Deloitte Capabilities
Naftiko 0.5 capability definitions for Deloitte - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Adobe Analytics Report Retrieval
▼
marketing analytics adobe-analytics
Retrieves a ranked report from Adobe Analytics for page views and unique visitors for a specified date range and report suite.
naftiko: "0.5"
info:
label: "Adobe Analytics Report Retrieval"
description: "Retrieves a ranked report from Adobe Analytics for page views and unique visitors for a specified date range and report suite."
tags:
- marketing
- analytics
- adobe-analytics
capability:
exposes:
- type: mcp
namespace: marketing-adobe
port: 8080
tools:
- name: get-report
description: "Given a report suite ID and date range, retrieve page view and unique visitor metrics."
inputParameters:
- name: report_suite_id
in: body
type: string
description: "Adobe Analytics report suite ID."
- name: start_date
in: body
type: string
description: "Report start date."
- name: end_date
in: body
type: string
description: "Report end date."
call: adobe.get-report
with:
rsid: "{{report_suite_id}}"
start: "{{start_date}}"
end: "{{end_date}}"
outputParameters:
- name: page_views
type: integer
mapping: "$.totalPages"
- name: unique_visitors
type: integer
mapping: "$.totalVisitors"
consumes:
- type: http
namespace: adobe
baseUri: "https://analytics.adobe.io/api"
authentication:
type: bearer
token: "$secrets.adobe_analytics_token"
resources:
- name: reports
path: "/{{rsid}}/reports/ranked"
inputParameters:
- name: rsid
in: path
operations:
- name: get-report
method: POST
Amazon S3 Bucket Inventory
▼
cloud storage amazon-s3
Lists objects in an S3 bucket with a given prefix, returning object keys, sizes, and last modified dates for data governance reviews.
naftiko: "0.5"
info:
label: "Amazon S3 Bucket Inventory"
description: "Lists objects in an S3 bucket with a given prefix, returning object keys, sizes, and last modified dates for data governance reviews."
tags:
- cloud
- storage
- amazon-s3
capability:
exposes:
- type: mcp
namespace: cloud-storage
port: 8080
tools:
- name: list-bucket-objects
description: "Given an S3 bucket name and prefix, return the list of objects with size and modification date."
inputParameters:
- name: bucket_name
in: body
type: string
description: "S3 bucket name."
- name: prefix
in: body
type: string
description: "Object key prefix to filter."
call: s3.list-objects
with:
bucket: "{{bucket_name}}"
prefix: "{{prefix}}"
outputParameters:
- name: objects
type: array
mapping: "$.Contents"
- name: count
type: integer
mapping: "$.KeyCount"
consumes:
- type: http
namespace: s3
baseUri: "https://{{bucket}}.s3.amazonaws.com"
authentication:
type: aws-sigv4
accessKeyId: "$secrets.aws_access_key"
secretAccessKey: "$secrets.aws_secret_key"
resources:
- name: objects
path: "/?list-type=2&prefix={{prefix}}"
inputParameters:
- name: bucket
in: host
- name: prefix
in: query
operations:
- name: list-objects
method: GET
API Gateway Rate Limit Alert Handler
▼
api-management monitoring datadog servicenow microsoft-teams
When Datadog detects API gateway rate limiting, fetches metrics, creates a ServiceNow incident, and notifies the platform team via Teams.
naftiko: "0.5"
info:
label: "API Gateway Rate Limit Alert Handler"
description: "When Datadog detects API gateway rate limiting, fetches metrics, creates a ServiceNow incident, and notifies the platform team via Teams."
tags:
- api-management
- monitoring
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: api-alerts
port: 8080
tools:
- name: handle-rate-limit-alert
description: "Given a Datadog monitor ID for rate limiting, fetch metrics, create incident, and alert platform team."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID that triggered the rate limit alert."
steps:
- name: get-monitor
type: call
call: datadog.get-monitor
with:
monitor_id: "{{monitor_id}}"
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "API rate limiting detected: {{get-monitor.name}}"
category: api_management
priority: "2"
- name: notify-platform
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.platform_team_id"
channel_id: "$secrets.platform_alerts_channel_id"
text: "API rate limit alert: {{get-monitor.name}}. Status: {{get-monitor.overall_state}}. SNOW: {{create-incident.number}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
key: "$secrets.datadog_api_key"
headerName: "DD-API-KEY"
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Appian Process Status Lookup
▼
bpm automation appian
Retrieves the status of an Appian business process instance, including current step, assignee, and elapsed time.
naftiko: "0.5"
info:
label: "Appian Process Status Lookup"
description: "Retrieves the status of an Appian business process instance, including current step, assignee, and elapsed time."
tags:
- bpm
- automation
- appian
capability:
exposes:
- type: mcp
namespace: bpm-processes
port: 8080
tools:
- name: get-process-status
description: "Given an Appian process instance ID, return the current step, assignee, and elapsed time."
inputParameters:
- name: process_id
in: body
type: string
description: "Appian process instance ID."
call: appian.get-process
with:
process_id: "{{process_id}}"
outputParameters:
- name: current_step
type: string
mapping: "$.status.currentStep"
- name: assignee
type: string
mapping: "$.status.assignee"
- name: elapsed_time
type: string
mapping: "$.status.elapsedTime"
consumes:
- type: http
namespace: appian
baseUri: "https://deloitte.appiancloud.com/suite/webapi"
authentication:
type: bearer
token: "$secrets.appian_token"
resources:
- name: processes
path: "/process/{{process_id}}"
inputParameters:
- name: process_id
in: path
operations:
- name: get-process
method: GET
Azure Cloud Cost Anomaly Response
▼
finops cloud azure datadog servicenow
When Azure Cost Management detects a spending anomaly, annotates Datadog, creates a ServiceNow review incident, and alerts the FinOps Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Azure Cloud Cost Anomaly Response"
description: "When Azure Cost Management detects a spending anomaly, annotates Datadog, creates a ServiceNow review incident, and alerts the FinOps Microsoft Teams channel."
tags:
- finops
- cloud
- azure
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-azure-cost-anomaly
description: "Given an Azure cost anomaly alert with service and overage amount, annotate Datadog, open a ServiceNow review incident, and notify the FinOps Microsoft Teams channel."
inputParameters:
- name: anomaly_id
in: body
type: string
description: "Azure cost anomaly ID."
- name: azure_service
in: body
type: string
description: "Azure service with the anomalous spend."
- name: estimated_overage_usd
in: body
type: number
description: "Estimated overage in USD."
steps:
- name: annotate-dd
type: call
call: datadog.create-event
with:
title: "Azure Cost Anomaly: {{azure_service}}"
text: "Anomaly {{anomaly_id}} — overage: ${{estimated_overage_usd}}"
alert_type: warning
- name: open-snow-incident
type: call
call: servicenow.create-incident
with:
category: cloud_cost
short_description: "Azure cost anomaly: {{azure_service}} — ${{estimated_overage_usd}}"
assigned_group: FinOps
- name: notify-finops
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_finops_team_id"
channel_id: "$secrets.teams_finops_channel_id"
text: "Azure cost anomaly: {{azure_service}} | ${{estimated_overage_usd}} overage | SNOW: {{open-snow-incident.number}} | Datadog: {{annotate-dd.url}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: DD-API-KEY
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Azure DevOps Build Status Lookup
▼
engineering ci-cd azure-devops
Retrieves the latest build status for an Azure DevOps pipeline, including result, duration, and triggering branch.
naftiko: "0.5"
info:
label: "Azure DevOps Build Status Lookup"
description: "Retrieves the latest build status for an Azure DevOps pipeline, including result, duration, and triggering branch."
tags:
- engineering
- ci-cd
- azure-devops
capability:
exposes:
- type: mcp
namespace: devops-builds
port: 8080
tools:
- name: get-build-status
description: "Given an Azure DevOps project and pipeline ID, return the latest build result, duration, and source branch."
inputParameters:
- name: project
in: body
type: string
description: "Azure DevOps project name."
- name: pipeline_id
in: body
type: string
description: "Pipeline definition ID."
call: azdevops.get-builds
with:
project: "{{project}}"
definition_id: "{{pipeline_id}}"
outputParameters:
- name: result
type: string
mapping: "$.value[0].result"
- name: status
type: string
mapping: "$.value[0].status"
- name: source_branch
type: string
mapping: "$.value[0].sourceBranch"
consumes:
- type: http
namespace: azdevops
baseUri: "https://dev.azure.com/deloitte"
authentication:
type: basic
username: ""
password: "$secrets.azure_devops_pat"
resources:
- name: builds
path: "/{{project}}/_apis/build/builds?definitions={{definition_id}}&$top=1&api-version=7.0"
inputParameters:
- name: project
in: path
- name: definition_id
in: query
operations:
- name: get-builds
method: GET
Azure Resource Group Cost Lookup
▼
cloud finops microsoft-azure
Retrieves the current month-to-date cost for a specified Azure resource group from Azure Cost Management.
naftiko: "0.5"
info:
label: "Azure Resource Group Cost Lookup"
description: "Retrieves the current month-to-date cost for a specified Azure resource group from Azure Cost Management."
tags:
- cloud
- finops
- microsoft-azure
capability:
exposes:
- type: mcp
namespace: cloud-costs
port: 8080
tools:
- name: get-resource-group-cost
description: "Given an Azure resource group name, return the month-to-date spend and currency from Azure Cost Management."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group name."
- name: subscription_id
in: body
type: string
description: "Azure subscription ID."
call: azure.get-cost
with:
subscription: "{{subscription_id}}"
rg: "{{resource_group}}"
outputParameters:
- name: total_cost
type: string
mapping: "$.properties.rows[0][0]"
- name: currency
type: string
mapping: "$.properties.rows[0][1]"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: cost-management
path: "/subscriptions/{{subscription}}/resourceGroups/{{rg}}/providers/Microsoft.CostManagement/query?api-version=2023-03-01"
inputParameters:
- name: subscription
in: path
- name: rg
in: path
operations:
- name: get-cost
method: POST
Boomi Integration Monitoring
▼
integration monitoring boomi
Checks the execution status of a Boomi integration process, returning run status, document count, and any error messages.
naftiko: "0.5"
info:
label: "Boomi Integration Monitoring"
description: "Checks the execution status of a Boomi integration process, returning run status, document count, and any error messages."
tags:
- integration
- monitoring
- boomi
capability:
exposes:
- type: mcp
namespace: integration-monitoring
port: 8080
tools:
- name: get-integration-status
description: "Given a Boomi process execution ID, return the execution status, document count, and errors."
inputParameters:
- name: execution_id
in: body
type: string
description: "Boomi process execution ID."
call: boomi.get-execution
with:
execution_id: "{{execution_id}}"
outputParameters:
- name: status
type: string
mapping: "$.executionStatus"
- name: document_count
type: integer
mapping: "$.numberOfDocuments"
- name: error_message
type: string
mapping: "$.errorMessage"
consumes:
- type: http
namespace: boomi
baseUri: "https://api.boomi.com/api/rest/v1"
authentication:
type: basic
username: "$secrets.boomi_user"
password: "$secrets.boomi_token"
resources:
- name: executions
path: "/ExecutionRecord/{{execution_id}}"
inputParameters:
- name: execution_id
in: path
operations:
- name: get-execution
method: GET
Client Billing Reconciliation Workflow
▼
finance billing workday salesforce snowflake microsoft-teams
Reconciles client billing by comparing Workday project costs against Salesforce contract amounts, identifying variances in Snowflake, and alerting finance via Teams.
naftiko: "0.5"
info:
label: "Client Billing Reconciliation Workflow"
description: "Reconciles client billing by comparing Workday project costs against Salesforce contract amounts, identifying variances in Snowflake, and alerting finance via Teams."
tags:
- finance
- billing
- workday
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance-billing
port: 8080
tools:
- name: reconcile-billing
description: "Compare project costs and contract amounts to identify billing variances."
inputParameters:
- name: project_code
in: body
type: string
description: "Project code to reconcile."
steps:
- name: get-project-costs
type: call
call: workday.get-project-financials
with:
project_id: "{{project_code}}"
- name: get-contract
type: call
call: salesforce.get-contract
with:
project_code: "{{project_code}}"
- name: run-variance
type: call
call: snowflake.execute-query
with:
statement: "SELECT calculate_billing_variance('{{project_code}}', {{get-project-costs.total_cost}}, {{get-contract.Amount}})"
warehouse: "FINANCE_WH"
- name: alert-finance
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.finance_team_id"
channel_id: "$secrets.billing_channel_id"
text: "Billing reconciliation for {{project_code}}: Costs={{get-project-costs.total_cost}}, Contract={{get-contract.Amount}}, Variance analysis complete."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: project-financials
path: "/projects/{{project_id}}/financials"
inputParameters:
- name: project_id
in: path
operations:
- name: get-project-financials
method: GET
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contracts
path: "/query?q=SELECT+Id,Amount+FROM+Contract+WHERE+Project_Code__c='{{project_code}}'"
inputParameters:
- name: project_code
in: query
operations:
- name: get-contract
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Client Deliverable Approval Workflow
▼
consulting delivery sharepoint jira microsoft-teams salesforce
When a deliverable is uploaded to SharePoint, creates a Jira review task, sends approval request to the engagement manager via Teams, and updates Salesforce engagement status.
naftiko: "0.5"
info:
label: "Client Deliverable Approval Workflow"
description: "When a deliverable is uploaded to SharePoint, creates a Jira review task, sends approval request to the engagement manager via Teams, and updates Salesforce engagement status."
tags:
- consulting
- delivery
- sharepoint
- jira
- microsoft-teams
- salesforce
capability:
exposes:
- type: mcp
namespace: delivery-approval
port: 8080
tools:
- name: submit-deliverable-for-approval
description: "Given a SharePoint document URL and engagement ID, create a review task and request approval."
inputParameters:
- name: document_url
in: body
type: string
description: "SharePoint URL of the deliverable."
