
with:
channel_id: "{{platform_channel_id}}"
text: "Terraform drift: {{workspace_name}} — {{check-drift.resource_changes}} changes. Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: tfc
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/workspaces/{{workspace}}/runs"
inputParameters:
- name: workspace
in: path
operations:
- name: run-plan
method: POST
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Terraform Workspace State Check
▼
banking devops terraform infrastructure lookup
Retrieves the current state of a Terraform Cloud workspace, returning last run status and resource count.
naftiko: "0.5"
info:
label: "Terraform Workspace State Check"
description: "Retrieves the current state of a Terraform Cloud workspace, returning last run status and resource count."
tags:
- banking
- devops
- terraform
- infrastructure
- lookup
capability:
exposes:
- type: mcp
namespace: infra-ops
port: 8080
tools:
- name: get-workspace-state
description: "Given a Terraform Cloud workspace name, return the last run status and managed resource count."
inputParameters:
- name: workspace_name
in: body
type: string
description: "Terraform Cloud workspace name."
call: tfc.get-workspace
with:
workspace: "{{workspace_name}}"
outputParameters:
- name: last_run_status
type: string
mapping: "$.data.attributes.latest-run.status"
- name: resource_count
type: integer
mapping: "$.data.attributes.resource-count"
consumes:
- namespace: tfc
type: http
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: infra-ops
path: "/{{id}}"
operations:
- name: get-workspace
method: GET
Third-Party Vendor Risk Assessment Workflow
▼
banking procurement risk-management sap-ariba servicenow
Performs a vendor risk assessment by pulling vendor details from SAP Ariba, checking compliance in ServiceNow GRC, and notifying procurement via Teams.
naftiko: "0.5"
info:
label: "Third-Party Vendor Risk Assessment Workflow"
description: "Performs a vendor risk assessment by pulling vendor details from SAP Ariba, checking compliance in ServiceNow GRC, and notifying procurement via Teams."
tags:
- banking
- procurement
- risk-management
- sap-ariba
- servicenow
capability:
exposes:
- type: mcp
namespace: vendor-risk
port: 8080
tools:
- name: assess-vendor-risk
description: "Given a vendor ID, retrieve the vendor profile from SAP Ariba, check GRC compliance in ServiceNow, and send the risk summary to procurement in Teams."
inputParameters:
- name: vendor_id
in: body
type: string
description: "SAP Ariba supplier ID."
- name: procurement_lead_upn
in: body
type: string
description: "UPN of procurement lead."
steps:
- name: get-vendor
type: call
call: ariba.get-supplier
with:
vendorId: "{{vendor_id}}"
- name: check-grc
type: call
call: snow.get-compliance
with:
vendor_name: "{{get-vendor.SupplierName}}"
- name: notify-lead
type: call
call: msteams.send-message
with:
recipient_upn: "{{procurement_lead_upn}}"
text: "Vendor Risk: {{get-vendor.SupplierName}} — GRC: {{check-grc.compliance_status}} | Score: {{check-grc.risk_score}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/supplier-management/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: suppliers
path: "/suppliers/{{vendorId}}"
inputParameters:
- name: vendorId
in: path
operations:
- name: get-supplier
method: GET
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: grc
path: "/table/sn_grc_profile?sysparm_query=name={{vendor_name}}"
inputParameters:
- name: vendor_name
in: query
operations:
- name: get-compliance
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Trade Settlement Exception Handler
▼
banking trading settlement snowflake servicenow
Handles trade settlement exceptions by pulling trade details from Snowflake, creating an exception ticket in ServiceNow, and notifying operations via Teams.
naftiko: "0.5"
info:
label: "Trade Settlement Exception Handler"
description: "Handles trade settlement exceptions by pulling trade details from Snowflake, creating an exception ticket in ServiceNow, and notifying operations via Teams."
tags:
- banking
- trading
- settlement
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: settlement-ops
port: 8080
tools:
- name: handle-settlement-exception
description: "Given a trade ID and exception type, pull details from Snowflake, create a ServiceNow ticket, and notify operations."
inputParameters:
- name: trade_id
in: body
type: string
description: "Trade ID."
- name: exception_type
in: body
type: string
description: "Exception type."
- name: ops_channel_id
in: body
type: string
description: "Operations Teams channel."
steps:
- name: get-trade
type: call
call: snowflake.get-trade-details
with:
trade_id: "{{trade_id}}"
- name: create-ticket
type: call
call: snow.create-exception
with:
short_description: "Settlement exception: {{trade_id}} — {{exception_type}}"
description: "Counterparty: {{get-trade.counterparty}} | Amount: {{get-trade.amount}}"
- name: notify-ops
type: call
call: msteams.post-channel
with:
channel_id: "{{ops_channel_id}}"
text: "Settlement exception: {{trade_id}} — {{exception_type}}. Counterparty: {{get-trade.counterparty}}. SNOW: {{create-ticket.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-trade-details
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: exceptions
path: "/table/u_trade_exception"
operations:
- name: create-exception
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Trade Settlement Exception Workflow
▼
banking trading settlement snowflake servicenow
Handles trade settlement exceptions by pulling details from Snowflake, creating a ServiceNow ticket, and notifying operations.
naftiko: "0.5"
info:
label: "Trade Settlement Exception Workflow"
description: "Handles trade settlement exceptions by pulling details from Snowflake, creating a ServiceNow ticket, and notifying operations."
tags:
- banking
- trading
- settlement
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: settlement-ops
port: 8080
tools:
- name: handle-settlement-exception
description: "Given a trade ID and exception type, pull details, create a ticket, and notify operations."
inputParameters:
- name: trade_id
in: body
type: string
description: "Trade ID."
- name: exception_type
in: body
type: string
description: "Exception type."
- name: ops_channel_id
in: body
type: string
description: "Operations channel."
steps:
- name: get-trade
type: call
call: snowflake.get-trade
with:
trade_id: "{{trade_id}}"
- name: create-ticket
type: call
call: snow.create-exception
with:
short_description: "Settlement: {{trade_id}} — {{exception_type}}"
description: "Counterparty: {{get-trade.counterparty}}"
- name: notify
type: call
call: msteams.post-channel
with:
channel_id: "{{ops_channel_id}}"
text: "Settlement exception: {{trade_id}} — {{exception_type}}. SNOW: {{create-ticket.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-trade
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: exceptions
path: "/table/u_trade_exception"
operations:
- name: create-exception
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Treasury Cash Position Daily Report
▼
banking treasury finance sap snowflake
Generates a daily treasury report by pulling SAP balances, Snowflake market rates, and posting to Teams.
naftiko: "0.5"
info:
label: "Treasury Cash Position Daily Report"
description: "Generates a daily treasury report by pulling SAP balances, Snowflake market rates, and posting to Teams."
tags:
- banking
- treasury
- finance
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: treasury-ops
port: 8080
tools:
- name: generate-cash-report
description: "Given a report date, pull cash balances from SAP, get market rates from Snowflake, and post to Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: treasury_channel_id
in: body
type: string
description: "Treasury channel."
steps:
- name: get-balances
type: call
call: sap-fi.get-cash
with:
date: "{{report_date}}"
- name: get-rates
type: call
call: snowflake.get-rates
with:
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{treasury_channel_id}}"
text: "Treasury {{report_date}}: Cash: ${{get-balances.total}} | Rates updated."
consumes:
- type: http
namespace: sap-fi
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: balances
path: "/A_JournalEntry"
operations:
- name: get-cash
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-rates
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Treasury Cash Position Report
▼
banking treasury finance sap snowflake
Generates a daily treasury cash position report by pulling balances from SAP, enriching with market rates from Snowflake, and distributing via Teams.
naftiko: "0.5"
info:
label: "Treasury Cash Position Report"
description: "Generates a daily treasury cash position report by pulling balances from SAP, enriching with market rates from Snowflake, and distributing via Teams."
tags:
- banking
- treasury
- finance
- sap
- snowflake
capability:
exposes:
- type: mcp
namespace: treasury-ops
port: 8080
tools:
- name: generate-cash-report
description: "Given a reporting date, pull cash balances from SAP, get market rates from Snowflake, and post the treasury report to Teams."
inputParameters:
- name: report_date
in: body
type: string
description: "Report date."