- name: engagement_id
in: body
type: string
description: "Salesforce engagement opportunity ID."
- name: approver_email
in: body
type: string
description: "Email of the engagement manager."
steps:
- name: get-engagement
type: call
call: salesforce.get-opportunity
with:
opp_id: "{{engagement_id}}"
- name: create-review-task
type: call
call: jira.create-issue
with:
project: DELIVERY
issuetype: Task
summary: "Review deliverable for {{get-engagement.Name}}"
description: "Document: {{document_url}}"
- name: request-approval
type: call
call: msteams.send-chat-message
with:
user_id: "{{approver_email}}"
text: "Deliverable ready for review: {{get-engagement.Name}}. Document: {{document_url}}. Jira: {{create-review-task.key}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chats
path: "/users/{{user_id}}/chats/messages"
inputParameters:
- name: user_id
in: path
operations:
- name: send-chat-message
method: POST
Client Engagement Opportunity Sync
▼
sales crm salesforce sap engagement-management
When a Salesforce client engagement opportunity reaches the Proposal stage, syncs the opportunity data to SAP for project code generation and notifies the engagement manager in Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Engagement Opportunity Sync"
description: "When a Salesforce client engagement opportunity reaches the Proposal stage, syncs the opportunity data to SAP for project code generation and notifies the engagement manager in Microsoft Teams."
tags:
- sales
- crm
- salesforce
- sap
- engagement-management
capability:
exposes:
- type: mcp
namespace: engagement-ops
port: 8080
tools:
- name: sync-engagement-to-sap
description: "Given a Salesforce opportunity ID that has reached the Proposal stage, create a SAP project code and update the Salesforce opportunity with the project reference, then notify the engagement manager in Teams."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID at Proposal stage."
- name: engagement_manager_upn
in: body
type: string
description: "Microsoft 365 UPN of the engagement manager."
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opportunity_id: "{{opportunity_id}}"
- name: create-project-code
type: call
call: sap.create-project
with:
description: "{{get-opportunity.name}}"
client: "{{get-opportunity.account_name}}"
planned_start: "{{get-opportunity.close_date}}"
- name: update-opportunity
type: call
call: salesforce-update.update-opportunity
with:
opportunity_id: "{{opportunity_id}}"
sap_project_code: "{{create-project-code.project_id}}"
- name: notify-em
type: call
call: msteams.send-message
with:
recipient_upn: "{{engagement_manager_upn}}"
text: "SAP project code created for {{get-opportunity.name}}: {{create-project-code.project_id}}. Opportunity updated in Salesforce."
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/PS_PROJECT_MANAGEMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: projects
path: "/A_Project"
operations:
- name: create-project
method: POST
- type: http
namespace: salesforce-update
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: update-opportunity
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Client Project Kickoff Orchestration
▼
project-management onboarding salesforce jira sharepoint microsoft-teams
When a new engagement is won in Salesforce, creates a Jira project, provisions a SharePoint site, creates a Teams channel, and notifies the engagement lead.
naftiko: "0.5"
info:
label: "Client Project Kickoff Orchestration"
description: "When a new engagement is won in Salesforce, creates a Jira project, provisions a SharePoint site, creates a Teams channel, and notifies the engagement lead."
tags:
- project-management
- onboarding
- salesforce
- jira
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: project-kickoff
port: 8080
tools:
- name: kickoff-client-project
description: "Given a Salesforce opportunity ID, create all project infrastructure including Jira project, SharePoint site, and Teams channel."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID for the won engagement."
- name: project_lead_email
in: body
type: string
description: "Email of the engagement lead."
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opp_id: "{{opportunity_id}}"
- name: create-jira-project
type: call
call: jira.create-project
with:
name: "{{get-opportunity.Name}}"
key: "{{get-opportunity.Project_Code__c}}"
lead: "{{project_lead_email}}"
- name: create-sharepoint-site
type: call
call: sharepoint.create-site
with:
displayName: "{{get-opportunity.Name}}"
description: "Project site for {{get-opportunity.Account.Name}}"
- name: create-teams-channel
type: call
call: msteams.create-channel
with:
team_id: "$secrets.consulting_team_id"
displayName: "{{get-opportunity.Name}}"
description: "Channel for {{get-opportunity.Account.Name}} engagement"
- name: notify-lead
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.consulting_team_id"
channel_id: "{{create-teams-channel.id}}"
text: "Project infrastructure ready for {{get-opportunity.Name}}. Jira: {{create-jira-project.key}}, SharePoint: {{create-sharepoint-site.webUrl}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: projects
path: "/project"
operations:
- name: create-project
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: sites
path: "/sites"
operations:
- name: create-site
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/{{team_id}}/channels"
inputParameters:
- name: team_id
in: path
operations:
- name: create-channel
method: POST
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Client Satisfaction Survey Orchestration
▼
client-relations feedback salesforce snowflake microsoft-teams
Pulls active engagements from Salesforce, sends satisfaction surveys via email, records responses in Snowflake, and posts a summary digest to the leadership Teams channel.
naftiko: "0.5"
info:
label: "Client Satisfaction Survey Orchestration"
description: "Pulls active engagements from Salesforce, sends satisfaction surveys via email, records responses in Snowflake, and posts a summary digest to the leadership Teams channel."
tags:
- client-relations
- feedback
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: client-satisfaction
port: 8080
tools:
- name: run-satisfaction-survey
description: "Initiate client satisfaction surveys for active engagements and compile results."
inputParameters:
- name: survey_period
in: body
type: string
description: "Survey period identifier (e.g., 2026-Q1)."
steps:
- name: get-active-engagements
type: call
call: salesforce.query-engagements
with:
period: "{{survey_period}}"
- name: store-survey-batch
type: call
call: snowflake.execute-query
with:
statement: "INSERT INTO surveys.batches (period, engagement_count) VALUES ('{{survey_period}}', {{get-active-engagements.totalSize}})"
warehouse: "ANALYTICS_WH"
- name: post-summary
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.leadership_team_id"
channel_id: "$secrets.client_experience_channel_id"
text: "Client satisfaction survey launched for {{survey_period}}: {{get-active-engagements.totalSize}} engagements surveyed."
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: engagements
path: "/query?q=SELECT+Id,Name,Account.Name+FROM+Opportunity+WHERE+StageName='Active'+AND+Survey_Period__c='{{period}}'"
inputParameters:
- name: period
in: query
operations:
- name: query-engagements
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Cloud Resource Provisioning Workflow
▼
cloud infrastructure servicenow microsoft-azure microsoft-teams
When a cloud resource request is approved in ServiceNow, provisions Azure resources via ARM template, updates the CMDB, and notifies the requester via Teams.
naftiko: "0.5"
info:
label: "Cloud Resource Provisioning Workflow"
description: "When a cloud resource request is approved in ServiceNow, provisions Azure resources via ARM template, updates the CMDB, and notifies the requester via Teams."
tags:
- cloud
- infrastructure
- servicenow
- microsoft-azure
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cloud-provisioning
port: 8080
tools:
- name: provision-cloud-resources
description: "Given a ServiceNow request ID, provision Azure resources, update CMDB, and notify the requester."
inputParameters:
- name: request_id
in: body
type: string
description: "ServiceNow request ID for the approved provisioning."
steps:
- name: get-request
type: call
call: servicenow.get-request
with:
request_id: "{{request_id}}"
- name: deploy-resources
type: call
call: azure.create-deployment
with:
subscription_id: "{{get-request.subscription_id}}"
resource_group: "{{get-request.resource_group}}"
template: "{{get-request.arm_template}}"
- name: update-cmdb
type: call
call: servicenow.update-ci
with:
name: "{{get-request.resource_group}}"
environment: "{{get-request.environment}}"
status: provisioned
- name: notify-requester
type: call
call: msteams.send-chat-message
with:
user_id: "{{get-request.requested_by}}"
text: "Your cloud resources have been provisioned. Resource group: {{get-request.resource_group}}, Status: {{deploy-resources.properties.provisioningState}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: requests
path: "/table/sc_request/{{request_id}}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-request
method: GET
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: update-ci
method: POST
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: deployments
path: "/subscriptions/{{subscription_id}}/resourceGroups/{{resource_group}}/providers/Microsoft.Resources/deployments/{{resource_group}}-deploy?api-version=2023-07-01"
inputParameters:
- name: subscription_id
in: path
- name: resource_group
in: path
operations:
- name: create-deployment
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chats
path: "/users/{{user_id}}/chats/messages"
inputParameters:
- name: user_id
in: path
operations:
- name: send-chat-message
method: POST
Compliance Audit Evidence Collection
▼
compliance audit okta servicenow snowflake confluence
Collects audit evidence by pulling access logs from Okta, change records from ServiceNow, and data lineage from Snowflake, then compiles a summary in Confluence.
naftiko: "0.5"
info:
label: "Compliance Audit Evidence Collection"
description: "Collects audit evidence by pulling access logs from Okta, change records from ServiceNow, and data lineage from Snowflake, then compiles a summary in Confluence."
tags:
- compliance
- audit
- okta
- servicenow
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: compliance-audit
port: 8080
tools:
- name: collect-audit-evidence
description: "Given an audit period and control ID, gather access logs, change records, and data lineage, then publish to Confluence."
inputParameters:
- name: control_id
in: body
type: string
description: "Compliance control identifier."
- name: start_date
in: body
type: string
description: "Audit period start date."
- name: end_date
in: body
type: string
description: "Audit period end date."
steps:
- name: get-access-logs
type: call
call: okta.get-system-logs
with:
since: "{{start_date}}"
until: "{{end_date}}"
filter: "eventType eq \"user.session.start\""
- name: get-change-records
type: call
call: servicenow.query-changes
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
- name: get-data-lineage
type: call
call: snowflake.execute-query
with:
statement: "SELECT * FROM audit.data_lineage WHERE control_id = '{{control_id}}' AND event_date BETWEEN '{{start_date}}' AND '{{end_date}}'"
warehouse: "AUDIT_WH"
- name: publish-evidence
type: call
call: confluence.create-page
with:
spaceKey: AUDIT
title: "Evidence - {{control_id}} - {{start_date}} to {{end_date}}"
body: "Access log entries: {{get-access-logs.length}}, Change records: {{get-change-records.count}}, Data lineage records: {{get-data-lineage.row_count}}"
consumes:
- type: http
namespace: okta
baseUri: "https://deloitte.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: logs
path: "/logs?since={{since}}&until={{until}}&filter={{filter}}"
inputParameters:
- name: since
in: query
- name: until
in: query
- name: filter
in: query
operations:
- name: get-system-logs
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request?sysparm_query=sys_created_onBETWEEN{{start_date}}@{{end_date}}"
inputParameters:
- name: start_date
in: query
- name: end_date
in: query
operations:
- name: query-changes
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Confluence Page Lookup
▼
knowledge-management documentation confluence
Searches for a Confluence page by title and returns the page ID, space, last updated date, and URL.
naftiko: "0.5"
info:
label: "Confluence Page Lookup"
description: "Searches for a Confluence page by title and returns the page ID, space, last updated date, and URL."
tags:
- knowledge-management
- documentation
- confluence
capability:
exposes:
- type: mcp
namespace: knowledge-pages
port: 8080
tools:
- name: search-page-by-title
description: "Given a Confluence page title, return the page ID, space key, last modified date, and direct URL."
inputParameters:
- name: page_title
in: body
type: string
description: "Title of the Confluence page to find."
call: confluence.search-page
with:
title: "{{page_title}}"
outputParameters:
- name: page_id
type: string
mapping: "$.results[0].id"
- name: space_key
type: string
mapping: "$.results[0].space.key"
- name: last_modified
type: string
mapping: "$.results[0].version.when"
consumes:
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content?title={{title}}&expand=space,version"
inputParameters:
- name: title
in: query
operations:
- name: search-page
method: GET
Contract Renewal Tracking Orchestration
▼
sales contract-management salesforce jira microsoft-teams
Monitors upcoming contract renewals in Salesforce, creates Jira tracking tickets, sends renewal reminders to account managers via Teams, and logs the outreach in Salesforce.
naftiko: "0.5"
info:
label: "Contract Renewal Tracking Orchestration"
description: "Monitors upcoming contract renewals in Salesforce, creates Jira tracking tickets, sends renewal reminders to account managers via Teams, and logs the outreach in Salesforce."
tags:
- sales
- contract-management
- salesforce
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contract-renewals
port: 8080
tools:
- name: process-upcoming-renewals
description: "Find contracts expiring within 90 days, create tracking tickets, and notify account managers."
inputParameters:
- name: days_ahead
in: body
type: integer
description: "Number of days ahead to look for renewals."
steps:
- name: get-expiring-contracts
type: call
call: salesforce.query-contracts
with:
days: "{{days_ahead}}"
- name: create-tracking-tickets
type: call
call: jira.create-issue
with:
project: RENEWALS
issuetype: Task
summary: "Contract renewals due within {{days_ahead}} days: {{get-expiring-contracts.totalSize}} contracts"
- name: notify-managers
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.sales_team_id"
channel_id: "$secrets.renewals_channel_id"
text: "{{get-expiring-contracts.totalSize}} contracts expiring within {{days_ahead}} days. Tracking ticket: {{create-tracking-tickets.key}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contracts
path: "/query?q=SELECT+Id,Name,EndDate,Account.Name+FROM+Contract+WHERE+EndDate=NEXT_N_DAYS:{{days}}"
inputParameters:
- name: days
in: query
operations:
- name: query-contracts
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Cross-sell Opportunity Detection Workflow
▼
sales analytics salesforce zoominfo snowflake
Analyzes client engagement data in Salesforce, enriches with ZoomInfo firmographics, identifies cross-sell opportunities in Snowflake, and creates Salesforce opportunities for the account team.