- name: treasury_channel_id
in: body
type: string
description: "Treasury Teams channel."
steps:
- name: get-balances
type: call
call: sap-fi.get-cash-balances
with:
date: "{{report_date}}"
- name: get-rates
type: call
call: snowflake.get-market-rates
with:
date: "{{report_date}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{treasury_channel_id}}"
text: "Treasury Report {{report_date}}: Cash: ${{get-balances.total}} | USD/EUR: {{get-rates.usd_eur}}"
consumes:
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: balances
path: "/A_JournalEntry?$filter=PostingDate eq '{{date}}'"
inputParameters:
- name: date
in: query
operations:
- name: get-cash-balances
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-market-rates
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Vendor Invoice Processing and PO Match
▼
finance sap sap-ariba servicenow accounts-payable invoice-processing
Processes incoming vendor invoices in SAP S/4HANA, matches them against approved purchase orders in SAP Ariba, and flags unmatched invoices via ServiceNow for AP team resolution.
naftiko: "0.5"
info:
label: "Vendor Invoice Processing and PO Match"
description: "Processes incoming vendor invoices in SAP S/4HANA, matches them against approved purchase orders in SAP Ariba, and flags unmatched invoices via ServiceNow for AP team resolution."
tags:
- finance
- sap
- sap-ariba
- servicenow
- accounts-payable
- invoice-processing
capability:
exposes:
- type: mcp
namespace: ap-processing
port: 8080
tools:
- name: process-vendor-invoice
description: "Given an invoice number and vendor ID, retrieve invoice data from SAP S/4HANA, match against the Ariba PO, and open a ServiceNow discrepancy task if amounts or line items do not align."
inputParameters:
- name: invoice_number
in: body
type: string
description: "The vendor invoice number to process."
- name: vendor_id
in: body
type: string
description: "The SAP vendor ID for the submitting vendor."
steps:
- name: get-invoice
type: call
call: sap-ap.get-invoice
with:
invoice_number: "{{invoice_number}}"
- name: get-po
type: call
call: sap-ariba.get-po
with:
vendor_id: "{{vendor_id}}"
invoice_number: "{{invoice_number}}"
- name: flag-discrepancy
type: call
call: servicenow.create-ap-task
with:
short_description: "Invoice discrepancy: {{invoice_number}} | Vendor: {{vendor_id}}"
invoice_amount: "{{get-invoice.total_amount}}"
po_amount: "{{get-po.total_amount}}"
assigned_group: "AP_Team"
consumes:
- type: http
namespace: sap-ap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_SUPPLIER_INVOICE_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: invoices
path: "/A_SupplierInvoice"
inputParameters:
- name: invoice_number
in: query
operations:
- name: get-invoice
method: GET
- type: http
namespace: sap-ariba
baseUri: "https://openapi.ariba.com/api/purchase-orders/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: purchase-orders
path: "/orders"
inputParameters:
- name: vendor_id
in: query
- name: invoice_number
in: query
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: ap-tasks
path: "/table/sc_task"
operations:
- name: create-ap-task
method: POST
Wire Transfer Fraud Screening Workflow
▼
banking fraud-detection payments snowflake sap
Screens wire transfers by checking patterns in Snowflake, creating a hold in SAP, and alerting the fraud team.
naftiko: "0.5"
info:
label: "Wire Transfer Fraud Screening Workflow"
description: "Screens wire transfers by checking patterns in Snowflake, creating a hold in SAP, and alerting the fraud team."
tags:
- banking
- fraud-detection
- payments
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: screen-wire-transfer
description: "Given a wire transfer ID and amount, check patterns in Snowflake, hold in SAP, and alert fraud team."
inputParameters:
- name: transfer_id
in: body
type: string
description: "Transfer ID."
- name: amount
in: body
type: number
description: "Amount."
- name: fraud_channel_id
in: body
type: string
description: "Fraud channel."
steps:
- name: check
type: call
call: snowflake.check-wire
with:
transfer_id: "{{transfer_id}}"
amount: "{{amount}}"
- name: hold
type: call
call: sap-fi.create-hold
with:
transfer_id: "{{transfer_id}}"
reason: "Screening: {{check.risk_level}}"
- name: alert
type: call
call: msteams.post-channel
with:
channel_id: "{{fraud_channel_id}}"
text: "Wire screening: {{transfer_id}} — ${{amount}}. Risk: {{check.risk_level}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-wire
method: POST
- type: http
namespace: sap-fi
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: holds
path: "/A_JournalEntry"
operations:
- name: create-hold
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
operations:
- name: post-channel
method: POST
Wire Transfer Fraud Screening
▼
banking fraud-detection payments snowflake sap
Screens wire transfers for fraud by checking transaction patterns in Snowflake, creating a hold in SAP if suspicious, and alerting the fraud team via Teams.
naftiko: "0.5"
info:
label: "Wire Transfer Fraud Screening"
description: "Screens wire transfers for fraud by checking transaction patterns in Snowflake, creating a hold in SAP if suspicious, and alerting the fraud team via Teams."
tags:
- banking
- fraud-detection
- payments
- snowflake
- sap
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: screen-wire-transfer
description: "Given a wire transfer ID and amount, check patterns in Snowflake, hold in SAP if suspicious, and alert the fraud team."
inputParameters:
- name: transfer_id
in: body
type: string
description: "Wire transfer ID."
- name: amount
in: body
type: number
description: "Transfer amount."
- name: fraud_channel_id
in: body
type: string
description: "Fraud team Teams channel."
steps:
- name: check-patterns
type: call
call: snowflake.check-wire-patterns
with:
transfer_id: "{{transfer_id}}"
amount: "{{amount}}"
- name: hold-payment
type: call
call: sap-fi.create-hold
with:
transfer_id: "{{transfer_id}}"
reason: "Fraud screening: {{check-patterns.risk_level}}"
- name: alert-fraud
type: call
call: msteams.post-channel
with:
channel_id: "{{fraud_channel_id}}"
text: "Wire screening: {{transfer_id}} — ${{amount}}. Risk: {{check-patterns.risk_level}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: check-wire-patterns
method: POST
- type: http
namespace: sap
baseUri: "https://citi-s4.sap.com/sap/opu/odata/sap/API_JOURNAL_ENTRY_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: holds
path: "/A_JournalEntry"
operations:
- name: create-hold
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Workday Benefits Enrollment Reminder Workflow
▼
banking hr benefits workday microsoft-graph servicenow
Sends benefits open enrollment reminders by querying Workday for incomplete enrollments, sending emails via Microsoft Graph, and logging in ServiceNow.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Reminder Workflow"
description: "Sends benefits open enrollment reminders by querying Workday for incomplete enrollments, sending emails via Microsoft Graph, and logging in ServiceNow."
tags:
- banking
- hr
- benefits
- workday
- microsoft-graph
- servicenow
capability:
exposes:
- type: mcp
namespace: benefits-ops
port: 8080
tools:
- name: send-enrollment-reminders
description: "Given an enrollment period and deadline, query Workday for incomplete enrollments, send reminder emails, and log the outreach in ServiceNow."
inputParameters:
- name: enrollment_period
in: body
type: string
description: "Enrollment period."
- name: deadline_date
in: body
type: string
description: "Deadline in YYYY-MM-DD."
steps:
- name: get-incomplete
type: call
call: workday.get-incomplete-enrollment
with:
period: "{{enrollment_period}}"
- name: send-reminders
type: call
call: msgraph.send-bulk-mail
with:
subject: "Benefits Enrollment Deadline {{deadline_date}}"
body: "Please complete enrollment by {{deadline_date}}."
- name: log-outreach
type: call
call: snow.create-task
with:
short_description: "Benefits reminders: {{enrollment_period}}"
description: "Incomplete: {{get-incomplete.count}} | Deadline: {{deadline_date}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Benefits/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: enrollment
path: "/benefit-elections?status=incomplete"
operations:
- name: get-incomplete-enrollment
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/users/benefits@citi.com/sendMail"
operations:
- name: send-bulk-mail
method: POST
- type: http
namespace: snow
baseUri: "https://citi.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_benefits_task"
operations:
- name: create-task
method: POST
Workday Benefits Enrollment Status Reminder
▼
hr workday microsoft-teams benefits enrollment
Retrieves employees with incomplete annual benefits enrollment from Workday and sends targeted reminders via Microsoft Teams to employees and their HR business partners.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Status Reminder"
description: "Retrieves employees with incomplete annual benefits enrollment from Workday and sends targeted reminders via Microsoft Teams to employees and their HR business partners."
tags:
- hr
- workday
- microsoft-teams
- benefits
- enrollment
capability:
exposes:
- type: mcp
namespace: benefits-enrollment
port: 8080
tools:
- name: send-enrollment-reminders
description: "During open enrollment, retrieve all employees who have not completed benefits elections in Workday and broadcast reminder messages via Microsoft Teams to drive completion before the deadline."
inputParameters:
- name: enrollment_period_id
in: body
type: string
description: "The Workday benefits enrollment period identifier."