naftiko: "0.5"
info:
label: "Cross-sell Opportunity Detection Workflow"
description: "Analyzes client engagement data in Salesforce, enriches with ZoomInfo firmographics, identifies cross-sell opportunities in Snowflake, and creates Salesforce opportunities for the account team."
tags:
- sales
- analytics
- salesforce
- zoominfo
- snowflake
capability:
exposes:
- type: mcp
namespace: sales-crosssell
port: 8080
tools:
- name: detect-cross-sell
description: "Given a Salesforce account ID, analyze data to identify cross-sell opportunities."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_id: "{{account_id}}"
- name: enrich-firmographics
type: call
call: zoominfo.enrich-company
with:
domain: "{{get-account.Website}}"
- name: analyze-opportunities
type: call
call: snowflake.execute-query
with:
statement: "SELECT * FROM sales.cross_sell_model WHERE industry = '{{enrich-firmographics.industry}}' AND employee_range = '{{enrich-firmographics.employee_count}}'"
warehouse: "SALES_WH"
- name: create-opportunities
type: call
call: salesforce.create-opportunity
with:
AccountId: "{{account_id}}"
Name: "Cross-sell: {{get-account.Name}}"
StageName: "Prospecting"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: create-opportunity
method: POST
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/enrich/company"
operations:
- name: enrich-company
method: POST
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Data Pipeline Failure Recovery
▼
data-engineering incident-response databricks jira microsoft-teams
When a Databricks job fails, retrieves error details, creates a Jira bug ticket, notifies the data engineering team in Teams, and triggers a pipeline retry.
naftiko: "0.5"
info:
label: "Data Pipeline Failure Recovery"
description: "When a Databricks job fails, retrieves error details, creates a Jira bug ticket, notifies the data engineering team in Teams, and triggers a pipeline retry."
tags:
- data-engineering
- incident-response
- databricks
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-recovery
port: 8080
tools:
- name: recover-failed-pipeline
description: "Given a failed Databricks run ID, capture error details, create a Jira ticket, notify the team, and retry the job."
inputParameters:
- name: run_id
in: body
type: string
description: "Failed Databricks job run ID."
steps:
- name: get-run-details
type: call
call: databricks.get-run
with:
run_id: "{{run_id}}"
- name: create-bug
type: call
call: jira.create-issue
with:
project: DATA
issuetype: Bug
summary: "Pipeline failure: {{get-run-details.run_name}}"
description: "Run {{run_id}} failed with state: {{get-run-details.state.result_state}}. Error: {{get-run-details.state.state_message}}"
- name: notify-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.data_eng_team_id"
channel_id: "$secrets.data_eng_alerts_channel_id"
text: "Pipeline {{get-run-details.run_name}} failed. Jira: {{create-bug.key}}. Attempting retry..."
- name: retry-run
type: call
call: databricks.rerun-job
with:
run_id: "{{run_id}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://deloitte.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: runs
path: "/jobs/runs/get?run_id={{run_id}}"
inputParameters:
- name: run_id
in: query
operations:
- name: get-run
method: GET
- name: rerun
path: "/jobs/runs/repair"
operations:
- name: rerun-job
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Databricks Job Run Status
▼
data-engineering analytics databricks
Checks the status of a Databricks job run by run ID, returning the current state, start time, and duration.
naftiko: "0.5"
info:
label: "Databricks Job Run Status"
description: "Checks the status of a Databricks job run by run ID, returning the current state, start time, and duration."
tags:
- data-engineering
- analytics
- databricks
capability:
exposes:
- type: mcp
namespace: data-jobs
port: 8080
tools:
- name: get-run-status
description: "Given a Databricks run ID, return the run state, start time, and execution duration."
inputParameters:
- name: run_id
in: body
type: string
description: "Databricks job run ID."
call: databricks.get-run
with:
run_id: "{{run_id}}"
outputParameters:
- name: state
type: string
mapping: "$.state.life_cycle_state"
- name: result_state
type: string
mapping: "$.state.result_state"
- name: start_time
type: string
mapping: "$.start_time"
consumes:
- type: http
namespace: databricks
baseUri: "https://deloitte.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: runs
path: "/jobs/runs/get?run_id={{run_id}}"
inputParameters:
- name: run_id
in: query
operations:
- name: get-run
method: GET
Databricks Model Deployment Orchestration
▼
data-science ml-ops databricks jira microsoft-teams
Deploys a registered MLflow model from Databricks to a serving endpoint, updates the model registry, creates a Jira deployment ticket, and notifies the ML team.
naftiko: "0.5"
info:
label: "Databricks Model Deployment Orchestration"
description: "Deploys a registered MLflow model from Databricks to a serving endpoint, updates the model registry, creates a Jira deployment ticket, and notifies the ML team."
tags:
- data-science
- ml-ops
- databricks
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ml-deployment
port: 8080
tools:
- name: deploy-model
description: "Given a Databricks model name and version, deploy to serving endpoint and track the deployment."
inputParameters:
- name: model_name
in: body
type: string
description: "MLflow registered model name."
- name: model_version
in: body
type: string
description: "Model version to deploy."
steps:
- name: create-endpoint
type: call
call: databricks.create-serving-endpoint
with:
name: "{{model_name}}-serving"
model_name: "{{model_name}}"
model_version: "{{model_version}}"
- name: create-deployment-ticket
type: call
call: jira.create-issue
with:
project: MLOPS
issuetype: Task
summary: "Model deployment: {{model_name}} v{{model_version}}"
description: "Endpoint: {{create-endpoint.name}}, Status: {{create-endpoint.state}}"
- name: notify-ml-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.data_science_team_id"
channel_id: "$secrets.mlops_channel_id"
text: "Model {{model_name}} v{{model_version}} deployed. Endpoint: {{create-endpoint.name}}. Jira: {{create-deployment-ticket.key}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://deloitte.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: serving-endpoints
path: "/serving-endpoints"
operations:
- name: create-serving-endpoint
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Datadog Infrastructure Health Summary
▼
observability monitoring datadog operations
Retrieves the current status of all critical IT infrastructure monitors from Datadog and returns a structured health summary for the IT operations team.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Health Summary"
description: "Retrieves the current status of all critical IT infrastructure monitors from Datadog and returns a structured health summary for the IT operations team."
tags:
- observability
- monitoring
- datadog
- operations
capability:
exposes:
- type: mcp
namespace: infra-health
port: 8080
tools:
- name: get-infrastructure-health
description: "Given a Datadog environment tag, retrieve all monitor statuses for the matching infrastructure and return a structured health summary. Use at the start of any IT incident investigation."
inputParameters:
- name: environment_tag
in: body
type: string
description: "Datadog environment tag to filter monitors (e.g. env:production)."
call: datadog.get-monitors
with:
monitor_tags: "{{environment_tag}}"
outputParameters:
- name: monitors
type: array
mapping: "$.monitors"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: DD-API-KEY
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
inputParameters:
- name: monitor_tags
in: query
operations:
- name: get-monitors
method: GET
Datadog Service Health Lookup
▼
monitoring observability datadog
Checks the current health status of a specific service monitored in Datadog, returning overall status and active alert count.
naftiko: "0.5"
info:
label: "Datadog Service Health Lookup"
description: "Checks the current health status of a specific service monitored in Datadog, returning overall status and active alert count."
tags:
- monitoring
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: monitoring-health
port: 8080
tools:
- name: get-service-health
description: "Given a Datadog service name, return the current overall status and number of active alerts."
inputParameters:
- name: service_name
in: body
type: string
description: "Name of the service in Datadog."
call: datadog.get-service-status
with:
service: "{{service_name}}"
outputParameters:
- name: overall_status
type: string
mapping: "$.data.attributes.overall_status"
- name: active_alerts
type: integer
mapping: "$.data.attributes.active_alert_count"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: apiKey
key: "$secrets.datadog_api_key"
headerName: "DD-API-KEY"
resources:
- name: services
path: "/services/definitions/{{service}}"
inputParameters:
- name: service
in: path
operations:
- name: get-service-status
method: GET
Dynamics 365 Customer Lookup
▼
crm sales microsoft-dynamics-365
Retrieves customer account details from Microsoft Dynamics 365, including account name, primary contact, and annual revenue.
naftiko: "0.5"
info:
label: "Dynamics 365 Customer Lookup"
description: "Retrieves customer account details from Microsoft Dynamics 365, including account name, primary contact, and annual revenue."
tags:
- crm
- sales
- microsoft-dynamics-365
capability:
exposes:
- type: mcp
namespace: crm-dynamics
port: 8080
tools:
- name: get-customer
description: "Given a Dynamics 365 account ID, return the account name, primary contact, and revenue."
inputParameters:
- name: account_id
in: body
type: string
description: "Dynamics 365 account ID."
call: dynamics.get-account
with:
account_id: "{{account_id}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
- name: primary_contact
type: string
mapping: "$.primarycontactid.fullname"
- name: revenue
type: string
mapping: "$.revenue"
consumes:
- type: http
namespace: dynamics
baseUri: "https://deloitte.crm.dynamics.com/api/data/v9.2"
authentication:
type: bearer
token: "$secrets.dynamics_token"
resources:
- name: accounts
path: "/accounts({{account_id}})"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
Dynatrace Performance Alert Handler
▼
monitoring performance dynatrace servicenow microsoft-teams
When Dynatrace detects a performance degradation, fetches problem details, creates a ServiceNow incident, and alerts the SRE team in Teams.
naftiko: "0.5"
info:
label: "Dynatrace Performance Alert Handler"
description: "When Dynatrace detects a performance degradation, fetches problem details, creates a ServiceNow incident, and alerts the SRE team in Teams."
tags:
- monitoring
- performance
- dynatrace
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: performance-alerts
port: 8080
tools:
- name: handle-performance-alert
description: "Given a Dynatrace problem ID, fetch details, create a ServiceNow incident, and notify SRE."
inputParameters:
- name: problem_id
in: body
type: string
description: "Dynatrace problem ID."
steps:
- name: get-problem
type: call
call: dynatrace.get-problem
with:
problem_id: "{{problem_id}}"
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "Performance degradation: {{get-problem.title}}"
category: performance
description: "Impact: {{get-problem.impactLevel}}, Root cause: {{get-problem.rootCauseEntity.name}}"
- name: notify-sre
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.sre_team_id"
channel_id: "$secrets.sre_alerts_channel_id"
text: "Performance alert: {{get-problem.title}}. Impact: {{get-problem.impactLevel}}. SNOW: {{create-incident.number}}"
consumes:
- type: http
namespace: dynatrace
baseUri: "https://deloitte.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: problems
path: "/problems/{{problem_id}}"
inputParameters:
- name: problem_id
in: path
operations:
- name: get-problem
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Employee Role Transfer Orchestration
▼
hr access-management workday okta jira microsoft-teams
When an employee transfers to a new practice in Workday, updates Okta group memberships, reassigns Jira issues, and notifies both old and new managers via Teams.
naftiko: "0.5"
info:
label: "Employee Role Transfer Orchestration"
description: "When an employee transfers to a new practice in Workday, updates Okta group memberships, reassigns Jira issues, and notifies both old and new managers via Teams."
tags:
- hr
- access-management
- workday
- okta
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-transfers
port: 8080
tools:
- name: process-role-transfer
description: "Given a Workday employee ID and new practice, update access groups, reassign work items, and notify managers."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: new_practice
in: body
type: string
description: "Name of the new practice or department."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{employee_id}}"
- name: update-okta-groups
type: call
call: okta.update-user-groups
with:
user_id: "{{get-employee.work_email}}"
new_group: "{{new_practice}}"
old_group: "{{get-employee.department}}"
- name: reassign-jira-issues
type: call
call: jira.bulk-reassign
with:
current_assignee: "{{get-employee.work_email}}"
project: "{{get-employee.department}}"
- name: notify-managers
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.hr_team_id"
channel_id: "$secrets.hr_transfers_channel_id"
text: "{{get-employee.full_name}} transferring from {{get-employee.department}} to {{new_practice}}. Okta groups updated, Jira issues flagged for reassignment."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://deloitte.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: user-groups
path: "/users/{{user_id}}/groups"
inputParameters:
- name: user_id
in: path
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: bulk-operations
path: "/bulk/issues/reassign"
operations:
- name: bulk-reassign
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Engagement Closeout Orchestration
▼
consulting project-management sharepoint jira salesforce microsoft-teams
Closes out a consulting engagement by archiving the SharePoint site, closing Jira project, updating Salesforce opportunity stage, and notifying stakeholders via Teams.
naftiko: "0.5"
info:
label: "Engagement Closeout Orchestration"
description: "Closes out a consulting engagement by archiving the SharePoint site, closing Jira project, updating Salesforce opportunity stage, and notifying stakeholders via Teams."
tags:
- consulting
- project-management
- sharepoint
- jira
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: engagement-closeout
port: 8080
tools:
- name: close-engagement
description: "Given a Salesforce opportunity ID, perform all closeout activities across systems."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
steps:
- name: get-engagement
type: call
call: salesforce.get-opportunity
with:
opp_id: "{{opportunity_id}}"
- name: update-salesforce
type: call
call: salesforce.update-opportunity
with:
opp_id: "{{opportunity_id}}"
StageName: "Closed Won"
- name: close-jira
type: call
call: jira.archive-project
with:
project_key: "{{get-engagement.Project_Code__c}}"
- name: notify-stakeholders
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.consulting_team_id"
channel_id: "$secrets.engagement_mgmt_channel_id"
text: "Engagement {{get-engagement.Name}} closed out. Salesforce updated, Jira project archived."