- name: deadline_date
in: body
type: string
description: "The enrollment deadline in YYYY-MM-DD format."
steps:
- name: get-incomplete
type: call
call: workday.get-incomplete-elections
with:
enrollment_period: "{{enrollment_period_id}}"
- name: send-reminder
type: call
call: msteams.send-benefits-reminder
with:
channel_id: "hr-announcements"
text: "Benefits Enrollment Reminder | Period: {{enrollment_period_id}} | Deadline: {{deadline_date}} | {{get-incomplete.count}} employees have not yet completed enrollment. Please log in to Workday to complete your benefit elections."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: benefit-elections
path: "/benefitElections"
inputParameters:
- name: enrollment_period
in: query
operations:
- name: get-incomplete-elections
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: hr-messages
path: "/teams/hr/channels/announcements/messages"
operations:
- name: send-benefits-reminder
method: POST
Workday Compensation Review Cycle Trigger
▼
hr workday jira microsoft-teams compensation performance-management
Initiates the annual compensation review cycle in Workday for a given organization unit, creates planning Jira tasks for HR business partners, and notifies them via Microsoft Teams.
naftiko: "0.5"
info:
label: "Workday Compensation Review Cycle Trigger"
description: "Initiates the annual compensation review cycle in Workday for a given organization unit, creates planning Jira tasks for HR business partners, and notifies them via Microsoft Teams."
tags:
- hr
- workday
- jira
- microsoft-teams
- compensation
- performance-management
capability:
exposes:
- type: mcp
namespace: compensation-review
port: 8080
tools:
- name: trigger-compensation-review
description: "Given a Workday organization unit and review cycle name, initiate the compensation review process, create Jira planning tasks for each HR BP, and notify the HR leadership team via Teams."
inputParameters:
- name: org_unit_id
in: body
type: string
description: "The Workday organization unit ID for the compensation review."
- name: review_cycle_name
in: body
type: string
description: "The name of the compensation review cycle (e.g., '2026 Annual Review')."
- name: deadline
in: body
type: string
description: "The review completion deadline in YYYY-MM-DD format."
steps:
- name: initiate-review
type: call
call: workday.initiate-compensation-review
with:
org_unit_id: "{{org_unit_id}}"
review_cycle_name: "{{review_cycle_name}}"
- name: create-planning-task
type: call
call: jira.create-hr-task
with:
project_key: "HROP"
issuetype: "Task"
summary: "Compensation review cycle: {{review_cycle_name}} - {{org_unit_id}}"
due_date: "{{deadline}}"
- name: notify-hr-team
type: call
call: msteams.notify-hr
with:
channel_id: "hr-leadership"
text: "Compensation Review Initiated | Cycle: {{review_cycle_name}} | Org: {{org_unit_id}} | Deadline: {{deadline}} | Jira Task: {{create-planning-task.key}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: compensation-reviews
path: "/compensationReviews"
operations:
- name: initiate-compensation-review
method: POST
- type: http
namespace: jira
baseUri: "https://citi.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: hr-tasks
path: "/issue"
operations:
- name: create-hr-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.ms_graph_token"
resources:
- name: hr-messages
path: "/teams/hr/channels/leadership/messages"
operations:
- name: notify-hr
method: POST
Workday Contractor Status Lookup
▼
hr workday contractor-management lookup
Retrieves contractor engagement status from Workday, returning contract end date, rate, and hiring manager.
naftiko: "0.5"
info:
label: "Workday Contractor Status Lookup"
description: "Retrieves contractor engagement status from Workday, returning contract end date, rate, and hiring manager."