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- name: update-opportunity
method: PATCH
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: projects
path: "/project/{{project_key}}/archive"
inputParameters:
- name: project_key
in: path
operations:
- name: archive-project
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Engagement Risk Assessment Workflow
▼
risk-management consulting salesforce workday jira microsoft-teams
Pulls engagement data from Salesforce, financial metrics from Workday, and project health from Jira to generate a risk assessment summary posted to the leadership Teams channel.
naftiko: "0.5"
info:
label: "Engagement Risk Assessment Workflow"
description: "Pulls engagement data from Salesforce, financial metrics from Workday, and project health from Jira to generate a risk assessment summary posted to the leadership Teams channel."
tags:
- risk-management
- consulting
- salesforce
- workday
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: risk-assessment
port: 8080
tools:
- name: assess-engagement-risk
description: "Given a Salesforce opportunity ID, compile risk indicators from financial and project data and post an assessment."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID for the engagement."
steps:
- name: get-engagement
type: call
call: salesforce.get-opportunity
with:
opp_id: "{{opportunity_id}}"
- name: get-financials
type: call
call: workday.get-project-financials
with:
project_id: "{{get-engagement.Project_Code__c}}"
- name: get-project-health
type: call
call: jira.get-board-metrics
with:
board_id: "{{get-engagement.Jira_Board_Id__c}}"
- name: post-assessment
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.leadership_team_id"
channel_id: "$secrets.risk_channel_id"
text: "Risk Assessment - {{get-engagement.Name}}: Revenue at {{get-financials.revenue_utilization}}%, Sprint velocity {{get-project-health.velocity}}, Budget variance {{get-financials.budget_variance}}%"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: project-financials
path: "/projects/{{project_id}}/financials"
inputParameters:
- name: project_id
in: path
operations:
- name: get-project-financials
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: boards
path: "/board/{{board_id}}/velocity"
inputParameters:
- name: board_id
in: path
operations:
- name: get-board-metrics
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Expense Policy Violation Handler
▼
finance compliance sap-concur servicenow microsoft-teams
When SAP Concur flags an expense policy violation, fetches details, creates a ServiceNow compliance ticket, and notifies the employee's manager via Teams.
naftiko: "0.5"
info:
label: "Expense Policy Violation Handler"
description: "When SAP Concur flags an expense policy violation, fetches details, creates a ServiceNow compliance ticket, and notifies the employee's manager via Teams."
tags:
- finance
- compliance
- sap-concur
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: expense-compliance
port: 8080
tools:
- name: handle-expense-violation
description: "Given a Concur expense report ID with a violation, create a compliance ticket and notify the manager."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID."
steps:
- name: get-report
type: call
call: concur.get-expense-report
with:
report_id: "{{report_id}}"
- name: create-compliance-ticket
type: call
call: servicenow.create-incident
with:
short_description: "Expense policy violation: Report {{report_id}}"
category: compliance
description: "Employee: {{get-report.OwnerName}}, Amount: {{get-report.Total}} {{get-report.CurrencyCode}}, Violation: {{get-report.PolicyViolation}}"
- name: notify-manager
type: call
call: msteams.send-chat-message
with:
user_id: "{{get-report.ApproverEmail}}"
text: "Expense policy violation on report {{report_id}} by {{get-report.OwnerName}}: {{get-report.PolicyViolation}}. Amount: {{get-report.Total}} {{get-report.CurrencyCode}}. Compliance ticket: {{create-compliance-ticket.number}}"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports/{{report_id}}"
inputParameters:
- name: report_id
in: path
operations:
- name: get-expense-report
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chats
path: "/users/{{user_id}}/chats/messages"
inputParameters:
- name: user_id
in: path
operations:
- name: send-chat-message
method: POST
GCP Billing Export Summary
▼
cloud finops google-cloud-platform
Retrieves Google Cloud Platform billing summary by project for a specified billing period.
naftiko: "0.5"
info:
label: "GCP Billing Export Summary"
description: "Retrieves Google Cloud Platform billing summary by project for a specified billing period."
tags:
- cloud
- finops
- google-cloud-platform
capability:
exposes:
- type: mcp
namespace: cloud-billing
port: 8080
tools:
- name: get-gcp-billing
description: "Given a GCP billing account and month, return project-level cost breakdown."
inputParameters:
- name: billing_account
in: body
type: string
description: "GCP billing account ID."
- name: month
in: body
type: string
description: "Billing month (YYYY-MM)."
call: gcp.get-billing
with:
account: "{{billing_account}}"
month: "{{month}}"
outputParameters:
- name: total_cost
type: string
mapping: "$.costAmount"
- name: currency
type: string
mapping: "$.currencyCode"
consumes:
- type: http
namespace: gcp
baseUri: "https://cloudbilling.googleapis.com/v1"
authentication:
type: bearer
token: "$secrets.gcp_token"
resources:
- name: billing
path: "/billingAccounts/{{account}}/costs?month={{month}}"
inputParameters:
- name: account
in: path
- name: month
in: query
operations:
- name: get-billing
method: GET
GitHub CI/CD Pipeline Failure Handler
▼
devops cicd github datadog jira
When a GitHub Actions pipeline fails on a core platform repository, creates a Datadog event and opens a Jira bug for the engineering team to investigate and remediate.
naftiko: "0.5"
info:
label: "GitHub CI/CD Pipeline Failure Handler"
description: "When a GitHub Actions pipeline fails on a core platform repository, creates a Datadog event and opens a Jira bug for the engineering team to investigate and remediate."
tags:
- devops
- cicd
- github
- datadog
- jira
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions workflow failure, create a Datadog deployment event and open a Jira bug with full failure context for the platform engineering team."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository name where the failure occurred."
- name: workflow_name
in: body
type: string
description: "Name of the failed workflow."
- name: run_id
in: body
type: string
description: "GitHub Actions workflow run ID."
- name: commit_sha
in: body
type: string
description: "Git commit SHA that triggered the failure."
- name: branch
in: body
type: string
description: "Git branch where the failure occurred."
steps:
- name: create-dd-event
type: call
call: datadog.create-event
with:
title: "CI failure: {{workflow_name}} on {{branch}}"
text: "Run {{run_id}} failed at {{commit_sha}} in {{repo_name}}"
alert_type: error
tags: "env:ci,repo:{{repo_name}}"
- name: create-jira-bug
type: call
call: jira.create-issue
with:
project_key: PLAT
issuetype: Bug
summary: "[CI Failure] {{repo_name}} / {{workflow_name}} on {{branch}}"
description: "Run: {{run_id}}\nBranch: {{branch}}\nCommit: {{commit_sha}}\nDatadog: {{create-dd-event.url}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: DD-API-KEY
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
GitHub PR Review Assignment Workflow
▼
engineering code-review github jira microsoft-teams
When a pull request is opened in GitHub, assigns reviewers based on code ownership, creates a Jira sub-task for review tracking, and posts to the engineering Teams channel.
naftiko: "0.5"
info:
label: "GitHub PR Review Assignment Workflow"
description: "When a pull request is opened in GitHub, assigns reviewers based on code ownership, creates a Jira sub-task for review tracking, and posts to the engineering Teams channel."
tags:
- engineering
- code-review
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: code-review
port: 8080
tools:
- name: assign-pr-reviewers
description: "Given a GitHub PR number and repo, assign appropriate reviewers, create a Jira task, and notify the team."
inputParameters:
- name: repo
in: body
type: string
description: "GitHub repository in org/repo format."
- name: pr_number
in: body
type: integer
description: "Pull request number."
steps:
- name: get-pr
type: call
call: github.get-pull-request
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
- name: request-review
type: call
call: github.request-reviewers
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
reviewers: "{{get-pr.suggested_reviewers}}"
- name: create-review-task
type: call
call: jira.create-issue
with:
project: ENG
issuetype: Sub-task
summary: "Code review: PR #{{pr_number}} - {{get-pr.title}}"
- name: notify-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.eng_team_id"
channel_id: "$secrets.eng_pr_channel_id"
text: "PR #{{pr_number}} in {{repo}}: {{get-pr.title}} by {{get-pr.user.login}}. Reviewers assigned. Jira: {{create-review-task.key}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pulls
path: "/repos/{{repo}}/pulls/{{pr_number}}"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: get-pull-request
method: GET
- name: reviewers
path: "/repos/{{repo}}/pulls/{{pr_number}}/requested_reviewers"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: request-reviewers
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
GitHub Repository Status Lookup
▼
engineering devops github
Retrieves the latest commit status and open pull request count for a given GitHub repository.
naftiko: "0.5"
info:
label: "GitHub Repository Status Lookup"
description: "Retrieves the latest commit status and open pull request count for a given GitHub repository."
tags:
- engineering
- devops
- github
capability:
exposes:
- type: mcp
namespace: dev-repos
port: 8080
tools:
- name: get-repo-status
description: "Given a GitHub repository name, return the latest commit SHA, status, and count of open pull requests."
inputParameters:
- name: repo_name
in: body
type: string
description: "Repository name in org/repo format."
call: github.get-repo
with:
repo: "{{repo_name}}"
outputParameters:
- name: default_branch
type: string
mapping: "$.default_branch"
- name: open_issues_count
type: integer
mapping: "$.open_issues_count"
- name: updated_at
type: string
mapping: "$.updated_at"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{repo}}"
inputParameters:
- name: repo
in: path
operations:
- name: get-repo
method: GET
GitHub Security Vulnerability Triage
▼
security devops github servicenow microsoft-teams
When GitHub code scanning detects a critical vulnerability, creates a ServiceNow security incident and notifies the cybersecurity team in Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub Security Vulnerability Triage"
description: "When GitHub code scanning detects a critical vulnerability, creates a ServiceNow security incident and notifies the cybersecurity team in Microsoft Teams."
tags:
- security
- devops
- github
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-triage
port: 8080
tools:
- name: triage-security-vulnerability
description: "Given a GitHub repository, CVE ID, and severity, create a ServiceNow security incident and alert the cybersecurity Microsoft Teams channel for immediate triage and remediation."
inputParameters:
- name: repo_name
in: body
type: string
description: "GitHub repository containing the vulnerable dependency."
- name: vulnerability_id
in: body
type: string
description: "CVE or GitHub advisory ID for the vulnerability."
- name: severity
in: body
type: string
description: "Severity level: critical, high, medium, or low."
- name: package_name
in: body
type: string
description: "Affected dependency package name."
steps:
- name: create-security-incident
type: call
call: servicenow.create-incident
with:
category: security_vulnerability
impact: 1
urgency: 1
short_description: "{{severity}} vulnerability {{vulnerability_id}} in {{repo_name}}: {{package_name}}"
assigned_group: Cybersecurity
- name: alert-security-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_security_team_id"
channel_id: "$secrets.teams_security_channel_id"
text: "{{severity}} vulnerability: {{vulnerability_id}} in {{repo_name}} ({{package_name}}) | SNOW: {{create-security-incident.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Google Analytics Traffic Summary
▼
marketing analytics google-analytics
Retrieves website traffic summary from Google Analytics for a given date range, including sessions, page views, and bounce rate.
naftiko: "0.5"
info:
label: "Google Analytics Traffic Summary"
description: "Retrieves website traffic summary from Google Analytics for a given date range, including sessions, page views, and bounce rate."
tags:
- marketing
- analytics
- google-analytics
capability:
exposes:
- type: mcp
namespace: marketing-analytics
port: 8080
tools:
- name: get-traffic-summary
description: "Given a GA property ID and date range, return sessions, page views, and bounce rate."
inputParameters:
- name: property_id
in: body
type: string
description: "Google Analytics 4 property ID."
- name: start_date
in: body
type: string
description: "Report start date (YYYY-MM-DD)."
- name: end_date
in: body
type: string
description: "Report end date (YYYY-MM-DD)."
call: ga.run-report
with:
property_id: "{{property_id}}"
startDate: "{{start_date}}"
endDate: "{{end_date}}"
outputParameters:
- name: sessions
type: string
mapping: "$.rows[0].metricValues[0].value"
- name: page_views
type: string
mapping: "$.rows[0].metricValues[1].value"
- name: bounce_rate
type: string
mapping: "$.rows[0].metricValues[2].value"
consumes:
- type: http
namespace: ga
baseUri: "https://analyticsdata.googleapis.com/v1beta"
authentication:
type: bearer
token: "$secrets.google_analytics_token"
resources:
- name: reports
path: "/properties/{{property_id}}:runReport"
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
HubSpot Deal Lookup
▼
sales crm hubspot
Retrieves deal details from HubSpot by deal ID, returning the deal name, stage, amount, and close date.
naftiko: "0.5"
info:
label: "HubSpot Deal Lookup"
description: "Retrieves deal details from HubSpot by deal ID, returning the deal name, stage, amount, and close date."
tags:
- sales
- crm
- hubspot
capability:
exposes:
- type: mcp
namespace: crm-deals
port: 8080
tools:
- name: get-deal
description: "Given a HubSpot deal ID, return the deal name, pipeline stage, amount, and expected close date."
inputParameters:
- name: deal_id
in: body
type: string
description: "HubSpot deal ID."
call: hubspot.get-deal
with:
deal_id: "{{deal_id}}"
outputParameters:
- name: deal_name
type: string
mapping: "$.properties.dealname"
- name: stage
type: string
mapping: "$.properties.dealstage"
- name: amount
type: string
mapping: "$.properties.amount"
- name: close_date
type: string
mapping: "$.properties.closedate"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com/crm/v3"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: deals
path: "/objects/deals/{{deal_id}}"
inputParameters:
- name: deal_id
in: path
operations:
- name: get-deal
method: GET
Informatica Data Pipeline Monitoring
▼
data-integration informatica monitoring etl
Monitors Informatica Cloud data integration pipeline runs, returning job status, row counts, and error details for failed or long-running tasks.
naftiko: "0.5"
info:
label: "Informatica Data Pipeline Monitoring"
description: "Monitors Informatica Cloud data integration pipeline runs, returning job status, row counts, and error details for failed or long-running tasks."
tags:
- data-integration
- informatica
- monitoring
- etl
capability:
exposes:
- type: mcp
namespace: informatica-pipeline
port: 8080
tools:
- name: get-pipeline-run-status
description: "Retrieve the latest run status for an Informatica Cloud data pipeline by task name."
inputParameters:
- name: task_name
in: body
type: string
description: "Name of the Informatica Cloud task."
call: "informatica.get-activity-log"
with:
task_name: "{{task_name}}"
outputParameters:
- name: run_status
type: string
mapping: "$.objects[0].state"
- name: rows_processed
type: number
mapping: "$.objects[0].successRowsCount"
- name: error_message
type: string
mapping: "$.objects[0].errorMsg"
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: activity-log
path: "/activity/activityLog?taskName={{task_name}}&rowLimit=1"
inputParameters:
- name: task_name
in: query
operations:
- name: get-activity-log
method: GET
Infrastructure Drift Detection Workflow
▼
infrastructure devops microsoft-azure github jira microsoft-teams
Compares Azure resource configurations against Terraform state in GitHub, creates a Jira remediation ticket for any drift, and notifies the platform team in Teams.
naftiko: "0.5"
info:
label: "Infrastructure Drift Detection Workflow"
description: "Compares Azure resource configurations against Terraform state in GitHub, creates a Jira remediation ticket for any drift, and notifies the platform team in Teams."
tags:
- infrastructure
- devops
- microsoft-azure
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: infra-drift
port: 8080
tools:
- name: detect-infrastructure-drift
description: "Compare Azure resource state with Terraform and handle any drift detected."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group to check."
- name: terraform_repo
in: body
type: string
description: "GitHub repo containing Terraform state."
steps:
- name: get-azure-resources
type: call
call: azure.list-resources
with:
resource_group: "{{resource_group}}"
- name: get-terraform-state
type: call
call: github.get-file
with:
repo: "{{terraform_repo}}"
path: "terraform.tfstate"
- name: create-remediation
type: call
call: jira.create-issue
with:
project: PLATFORM
issuetype: Bug
summary: "Infrastructure drift detected in {{resource_group}}"
description: "Azure resources: {{get-azure-resources.count}}, Terraform state resources compared."
- name: notify-platform
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.platform_team_id"
channel_id: "$secrets.platform_alerts_channel_id"
text: "Drift detected in {{resource_group}}. Remediation ticket: {{create-remediation.key}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: resources
path: "/subscriptions/$secrets.azure_subscription_id/resourceGroups/{{resource_group}}/resources?api-version=2023-07-01"
inputParameters:
- name: resource_group
in: path
operations:
- name: list-resources
method: GET
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: contents
path: "/repos/{{repo}}/contents/{{path}}"
inputParameters:
- name: repo
in: path
- name: path
in: path
operations:
- name: get-file
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
IT Budget Variance Analysis Orchestration
▼
finance it microsoft-azure sap snowflake confluence microsoft-teams
Compares actual IT spend from Azure Cost Management and SAP against planned budget in Snowflake, generates a variance report in Confluence, and alerts finance leadership.
naftiko: "0.5"
info:
label: "IT Budget Variance Analysis Orchestration"
description: "Compares actual IT spend from Azure Cost Management and SAP against planned budget in Snowflake, generates a variance report in Confluence, and alerts finance leadership."
tags:
- finance
- it
- microsoft-azure
- sap
- snowflake
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: it-budgets
port: 8080
tools:
- name: analyze-budget-variance
description: "Compare actual IT cloud and ERP spend against budget and publish variance analysis."
inputParameters:
- name: fiscal_month
in: body
type: string
description: "Fiscal month to analyze."
steps:
- name: get-cloud-spend
type: call
call: azure.get-cost
with:
subscription: "$secrets.azure_subscription_id"
rg: "all"
- name: get-budget
type: call
call: snowflake.execute-query
with:
statement: "SELECT * FROM finance.it_budget WHERE fiscal_month = '{{fiscal_month}}'"
warehouse: "FINANCE_WH"
- name: publish-report
type: call
call: confluence.create-page
with:
spaceKey: FINANCE
title: "IT Budget Variance - {{fiscal_month}}"
body: "Cloud spend: {{get-cloud-spend.total_cost}}, Budget: {{get-budget.data[0][1]}}"
- name: alert-leadership
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.finance_team_id"
channel_id: "$secrets.it_finance_channel_id"
text: "IT budget variance analysis for {{fiscal_month}} published. Report: {{publish-report.url}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: cost-management
path: "/subscriptions/{{subscription}}/providers/Microsoft.CostManagement/query?api-version=2023-03-01"
inputParameters:
- name: subscription
in: path
operations:
- name: get-cost
method: POST
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
IT Infrastructure Incident Response
▼
itsm incident-response datadog servicenow pagerduty
When Datadog detects a P1 infrastructure alert, creates a ServiceNow critical incident, pages the on-call SRE via PagerDuty, and posts to the IT operations Microsoft Teams channel.
naftiko: "0.5"
info:
label: "IT Infrastructure Incident Response"
description: "When Datadog detects a P1 infrastructure alert, creates a ServiceNow critical incident, pages the on-call SRE via PagerDuty, and posts to the IT operations Microsoft Teams channel."
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: handle-p1-incident
description: "Given a Datadog P1 alert, create a ServiceNow critical incident, page the on-call SRE via PagerDuty, and notify the IT operations Microsoft Teams channel."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID that triggered the P1 alert."
- name: service_affected
in: body
type: string
description: "Name of the affected service or system."
- name: alert_message
in: body
type: string
description: "Full alert description from Datadog."
steps:
- name: create-snow-incident
type: call
call: servicenow.create-incident
with:
category: infrastructure
impact: 1
urgency: 1
short_description: "P1: {{service_affected}} — {{alert_message}}"
assigned_group: SRE_OnCall
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
title: "P1: {{service_affected}}"
urgency: high
service_id: "$secrets.pagerduty_infra_service_id"
- name: notify-it-ops
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_it_ops_team_id"
channel_id: "$secrets.teams_it_ops_channel_id"
text: "P1 INCIDENT: {{service_affected}} | SNOW: {{create-snow-incident.number}} | PD: {{page-oncall.html_url}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: Authorization
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Jira Issue Lookup
▼
project-management engineering jira
Retrieves details for a specific Jira issue by key, including status, assignee, priority, and summary.
naftiko: "0.5"
info:
label: "Jira Issue Lookup"
description: "Retrieves details for a specific Jira issue by key, including status, assignee, priority, and summary."
tags:
- project-management
- engineering
- jira
capability:
exposes:
- type: mcp
namespace: project-issues
port: 8080
tools:
- name: get-issue
description: "Given a Jira issue key, return the issue summary, status, assignee, and priority."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key (e.g., PROJ-1234)."
call: jira.get-issue
with:
key: "{{issue_key}}"
outputParameters:
- name: summary
type: string
mapping: "$.fields.summary"
- name: status
type: string
mapping: "$.fields.status.name"
- name: assignee
type: string
mapping: "$.fields.assignee.displayName"
- name: priority
type: string
mapping: "$.fields.priority.name"
consumes:
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{key}}"
inputParameters:
- name: key
in: path
operations:
- name: get-issue
method: GET
Jira Project Backlog Health Digest
▼
devops engineering jira microsoft-teams reporting
Queries Jira for unestimated and stale backlog items across technology projects and posts a weekly digest to the engineering Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Jira Project Backlog Health Digest"
description: "Queries Jira for unestimated and stale backlog items across technology projects and posts a weekly digest to the engineering Microsoft Teams channel."
tags:
- devops
- engineering
- jira
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: project-health
port: 8080
tools:
- name: digest-project-backlog-health
description: "Given a Jira project key, retrieve unestimated and stale backlog issues, then post a health digest to the engineering Microsoft Teams channel for grooming prioritisation."
inputParameters:
- name: project_key
in: body
type: string
description: "Jira project key to analyse (e.g. PLAT, DX, SEC)."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID to post the digest."
steps:
- name: search-stale-issues
type: call
call: jira.search-issues
with:
jql: "project = {{project_key}} AND status = Backlog AND (story_points is EMPTY OR updated <= -14d) ORDER BY created ASC"
maxResults: 50
- name: post-digest
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_engineering_team_id"
channel_id: "{{teams_channel_id}}"
text: "Backlog health — {{project_key}}: {{search-stale-issues.total}} issues need grooming (unestimated or stale >14 days)."
consumes:
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/search"
inputParameters:
- name: jql
in: query
- name: maxResults
in: query
operations:
- name: search-issues
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Knowledge Article Publishing Workflow
▼
knowledge-management publishing confluence servicenow microsoft-teams
Takes a draft from Confluence, publishes it as a ServiceNow knowledge article, updates the Confluence page status, and announces it in the practice Teams channel.
naftiko: "0.5"
info:
label: "Knowledge Article Publishing Workflow"
description: "Takes a draft from Confluence, publishes it as a ServiceNow knowledge article, updates the Confluence page status, and announces it in the practice Teams channel."
tags:
- knowledge-management
- publishing
- confluence
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: knowledge-publishing
port: 8080
tools:
- name: publish-knowledge-article
description: "Given a Confluence page ID, publish its content as a ServiceNow knowledge article and notify the team."
inputParameters:
- name: confluence_page_id
in: body
type: string
description: "Confluence page ID containing the draft article."
- name: knowledge_base
in: body
type: string
description: "ServiceNow knowledge base to publish to."
steps:
- name: get-draft
type: call
call: confluence.get-page
with:
page_id: "{{confluence_page_id}}"
- name: publish-to-snow
type: call
call: servicenow.create-kb-article
with:
short_description: "{{get-draft.title}}"
text: "{{get-draft.body.storage.value}}"
kb_knowledge_base: "{{knowledge_base}}"
- name: update-confluence
type: call
call: confluence.update-page-label
with:
page_id: "{{confluence_page_id}}"
label: "published-to-snow"
- name: announce
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.knowledge_team_id"
channel_id: "$secrets.knowledge_channel_id"
text: "New knowledge article published: {{get-draft.title}}. ServiceNow: {{publish-to-snow.number}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content/{{page_id}}?expand=body.storage"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
- name: labels
path: "/content/{{page_id}}/label"
inputParameters:
- name: page_id
in: path
operations:
- name: update-page-label
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: kb-articles
path: "/table/kb_knowledge"
operations:
- name: create-kb-article
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Learning Path Assignment Orchestration
▼
hr learning workday pluralsight jira microsoft-teams
When a new role assignment is made in Workday, assigns the corresponding Pluralsight learning path, creates a Jira training tracking ticket, and notifies the employee via Teams.
naftiko: "0.5"
info:
label: "Learning Path Assignment Orchestration"
description: "When a new role assignment is made in Workday, assigns the corresponding Pluralsight learning path, creates a Jira training tracking ticket, and notifies the employee via Teams."
tags:
- hr
- learning
- workday
- pluralsight
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: learning-paths
port: 8080
tools:
- name: assign-learning-path
description: "Given a Workday employee ID and new role, assign relevant training and create tracking."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: new_role
in: body
type: string
description: "New role or position title."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{employee_id}}"
- name: assign-training
type: call
call: pluralsight.assign-channel
with:
email: "{{get-employee.work_email}}"
channel_name: "{{new_role}}"
- name: create-tracking
type: call
call: jira.create-issue
with:
project: TRAINING
issuetype: Task
summary: "Training: {{get-employee.full_name}} - {{new_role}} learning path"
assignee: "{{get-employee.work_email}}"
- name: notify-employee
type: call
call: msteams.send-chat-message
with:
user_id: "{{get-employee.work_email}}"
text: "Your learning path for {{new_role}} has been assigned in Pluralsight. Tracking ticket: {{create-tracking.key}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/api/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: channels
path: "/channels/assign"
operations:
- name: assign-channel
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chats
path: "/users/{{user_id}}/chats/messages"
inputParameters:
- name: user_id
in: path
operations:
- name: send-chat-message
method: POST
LinkedIn Company Page Analytics
▼
marketing social linkedin
Retrieves LinkedIn company page follower and engagement analytics for employer branding reporting.
naftiko: "0.5"
info:
label: "LinkedIn Company Page Analytics"
description: "Retrieves LinkedIn company page follower and engagement analytics for employer branding reporting."
tags:
- marketing
- social
- linkedin
capability:
exposes:
- type: mcp
namespace: social-analytics
port: 8080
tools:
- name: get-page-analytics
description: "Return LinkedIn company page follower count, post impressions, and engagement rate."
inputParameters:
- name: organization_id
in: body
type: string
description: "LinkedIn organization ID."
call: linkedin.get-org-stats
with:
org_id: "{{organization_id}}"
outputParameters:
- name: follower_count
type: integer
mapping: "$.followerCount"
- name: impressions
type: integer
mapping: "$.totalImpressions"
- name: engagement_rate
type: number
mapping: "$.engagementRate"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: org-stats
path: "/organizationalEntityFollowerStatistics?q=organizationalEntity&organizationalEntity=urn:li:organization:{{org_id}}"
inputParameters:
- name: org_id
in: query
operations:
- name: get-org-stats
method: GET
LinkedIn Talent Brand Performance Digest
▼
marketing hr linkedin microsoft-teams employer-brand
Retrieves LinkedIn page analytics for Deloitte's employer brand and posts a monthly digest to the talent acquisition Microsoft Teams channel.
naftiko: "0.5"
info:
label: "LinkedIn Talent Brand Performance Digest"
description: "Retrieves LinkedIn page analytics for Deloitte's employer brand and posts a monthly digest to the talent acquisition Microsoft Teams channel."
tags:
- marketing
- hr
- linkedin
- microsoft-teams
- employer-brand
capability:
exposes:
- type: mcp
namespace: talent-brand
port: 8080
tools:
- name: digest-linkedin-brand-performance
description: "Given a LinkedIn organization URN and date range, retrieve page engagement and follower metrics, then post a digest to the talent acquisition Microsoft Teams channel."
inputParameters:
- name: organization_urn
in: body
type: string
description: "LinkedIn organization URN for Deloitte."