tags:
- hr
- workday
- contractor-management
- lookup
capability:
exposes:
- type: mcp
namespace: contractor-ops
port: 8080
tools:
- name: get-contractor-status
description: "Given a contractor worker ID, return the contract end date, billing rate, and hiring manager name."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday contingent worker ID."
call: workday.get-contingent-worker
with:
Worker_ID: "{{worker_id}}"
outputParameters:
- name: end_date
type: string
mapping: "$.Worker.Contract_End_Date"
- name: billing_rate
type: number
mapping: "$.Worker.Bill_Rate"
- name: manager
type: string
mapping: "$.Worker.Manager_Name"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: contingent-workers
path: "/contingent-workers/{{Worker_ID}}"
operations:
- name: get-contingent-worker
method: GET
Workday Employee Profile Lookup
▼
banking hr workday employee-management lookup
Retrieves an employee profile from Workday by employee ID, returning name, department, title, and manager.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves an employee profile from Workday by employee ID, returning name, department, title, and manager."
tags:
- banking
- hr
- workday
- employee-management
- lookup
capability:
exposes:
- type: mcp
namespace: hr-ops
port: 8080
tools:
- name: get-employee-profile
description: "Given a Workday employee ID, return the employee full name, department, job title, and manager name."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-worker
with:
Worker_ID: "{{employee_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.Worker.Worker_Data.Personal_Data.Name_Data.Legal_Name"
- name: department
type: string
mapping: "$.Worker.Worker_Data.Organization_Data.Organization_Name"
- name: title
type: string
mapping: "$.Worker.Worker_Data.Job_Data.Position_Data.Business_Title"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: hr-ops
path: "/{{id}}"
operations:
- name: get-worker
method: GET
Workday Open Position Count Check
▼
banking hr workday talent-acquisition lookup
Queries Workday for open positions by department, returning count and average days open.
naftiko: "0.5"
info:
label: "Workday Open Position Count Check"
description: "Queries Workday for open positions by department, returning count and average days open."
tags:
- banking
- hr
- workday
- talent-acquisition
- lookup
capability:
exposes:
- type: mcp
namespace: ta-ops
port: 8080
tools:
- name: get-open-positions
description: "Given a department name, return the open position count and average days since posting."
inputParameters:
- name: department
in: body
type: string
description: "Department name."
call: workday.get-requisitions
with:
department: "{{department}}"
outputParameters:
- name: open_count
type: integer
mapping: "$.total"
- name: avg_days_open
type: number
mapping: "$.averageDaysOpen"
consumes:
- namespace: workday
type: http
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Human_Resources/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: ta-ops
path: "/{{id}}"
operations:
- name: get-requisitions
method: GET
Workday Payroll Headcount Snapshot
▼
hr finance workday payroll headcount
Returns a headcount snapshot by department and cost center from Workday for monthly payroll reconciliation and regulatory reporting.
naftiko: "0.5"
info:
label: "Workday Payroll Headcount Snapshot"
description: "Returns a headcount snapshot by department and cost center from Workday for monthly payroll reconciliation and regulatory reporting."
tags:
- hr
- finance
- workday
- payroll
- headcount
capability:
exposes:
- type: mcp
namespace: hr-finance
port: 8080
tools:
- name: get-payroll-headcount
description: "Returns all active employees grouped by department, cost center, and employment type from Workday. Use for monthly payroll reconciliation, finance cost allocation, and regulatory headcount reporting."
call: workday.get-workers
outputParameters:
- name: employees
type: array
mapping: "$.data"
items:
- name: worker_id
type: string
mapping: "$.workerId"
- name: full_name
type: string
mapping: "$.fullName"
- name: department
type: string
mapping: "$.department"
- name: cost_center
type: string
mapping: "$.costCenter"
- name: employment_type
type: string
mapping: "$.employmentType"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
operations:
- name: get-workers
method: GET
Workday Performance Calibration Report
▼
banking hr performance-management workday snowflake
Generates a performance calibration report by pulling ratings from Workday, aggregating in Snowflake, and distributing to HR leadership via Teams.
naftiko: "0.5"
info:
label: "Workday Performance Calibration Report"
description: "Generates a performance calibration report by pulling ratings from Workday, aggregating in Snowflake, and distributing to HR leadership via Teams."
tags:
- banking
- hr
- performance-management
- workday
- snowflake
capability:
exposes:
- type: mcp
namespace: perf-ops
port: 8080
tools:
- name: generate-calibration-report
description: "Given a review cycle and business unit, pull ratings from Workday, aggregate in Snowflake, and post to HR leadership channel."
inputParameters:
- name: review_cycle
in: body
type: string
description: "Review cycle ID."