- name: start_date
in: body
type: string
description: "ISO 8601 start date for the analytics period."
- name: end_date
in: body
type: string
description: "ISO 8601 end date for the analytics period."
steps:
- name: get-org-stats
type: call
call: linkedin.get-organization-statistics
with:
organization_urn: "{{organization_urn}}"
start: "{{start_date}}"
end: "{{end_date}}"
- name: post-digest
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_hr_team_id"
channel_id: "$secrets.teams_ta_channel_id"
text: "LinkedIn brand digest ({{start_date}} to {{end_date}}): Followers: {{get-org-stats.followersCount}} | Page views: {{get-org-stats.totalPageStatistics.views.allPageViews.pageViews}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: organization-statistics
path: "/organizationalEntityShareStatistics"
inputParameters:
- name: organization_urn
in: query
- name: start
in: query
- name: end
in: query
operations:
- name: get-organization-statistics
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Mailchimp Campaign Performance Lookup
▼
marketing email mailchimp
Retrieves performance metrics for a Mailchimp email campaign including open rate, click rate, and unsubscribe count.
naftiko: "0.5"
info:
label: "Mailchimp Campaign Performance Lookup"
description: "Retrieves performance metrics for a Mailchimp email campaign including open rate, click rate, and unsubscribe count."
tags:
- marketing
- email
- mailchimp
capability:
exposes:
- type: mcp
namespace: marketing-email
port: 8080
tools:
- name: get-campaign-performance
description: "Given a Mailchimp campaign ID, return open rate, click rate, and total recipients."
inputParameters:
- name: campaign_id
in: body
type: string
description: "Mailchimp campaign ID."
call: mailchimp.get-campaign-report
with:
campaign_id: "{{campaign_id}}"
outputParameters:
- name: open_rate
type: number
mapping: "$.opens.open_rate"
- name: click_rate
type: number
mapping: "$.clicks.click_rate"
- name: total_sent
type: integer
mapping: "$.emails_sent"
consumes:
- type: http
namespace: mailchimp
baseUri: "https://us1.api.mailchimp.com/3.0"
authentication:
type: basic
username: "anystring"
password: "$secrets.mailchimp_api_key"
resources:
- name: reports
path: "/reports/{{campaign_id}}"
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-campaign-report
method: GET
Microsoft 365 License Usage Report
▼
it license-management microsoft-365
Retrieves Microsoft 365 license assignment and usage data from Microsoft Graph for IT asset management.
naftiko: "0.5"
info:
label: "Microsoft 365 License Usage Report"
description: "Retrieves Microsoft 365 license assignment and usage data from Microsoft Graph for IT asset management."
tags:
- it
- license-management
- microsoft-365
capability:
exposes:
- type: mcp
namespace: it-licensing
port: 8080
tools:
- name: get-license-usage
description: "Retrieve Microsoft 365 license SKUs with assigned and consumed unit counts."
inputParameters: []
call: msgraph.get-subscribed-skus
with: {}
outputParameters:
- name: skus
type: array
mapping: "$.value"
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: subscribed-skus
path: "/subscribedSkus"
operations:
- name: get-subscribed-skus
method: GET
Microsoft 365 User Role Change Provisioning
▼
hr access-management workday microsoft-365 servicenow
When an employee's role changes in Workday, updates their Microsoft 365 security group memberships and creates a ServiceNow access review task for IT security to validate the changes.
naftiko: "0.5"
info:
label: "Microsoft 365 User Role Change Provisioning"
description: "When an employee's role changes in Workday, updates their Microsoft 365 security group memberships and creates a ServiceNow access review task for IT security to validate the changes."
tags:
- hr
- access-management
- workday
- microsoft-365
- servicenow
capability:
exposes:
- type: mcp
namespace: access-provisioning
port: 8080
tools:
- name: reprovision-role-access
description: "Given a Workday employee ID, old and new Microsoft 365 group IDs, update the user's group memberships and create a ServiceNow access review task for IT security validation."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID of the employee changing roles."
- name: upn
in: body
type: string
description: "Microsoft 365 UPN of the employee."
- name: old_group_id
in: body
type: string
description: "Microsoft 365 group ID to remove the user from."
- name: new_group_id
in: body
type: string
description: "Microsoft 365 group ID to add the user to."
- name: new_role_title
in: body
type: string
description: "New job title for context in the access review task."
steps:
- name: remove-old-group
type: call
call: msgraph.remove-group-member
with:
group_id: "{{old_group_id}}"
user_id: "{{upn}}"
- name: add-new-group
type: call
call: msgraph-new.add-group-member
with:
group_id: "{{new_group_id}}"
user_id: "{{upn}}"
- name: create-access-review
type: call
call: servicenow.create-task
with:
category: access_review
short_description: "Access review: {{upn}} role change to {{new_role_title}}"
assigned_group: IT_Security
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: group-members
path: "/groups/{{group_id}}/members/{{user_id}}/$ref"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: remove-group-member
method: DELETE
- type: http
namespace: msgraph-new
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: group-members
path: "/groups/{{group_id}}/members/$ref"
inputParameters:
- name: group_id
in: path
operations:
- name: add-group-member
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Microsoft Teams Channel Notification
▼
communications notifications microsoft-teams
Sends a notification message to a specified Microsoft Teams channel using the Graph API.
naftiko: "0.5"
info:
label: "Microsoft Teams Channel Notification"
description: "Sends a notification message to a specified Microsoft Teams channel using the Graph API."
tags:
- communications
- notifications
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: comms-teams
port: 8080
tools:
- name: send-channel-message
description: "Send a text message to a specified Microsoft Teams channel."
inputParameters:
- name: team_id
in: body
type: string
description: "Microsoft Teams team ID."
- name: channel_id
in: body
type: string
description: "Microsoft Teams channel ID."
- name: message
in: body
type: string
description: "Message text to send."
call: msteams.post-message
with:
team_id: "{{team_id}}"
channel_id: "{{channel_id}}"
text: "{{message}}"
outputParameters:
- name: message_id
type: string
mapping: "$.id"
consumes:
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
MuleSoft API Health Check
▼
integration api-management mulesoft
Checks the health status of a deployed MuleSoft API by application name, returning deployment status and worker count.
naftiko: "0.5"
info:
label: "MuleSoft API Health Check"
description: "Checks the health status of a deployed MuleSoft API by application name, returning deployment status and worker count."
tags:
- integration
- api-management
- mulesoft
capability:
exposes:
- type: mcp
namespace: integration-apis
port: 8080
tools:
- name: check-api-health
description: "Given a MuleSoft application name, return its deployment status, worker count, and runtime version."
inputParameters:
- name: app_name
in: body
type: string
description: "MuleSoft CloudHub application name."
call: mulesoft.get-app
with:
app_name: "{{app_name}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: workers
type: integer
mapping: "$.workers.amount"
- name: runtime_version
type: string
mapping: "$.muleVersion.version"
consumes:
- type: http
namespace: mulesoft
baseUri: "https://anypoint.mulesoft.com/cloudhub/api"
authentication:
type: bearer
token: "$secrets.mulesoft_token"
resources:
- name: applications
path: "/v2/applications/{{app_name}}"
inputParameters:
- name: app_name
in: path
operations:
- name: get-app
method: GET
New Hire Onboarding Orchestration
▼
hr onboarding workday servicenow microsoft-teams
When a new hire is created in Workday, provisions Microsoft 365 access via Microsoft Graph, creates a ServiceNow onboarding ticket, and sends a Microsoft Teams welcome message to the practice team.
naftiko: "0.5"
info:
label: "New Hire Onboarding Orchestration"
description: "When a new hire is created in Workday, provisions Microsoft 365 access via Microsoft Graph, creates a ServiceNow onboarding ticket, and sends a Microsoft Teams welcome message to the practice team."
tags:
- hr
- onboarding
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-new-hire-onboarding
description: "Given a Workday employee ID and start date, provision Microsoft 365 access, create a ServiceNow onboarding ticket, and send a Teams welcome message to the new hire's practice team channel."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "Employee start date in ISO 8601 format."
- name: practice_team_id
in: body
type: string
description: "Microsoft Teams team ID for the new hire's consulting practice."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{workday_employee_id}}"
- name: provision-m365
type: call
call: msgraph.create-user
with:
displayName: "{{get-employee.full_name}}"
userPrincipalName: "{{get-employee.work_email}}"
department: "{{get-employee.department}}"
- name: open-snow-ticket
type: call
call: servicenow.create-incident
with:
category: hr_onboarding
short_description: "New hire onboarding: {{get-employee.full_name}}"
assigned_group: IT_Onboarding
- name: welcome-message
type: call
call: msteams.send-channel-message
with:
team_id: "{{practice_team_id}}"
channel_id: "$secrets.teams_general_channel_id"
text: "Please welcome {{get-employee.full_name}} joining {{get-employee.department}} on {{start_date}}! IT ticket: {{open-snow-ticket.number}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Okta Suspicious Login Response
▼
security identity okta servicenow microsoft-teams
When Okta detects a suspicious login event, fetches user details, suspends the account, creates a security incident in ServiceNow, and alerts the security team.
naftiko: "0.5"
info:
label: "Okta Suspicious Login Response"
description: "When Okta detects a suspicious login event, fetches user details, suspends the account, creates a security incident in ServiceNow, and alerts the security team."
tags:
- security
- identity
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-identity
port: 8080
tools:
- name: respond-to-suspicious-login
description: "Given an Okta event ID for a suspicious login, suspend the user, create an incident, and notify security."
inputParameters:
- name: event_id
in: body
type: string
description: "Okta system log event ID."
- name: user_id
in: body
type: string
description: "Okta user ID of the affected account."
steps:
- name: get-user
type: call
call: okta.get-user
with:
email: "{{user_id}}"
- name: suspend-user
type: call
call: okta.suspend-user
with:
user_id: "{{user_id}}"
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "Suspicious login: {{get-user.display_name}}"
category: security_incident
priority: "1"
description: "User {{get-user.display_name}} account suspended due to suspicious login. Event: {{event_id}}"
- name: alert-security
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.security_team_id"
channel_id: "$secrets.security_incidents_channel_id"
text: "Suspicious login for {{get-user.display_name}} - account suspended. SNOW: {{create-incident.number}}. Event: {{event_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://deloitte.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
- name: user-lifecycle
path: "/users/{{user_id}}/lifecycle/suspend"
inputParameters:
- name: user_id
in: path
operations:
- name: suspend-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Okta User Status Lookup
▼
security identity okta
Looks up a user in Okta by email and returns their account status, last login time, and assigned groups.
naftiko: "0.5"
info:
label: "Okta User Status Lookup"
description: "Looks up a user in Okta by email and returns their account status, last login time, and assigned groups."
tags:
- security
- identity
- okta
capability:
exposes:
- type: mcp
namespace: identity-users
port: 8080
tools:
- name: get-user-status
description: "Given a user email, look up their Okta account status, last login, and group memberships."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address to look up in Okta."
call: okta.get-user
with:
email: "{{user_email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: last_login
type: string
mapping: "$.lastLogin"
- name: display_name
type: string
mapping: "$.profile.displayName"
consumes:
- type: http
namespace: okta
baseUri: "https://deloitte.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
Oracle GL Balance Lookup
▼
finance accounting oracle
Retrieves general ledger account balances from Oracle Cloud for a given period and company code.
naftiko: "0.5"
info:
label: "Oracle GL Balance Lookup"
description: "Retrieves general ledger account balances from Oracle Cloud for a given period and company code."
tags:
- finance
- accounting
- oracle
capability:
exposes:
- type: mcp
namespace: finance-gl
port: 8080
tools:
- name: get-gl-balance
description: "Given an Oracle ledger ID and accounting period, return the GL account balance."
inputParameters:
- name: ledger_id
in: body
type: string
description: "Oracle general ledger ID."
- name: period_name
in: body
type: string
description: "Accounting period name."
call: oracle.get-balance
with:
ledger_id: "{{ledger_id}}"
period: "{{period_name}}"
outputParameters:
- name: balance
type: string
mapping: "$.items[0].balance"
- name: currency
type: string
mapping: "$.items[0].currencyCode"
consumes:
- type: http
namespace: oracle
baseUri: "https://deloitte.oraclecloud.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: gl-balances
path: "/glBalances?q=LedgerId={{ledger_id}};AccountingPeriod={{period}}"
inputParameters:
- name: ledger_id
in: query
- name: period
in: query
operations:
- name: get-balance
method: GET
PagerDuty Incident Creation
▼
incident-management on-call pagerduty
Creates a new incident in PagerDuty for a specified service, triggering the on-call rotation.
naftiko: "0.5"
info:
label: "PagerDuty Incident Creation"
description: "Creates a new incident in PagerDuty for a specified service, triggering the on-call rotation."
tags:
- incident-management
- on-call
- pagerduty
capability:
exposes:
- type: mcp
namespace: incident-paging
port: 8080
tools:
- name: create-incident
description: "Create a PagerDuty incident with a title and urgency level for a given service."
inputParameters:
- name: service_id
in: body
type: string
description: "PagerDuty service ID."
- name: title
in: body
type: string
description: "Incident title."
- name: urgency
in: body
type: string
description: "Urgency level (high or low)."
call: pagerduty.create-incident
with:
service_id: "{{service_id}}"
title: "{{title}}"
urgency: "{{urgency}}"
outputParameters:
- name: incident_id
type: string
mapping: "$.incident.id"
- name: status
type: string
mapping: "$.incident.status"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
PagerDuty On-Call Roster Lookup
▼
incident-response operations pagerduty on-call
Retrieves the currently on-call engineer for a Deloitte IT service from PagerDuty for use at the start of incident response workflows.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Roster Lookup"
description: "Retrieves the currently on-call engineer for a Deloitte IT service from PagerDuty for use at the start of incident response workflows."
tags:
- incident-response
- operations
- pagerduty
- on-call
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-current-oncall
description: "Given a PagerDuty schedule ID, return the name and email of the current on-call engineer. Use at the beginning of incident response workflows to identify the right engineer to engage."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID for the service's on-call rotation."
call: pagerduty.get-oncall
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user_name
type: string
mapping: "$.oncalls[0].user.name"
- name: user_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: Authorization
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: oncalls
path: "/oncalls"
inputParameters:
- name: schedule_id
in: query
operations:
- name: get-oncall
method: GET
Power BI Dataset Refresh Trigger
▼
analytics reporting power-bi
Triggers a refresh of a specified Power BI dataset to update reports with the latest data from source systems.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Trigger"
description: "Triggers a refresh of a specified Power BI dataset to update reports with the latest data from source systems."
tags:
- analytics
- reporting
- power-bi
capability:
exposes:
- type: mcp
namespace: analytics-powerbi
port: 8080
tools:
- name: refresh-dataset
description: "Trigger a refresh for a Power BI dataset by dataset ID."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID to refresh."
- name: group_id
in: body
type: string
description: "Power BI workspace (group) ID."
call: powerbi.refresh-dataset
with:
group_id: "{{group_id}}"
dataset_id: "{{dataset_id}}"
outputParameters:
- name: request_id
type: string
mapping: "$.requestId"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Power BI Practice Revenue Dashboard Refresh
▼
analytics finance power-bi snowflake reporting
Triggers a Power BI dataset refresh for Deloitte's practice revenue dashboard after Snowflake billing data loads complete, ensuring leadership has current project revenue data.
naftiko: "0.5"
info:
label: "Power BI Practice Revenue Dashboard Refresh"
description: "Triggers a Power BI dataset refresh for Deloitte's practice revenue dashboard after Snowflake billing data loads complete, ensuring leadership has current project revenue data."
tags:
- analytics
- finance
- power-bi
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: revenue-reporting
port: 8080
tools:
- name: refresh-practice-revenue-dashboard
description: "Given a Power BI dataset ID, verify the latest Snowflake billing pipeline load and trigger a Power BI dataset refresh for the practice revenue leadership dashboard."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID for the practice revenue report."
steps:
- name: verify-pipeline-load
type: call
call: snowflake.execute-query
with:
statement: "SELECT MAX(loaded_at) as last_load FROM pipeline_audit WHERE pipeline = 'billing_revenue' AND status = 'success'"
- name: refresh-pbi-dataset
type: call
call: powerbi.refresh-dataset
with:
dataset_id: "{{dataset_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Practice Utilization Report Orchestration
▼
operations reporting workday jira salesforce power-bi
Aggregates staff utilization data from Workday, project hours from Jira, and revenue data from Salesforce to produce a weekly practice utilization report refreshed in Power BI.
naftiko: "0.5"
info:
label: "Practice Utilization Report Orchestration"
description: "Aggregates staff utilization data from Workday, project hours from Jira, and revenue data from Salesforce to produce a weekly practice utilization report refreshed in Power BI."
tags:
- operations
- reporting
- workday
- jira
- salesforce
- power-bi
capability:
exposes:
- type: mcp
namespace: ops-utilization
port: 8080
tools:
- name: generate-utilization-report
description: "Compile utilization data from Workday, Jira, and Salesforce and refresh the Power BI report."
inputParameters:
- name: practice_code
in: body
type: string
description: "Practice code to generate report for."
- name: report_week
in: body
type: string
description: "ISO week to report on (e.g., 2026-W13)."
steps:
- name: get-headcount
type: call
call: workday.get-practice-headcount
with:
practice: "{{practice_code}}"
- name: get-project-hours
type: call
call: jira.get-worklogs
with:
project: "{{practice_code}}"
week: "{{report_week}}"
- name: get-revenue
type: call
call: salesforce.get-practice-revenue
with:
practice_code: "{{practice_code}}"
- name: refresh-report
type: call
call: powerbi.refresh-dataset
with:
group_id: "$secrets.ops_workspace_id"
dataset_id: "$secrets.utilization_dataset_id"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/workers?practice={{practice}}"
inputParameters:
- name: practice
in: query
operations:
- name: get-practice-headcount
method: GET
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: worklogs
path: "/worklog/list?project={{project}}&week={{week}}"
inputParameters:
- name: project
in: query
- name: week
in: query
operations:
- name: get-worklogs
method: GET
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: revenue
path: "/query?q=SELECT+SUM(Amount)+FROM+Opportunity+WHERE+Practice_Code__c='{{practice_code}}'"
inputParameters:
- name: practice_code
in: query
operations:
- name: get-practice-revenue
method: GET
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Quarterly Financial Close Checklist
▼
finance accounting sap snowflake power-bi microsoft-teams
Orchestrates the quarterly financial close by verifying SAP period status, triggering Snowflake reconciliation queries, refreshing Power BI dashboards, and posting the summary to Teams.
naftiko: "0.5"
info:
label: "Quarterly Financial Close Checklist"
description: "Orchestrates the quarterly financial close by verifying SAP period status, triggering Snowflake reconciliation queries, refreshing Power BI dashboards, and posting the summary to Teams."
tags:
- finance
- accounting
- sap
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance-close
port: 8080
tools:
- name: run-quarterly-close
description: "Execute the quarterly financial close checklist including SAP period check, data reconciliation, and dashboard refresh."
inputParameters:
- name: fiscal_period
in: body
type: string
description: "Fiscal period to close (e.g., 2026-Q1)."
- name: company_code
in: body
type: string
description: "SAP company code."
steps:
- name: check-sap-period
type: call
call: sap.get-period-status
with:
company_code: "{{company_code}}"
period: "{{fiscal_period}}"
- name: run-reconciliation
type: call
call: snowflake.execute-query
with:
statement: "CALL finance.reconciliation_check('{{fiscal_period}}', '{{company_code}}')"
warehouse: "FINANCE_WH"
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
group_id: "$secrets.finance_workspace_id"
dataset_id: "$secrets.finance_close_dataset_id"
- name: post-summary
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.finance_team_id"
channel_id: "$secrets.finance_close_channel_id"
text: "Q close checklist for {{fiscal_period}}: SAP period {{check-sap-period.status}}, Reconciliation rows: {{run-reconciliation.row_count}}, Dashboard refresh triggered."
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/API_FINANCIALPERIOD"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: periods
path: "/A_FinancialPeriod(CompanyCode='{{company_code}}',FiscalPeriod='{{period}}')"
inputParameters:
- name: company_code
in: path
- name: period
in: path
operations:
- name: get-period-status
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
SailPoint Access Certification Workflow
▼
security identity-governance sailpoint servicenow microsoft-teams
Triggers a SailPoint access certification campaign, pulls non-compliant users, creates ServiceNow remediation tickets, and notifies managers via Teams.
naftiko: "0.5"
info:
label: "SailPoint Access Certification Workflow"
description: "Triggers a SailPoint access certification campaign, pulls non-compliant users, creates ServiceNow remediation tickets, and notifies managers via Teams."
tags:
- security
- identity-governance
- sailpoint
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: access-certification
port: 8080
tools:
- name: run-access-certification
description: "Trigger an access certification campaign and handle non-compliant accounts."
inputParameters:
- name: campaign_name
in: body
type: string
description: "Name for the certification campaign."
steps:
- name: launch-campaign
type: call
call: sailpoint.create-campaign
with:
name: "{{campaign_name}}"
type: MANAGER
- name: get-violations
type: call
call: sailpoint.get-violations
with:
campaign_id: "{{launch-campaign.id}}"
- name: create-remediation
type: call
call: servicenow.create-incident
with:
short_description: "Access certification violations: {{campaign_name}}"
category: security
description: "{{get-violations.count}} non-compliant access entries found."
- name: notify-managers
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.security_team_id"
channel_id: "$secrets.access_review_channel_id"
text: "Access certification '{{campaign_name}}' complete. {{get-violations.count}} violations found. Remediation ticket: {{create-remediation.number}}"
consumes:
- type: http
namespace: sailpoint
baseUri: "https://deloitte.api.identitynow.com/v3"
authentication:
type: bearer
token: "$secrets.sailpoint_token"
resources:
- name: campaigns
path: "/campaigns"
operations:
- name: create-campaign
method: POST
- name: violations
path: "/campaigns/{{campaign_id}}/violations"
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-violations
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Salesforce Case Creation
▼
support crm salesforce
Creates a new support case in Salesforce with specified subject, priority, and account association.
naftiko: "0.5"
info:
label: "Salesforce Case Creation"
description: "Creates a new support case in Salesforce with specified subject, priority, and account association."
tags:
- support
- crm
- salesforce
capability:
exposes:
- type: mcp
namespace: support-cases
port: 8080
tools:
- name: create-case
description: "Create a new Salesforce case with subject, description, priority, and account ID."
inputParameters:
- name: subject
in: body
type: string
description: "Case subject line."
- name: description
in: body
type: string
description: "Case description."
- name: priority
in: body
type: string
description: "Case priority (High, Medium, Low)."
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: salesforce.create-case
with:
Subject: "{{subject}}"
Description: "{{description}}"
Priority: "{{priority}}"
AccountId: "{{account_id}}"
outputParameters:
- name: case_id
type: string
mapping: "$.id"
- name: case_number
type: string
mapping: "$.CaseNumber"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
Salesforce Client Account Health Review
▼
sales crm salesforce account-management
Retrieves a Salesforce client account record and returns key engagement health indicators including open opportunities, last activity, and current contract status for partner-level reviews.
naftiko: "0.5"
info:
label: "Salesforce Client Account Health Review"
description: "Retrieves a Salesforce client account record and returns key engagement health indicators including open opportunities, last activity, and current contract status for partner-level reviews."
tags:
- sales
- crm
- salesforce
- account-management
capability:
exposes:
- type: mcp
namespace: client-management
port: 8080
tools:
- name: get-client-account-health
description: "Given a Salesforce account ID, retrieve client health indicators including open opportunities, last contact date, and active contract value. Use for quarterly business reviews and partner planning."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID for the client."
call: salesforce.get-account
with:
account_id: "{{account_id}}"
outputParameters:
- name: account_name
type: string
mapping: "$.Name"
- name: owner_name
type: string
mapping: "$.Owner.Name"
- name: last_activity_date
type: string
mapping: "$.LastActivityDate"
- name: annual_revenue
type: number
mapping: "$.AnnualRevenue"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
Salesforce Contact Lookup
▼
sales crm salesforce
Retrieves contact details from Salesforce by email address, returning the contact name, account, title, and phone number.
naftiko: "0.5"
info:
label: "Salesforce Contact Lookup"
description: "Retrieves contact details from Salesforce by email address, returning the contact name, account, title, and phone number."
tags:
- sales
- crm
- salesforce
capability:
exposes:
- type: mcp
namespace: crm-contacts
port: 8080
tools:
- name: get-contact-by-email
description: "Given an email address, look up the Salesforce contact and return name, account, title, and phone."
inputParameters:
- name: email
in: body
type: string
description: "Email address of the contact to look up."
call: salesforce.query-contact
with:
email: "{{email}}"
outputParameters:
- name: name
type: string
mapping: "$.records[0].Name"
- name: account
type: string
mapping: "$.records[0].Account.Name"
- name: title
type: string
mapping: "$.records[0].Title"
- name: phone
type: string
mapping: "$.records[0].Phone"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/query?q=SELECT+Name,Account.Name,Title,Phone+FROM+Contact+WHERE+Email='{{email}}'"
inputParameters:
- name: email
in: query
operations:
- name: query-contact
method: GET
Salesforce Lead to Engagement Enrichment
▼
sales crm salesforce linkedin enrichment
Enriches a Salesforce client lead with LinkedIn company and executive profile data to give the business development team richer context before an initial client meeting.
naftiko: "0.5"
info:
label: "Salesforce Lead to Engagement Enrichment"
description: "Enriches a Salesforce client lead with LinkedIn company and executive profile data to give the business development team richer context before an initial client meeting."
tags:
- sales
- crm
- salesforce
- linkedin
- enrichment
capability:
exposes:
- type: mcp
namespace: bd-intelligence
port: 8080
tools:
- name: enrich-client-lead
description: "Given a Salesforce lead ID and LinkedIn member URN for the prospect, retrieve LinkedIn profile data and update the Salesforce lead with current title and industry for pre-meeting research."
inputParameters:
- name: lead_id
in: body
type: string
description: "Salesforce lead ID to enrich."