- name: business_unit
in: body
type: string
description: "Business unit."
- name: hr_channel_id
in: body
type: string
description: "HR Teams channel ID."
steps:
- name: get-ratings
type: call
call: workday.get-performance-data
with:
cycle: "{{review_cycle}}"
bu: "{{business_unit}}"
- name: aggregate
type: call
call: snowflake.aggregate-ratings
with:
cycle: "{{review_cycle}}"
bu: "{{business_unit}}"
- name: post-report
type: call
call: msteams.post-channel
with:
channel_id: "{{hr_channel_id}}"
text: "Calibration: {{business_unit}} — {{review_cycle}}. Exceeds: {{aggregate.exceeds_pct}}% | Meets: {{aggregate.meets_pct}}%"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5-impl-services1.workday.com/ccx/service/citi/Performance_Management/v40.1"
authentication:
type: basic
username: "$secrets.workday_user"
password: "$secrets.workday_password"
resources:
- name: reviews
path: "/performance-reviews"
operations:
- name: get-performance-data
method: GET
- type: http
namespace: snowflake
baseUri: "https://citi.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: aggregate-ratings
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: channels
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Workday Talent Acquisition Job Posting Sync
▼
hr workday linkedin recruiting talent-acquisition
Retrieves open job requisitions from Workday and posts them to LinkedIn Recruiter, ensuring Citi's talent pipeline remains current across both platforms.
naftiko: "0.5"
info:
label: "Workday Talent Acquisition Job Posting Sync"
description: "Retrieves open job requisitions from Workday and posts them to LinkedIn Recruiter, ensuring Citi's talent pipeline remains current across both platforms."
tags:
- hr
- workday
- linkedin
- recruiting
- talent-acquisition
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: sync-job-postings-to-linkedin
description: "Retrieve all open job requisitions from Workday and create or update corresponding LinkedIn job postings to maintain accurate and current talent pipeline visibility."
inputParameters:
- name: requisition_status
in: body
type: string
description: "Filter Workday requisitions by status (e.g., Open, Approved)."
steps:
- name: get-requisitions
type: call
call: workday.get-job-requisitions
with:
status: "{{requisition_status}}"
- name: post-to-linkedin
type: call
call: linkedin.create-job-posting
with:
company_id: "citi"
title: "{{get-requisitions.job_title}}"
description: "{{get-requisitions.job_description}}"
location: "{{get-requisitions.location}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: job-requisitions
path: "/jobRequisitions"
inputParameters:
- name: status
in: query
operations:
- name: get-job-requisitions
method: GET
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-postings
path: "/jobPostings"
operations:
- name: create-job-posting
method: POST
Zendesk Support Ticket Lookup
▼
customer-service zendesk support lookup
Retrieves a Zendesk support ticket by ID, returning subject, status, priority, and assignee.
naftiko: "0.5"
info:
label: "Zendesk Support Ticket Lookup"
description: "Retrieves a Zendesk support ticket by ID, returning subject, status, priority, and assignee."
tags:
- customer-service
- zendesk
- support
- lookup
capability:
exposes:
- type: mcp
namespace: support-ops
port: 8080
tools:
- name: get-support-ticket
description: "Given a Zendesk ticket ID, return the subject, status, priority, and assigned agent name."
inputParameters:
- name: ticket_id
in: body
type: string
description: "Zendesk ticket ID."
call: zendesk.get-ticket
with:
ticketId: "{{ticket_id}}"
outputParameters:
- name: subject
type: string
mapping: "$.ticket.subject"
- name: status
type: string
mapping: "$.ticket.status"
- name: priority
type: string
mapping: "$.ticket.priority"
consumes:
- namespace: zendesk
type: http
baseUri: "https://citi.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{ticketId}}"
operations:
- name: get-ticket
method: GET