- name: linkedin_member_urn
in: body
type: string
description: "LinkedIn member URN for the prospect."
steps:
- name: get-linkedin-profile
type: call
call: linkedin.get-profile
with:
member_urn: "{{linkedin_member_urn}}"
- name: update-lead
type: call
call: salesforce.update-lead
with:
lead_id: "{{lead_id}}"
title: "{{get-linkedin-profile.headline}}"
linkedin_url: "https://www.linkedin.com/in/{{get-linkedin-profile.vanityName}}"
industry: "{{get-linkedin-profile.industry}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: profiles
path: "/people/{{member_urn}}"
inputParameters:
- name: member_urn
in: path
operations:
- name: get-profile
method: GET
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead/{{lead_id}}"
inputParameters:
- name: lead_id
in: path
operations:
- name: update-lead
method: PATCH
Salesforce Pipeline Opportunity Digest
▼
sales crm salesforce reporting microsoft-teams
Generates a weekly digest of open sales pipeline opportunities from Salesforce by stage and practice area, and posts the summary to the business development Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Salesforce Pipeline Opportunity Digest"
description: "Generates a weekly digest of open sales pipeline opportunities from Salesforce by stage and practice area, and posts the summary to the business development Microsoft Teams channel."
tags:
- sales
- crm
- salesforce
- reporting
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: bd-reporting
port: 8080
tools:
- name: digest-pipeline-opportunities
description: "Given a Salesforce owner team ID and reporting period, query the open opportunity pipeline by stage and post a digest summary to the business development Microsoft Teams channel."
inputParameters:
- name: practice_area
in: body
type: string
description: "Practice area to filter opportunities (e.g. Consulting, Advisory, Audit)."
- name: report_date
in: body
type: string
description: "ISO 8601 date for the pipeline snapshot."
steps:
- name: query-pipeline
type: call
call: salesforce.query-opportunities
with:
q: "SELECT StageName, COUNT(Id) as count, SUM(Amount) as total_value FROM Opportunity WHERE IsClosed = false AND Practice_Area__c = '{{practice_area}}' GROUP BY StageName"
- name: post-digest
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_bd_team_id"
channel_id: "$secrets.teams_bd_channel_id"
text: "Pipeline digest — {{practice_area}} as of {{report_date}}: {{query-pipeline.total}} open opportunities. Review in Salesforce for details."
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: query
path: "/query"
inputParameters:
- name: q
in: query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Salesforce Service Cloud Case Routing
▼
support case-management salesforce-service-cloud servicenow microsoft-teams
When a new case is created in Salesforce Service Cloud, enriches it with account data, assigns to the appropriate queue, creates a ServiceNow shadow ticket, and notifies the support team.
naftiko: "0.5"
info:
label: "Salesforce Service Cloud Case Routing"
description: "When a new case is created in Salesforce Service Cloud, enriches it with account data, assigns to the appropriate queue, creates a ServiceNow shadow ticket, and notifies the support team."
tags:
- support
- case-management
- salesforce-service-cloud
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: support-routing
port: 8080
tools:
- name: route-service-case
description: "Given a Salesforce case ID, enrich with account data, route to queue, create shadow ticket, and notify."
inputParameters:
- name: case_id
in: body
type: string
description: "Salesforce case ID."
steps:
- name: get-case
type: call
call: salesforce.get-case
with:
case_id: "{{case_id}}"
- name: create-shadow-ticket
type: call
call: servicenow.create-incident
with:
short_description: "SF Case: {{get-case.Subject}}"
category: "{{get-case.Type}}"
description: "Account: {{get-case.Account.Name}}, Priority: {{get-case.Priority}}"
- name: notify-support
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.support_team_id"
channel_id: "$secrets.support_cases_channel_id"
text: "New case: {{get-case.Subject}} from {{get-case.Account.Name}}. Priority: {{get-case.Priority}}. SNOW shadow: {{create-shadow-ticket.number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case/{{case_id}}"
inputParameters:
- name: case_id
in: path
operations:
- name: get-case
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
SAP Concur Expense Approval Escalation
▼
finance expenses sap-concur servicenow microsoft-teams
When a SAP Concur expense report exceeds the auto-approval threshold, creates a ServiceNow approval task and notifies the employee's practice leader in Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP Concur Expense Approval Escalation"
description: "When a SAP Concur expense report exceeds the auto-approval threshold, creates a ServiceNow approval task and notifies the employee's practice leader in Microsoft Teams."
tags:
- finance
- expenses
- sap-concur
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: expense-approval
port: 8080
tools:
- name: escalate-expense-for-approval
description: "Given a SAP Concur expense report ID and total exceeding the auto-approval threshold, create a ServiceNow approval task and notify the practice leader in Microsoft Teams."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID requiring approval."
- name: total_amount_usd
in: body
type: number
description: "Total expense report amount in USD."
- name: employee_name
in: body
type: string
description: "Name of the employee who submitted the expense report."
- name: approver_upn
in: body
type: string
description: "Microsoft 365 UPN of the approving practice leader."
steps:
- name: create-approval-task
type: call
call: servicenow.create-task
with:
category: expense_approval
short_description: "Expense approval: {{employee_name}} — ${{total_amount_usd}}"
assigned_to: "{{approver_upn}}"
- name: notify-approver
type: call
call: msteams.send-message
with:
recipient_upn: "{{approver_upn}}"
text: "Expense approval needed: {{employee_name}} submitted ${{total_amount_usd}} (Concur report: {{report_id}}) | Approve in SNOW: {{create-approval-task.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP HANA Data Replication Monitor
▼
data database sap-hana servicenow microsoft-teams
Checks the SAP HANA system replication status and alerts operations if replication lag exceeds threshold, creating a ServiceNow incident.
naftiko: "0.5"
info:
label: "SAP HANA Data Replication Monitor"
description: "Checks the SAP HANA system replication status and alerts operations if replication lag exceeds threshold, creating a ServiceNow incident."
tags:
- data
- database
- sap-hana
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-replication
port: 8080
tools:
- name: check-replication-status
description: "Check SAP HANA replication status and escalate if lagging."
inputParameters:
- name: hana_host
in: body
type: string
description: "SAP HANA host identifier."
steps:
- name: get-replication
type: call
call: saphana.get-replication-status
with:
host: "{{hana_host}}"
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "HANA replication check: {{hana_host}}"
category: database
description: "Replication status: {{get-replication.status}}, Lag: {{get-replication.lag_seconds}}s"
- name: notify-ops
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.dba_team_id"
channel_id: "$secrets.dba_alerts_channel_id"
text: "HANA replication on {{hana_host}}: Status={{get-replication.status}}, Lag={{get-replication.lag_seconds}}s. SNOW: {{create-incident.number}}"
consumes:
- type: http
namespace: saphana
baseUri: "https://deloitte-hana.sap.com/api/v1"
authentication:
type: basic
username: "$secrets.sap_hana_user"
password: "$secrets.sap_hana_password"
resources:
- name: replication
path: "/system/replication/{{host}}"
inputParameters:
- name: host
in: path
operations:
- name: get-replication-status
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
SAP Invoice Approval to Teams Notification
▼
finance accounts-payable sap servicenow microsoft-teams
When an invoice is posted in SAP, validates the amount against the purchase order, updates the ServiceNow finance ticket, and notifies the approver via Teams.
naftiko: "0.5"
info:
label: "SAP Invoice Approval to Teams Notification"
description: "When an invoice is posted in SAP, validates the amount against the purchase order, updates the ServiceNow finance ticket, and notifies the approver via Teams."
tags:
- finance
- accounts-payable
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance-invoices
port: 8080
tools:
- name: process-invoice-approval
description: "Given a SAP invoice document number, validate against PO, update finance ticket, and notify the approver."
inputParameters:
- name: invoice_number
in: body
type: string
description: "SAP invoice document number."
steps:
- name: get-invoice
type: call
call: sap.get-invoice
with:
doc_number: "{{invoice_number}}"
- name: validate-po
type: call
call: sap.get-po
with:
po_number: "{{get-invoice.PurchaseOrder}}"
- name: update-ticket
type: call
call: servicenow.update-ticket
with:
ticket_id: "{{get-invoice.TicketReference}}"
state: "awaiting_approval"
work_notes: "Invoice {{invoice_number}} for {{get-invoice.GrossAmount}} {{get-invoice.Currency}} against PO {{get-invoice.PurchaseOrder}}"
- name: notify-approver
type: call
call: msteams.send-chat-message
with:
user_id: "{{get-invoice.ApproverEmail}}"
text: "Invoice {{invoice_number}} requires approval: {{get-invoice.GrossAmount}} {{get-invoice.Currency}} from {{validate-po.vendor}}. PO: {{get-invoice.PurchaseOrder}}"
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/API_SUPPLIER_INVOICE_PROCESS_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: invoices
path: "/A_SupplierInvoice('{{doc_number}}')"
inputParameters:
- name: doc_number
in: path
operations:
- name: get-invoice
method: GET
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tickets
path: "/table/incident/{{ticket_id}}"
inputParameters:
- name: ticket_id
in: path
operations:
- name: update-ticket
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chats
path: "/users/{{user_id}}/chats/messages"
inputParameters:
- name: user_id
in: path
operations:
- name: send-chat-message
method: POST
SAP Material Master Lookup
▼
procurement erp sap
Retrieves material master data from SAP S/4HANA by material number, including description, unit of measure, and material group.
naftiko: "0.5"
info:
label: "SAP Material Master Lookup"
description: "Retrieves material master data from SAP S/4HANA by material number, including description, unit of measure, and material group."
tags:
- procurement
- erp
- sap
capability:
exposes:
- type: mcp
namespace: erp-materials
port: 8080
tools:
- name: get-material
description: "Given a SAP material number, return the material description, base unit, and material group."
inputParameters:
- name: material_number
in: body
type: string
description: "SAP material master number."
call: sap.get-material
with:
material: "{{material_number}}"
outputParameters:
- name: description
type: string
mapping: "$.d.MaterialName"
- name: base_unit
type: string
mapping: "$.d.BaseUnit"
- name: material_group
type: string
mapping: "$.d.MaterialGroup"
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/API_PRODUCT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: products
path: "/A_Product('{{material}}')"
inputParameters:
- name: material
in: path
operations:
- name: get-material
method: GET
SAP S/4HANA Purchase Order Lookup
▼
finance procurement sap erp
Looks up a purchase order in SAP S/4HANA by PO number and returns the header status, vendor, and total value for procurement and finance review.
naftiko: "0.5"
info:
label: "SAP S/4HANA Purchase Order Lookup"
description: "Looks up a purchase order in SAP S/4HANA by PO number and returns the header status, vendor, and total value for procurement and finance review."
tags:
- finance
- procurement
- sap
- erp
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: "Given a SAP purchase order number, retrieve the PO header status, vendor name, total value, and currency from SAP S/4HANA. Use for procurement approvals and vendor payment verification."
inputParameters:
- name: po_number
in: body
type: string
description: "SAP purchase order number to look up."
call: sap.get-po
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OverallStatus"
- name: vendor
type: string
mapping: "$.d.Supplier.CompanyName"
- name: total_amount
type: string
mapping: "$.d.TotalAmount"
- name: currency
type: string
mapping: "$.d.TransactionCurrency"
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
SAP Vendor Master Lookup
▼
procurement finance sap
Retrieves vendor master data from SAP S/4HANA by vendor number, including company name, payment terms, and tax ID.
naftiko: "0.5"
info:
label: "SAP Vendor Master Lookup"
description: "Retrieves vendor master data from SAP S/4HANA by vendor number, including company name, payment terms, and tax ID."
tags:
- procurement
- finance
- sap
capability:
exposes:
- type: mcp
namespace: procurement-vendors
port: 8080
tools:
- name: get-vendor
description: "Given a SAP vendor number, return the vendor company name, payment terms, and tax identification number."
inputParameters:
- name: vendor_number
in: body
type: string
description: "SAP vendor master number."
call: sap.get-vendor
with:
vendor_id: "{{vendor_number}}"
outputParameters:
- name: company_name
type: string
mapping: "$.d.SupplierName"
- name: payment_terms
type: string
mapping: "$.d.PaymentTerms"
- name: tax_id
type: string
mapping: "$.d.TaxNumber1"
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: suppliers
path: "/A_Supplier('{{vendor_id}}')"
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-vendor
method: GET
Security Incident Escalation Workflow
▼
security incident-response splunk servicenow pagerduty microsoft-teams
When a critical security alert fires in Splunk, creates a ServiceNow incident, pages the on-call engineer via PagerDuty, and posts to the security Teams channel.
naftiko: "0.5"
info:
label: "Security Incident Escalation Workflow"
description: "When a critical security alert fires in Splunk, creates a ServiceNow incident, pages the on-call engineer via PagerDuty, and posts to the security Teams channel."
tags:
- security
- incident-response
- splunk
- servicenow
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-escalation
port: 8080
tools:
- name: escalate-security-incident
description: "Given a Splunk alert ID, create a ServiceNow incident, page on-call, and notify the security team in Teams."
inputParameters:
- name: alert_id
in: body
type: string
description: "Splunk alert ID triggering the escalation."
- name: severity
in: body
type: string
description: "Incident severity (P1, P2, P3)."
steps:
- name: get-alert
type: call
call: splunk.get-alert
with:
alert_id: "{{alert_id}}"
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "Security Alert: {{get-alert.title}}"
category: security_incident
priority: "{{severity}}"
description: "{{get-alert.description}}"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: "$secrets.pagerduty_security_service_id"
title: "Security Alert: {{get-alert.title}}"
urgency: high
- name: notify-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.security_team_id"
channel_id: "$secrets.security_incidents_channel_id"
text: "SECURITY ALERT [{{severity}}]: {{get-alert.title}}. SNOW: {{create-incident.number}}, PagerDuty: {{page-oncall.incident.id}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.deloitte.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: alerts
path: "/alerts/fired_alerts/{{alert_id}}"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert
method: GET
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
ServiceNow Change Calendar Check
▼
it change-management servicenow
Checks the ServiceNow change calendar for a specified date range to identify scheduled changes and potential conflicts.
naftiko: "0.5"
info:
label: "ServiceNow Change Calendar Check"
description: "Checks the ServiceNow change calendar for a specified date range to identify scheduled changes and potential conflicts."
tags:
- it
- change-management
- servicenow
capability:
exposes:
- type: mcp
namespace: change-calendar
port: 8080
tools:
- name: check-change-calendar
description: "Given a date range, return all scheduled changes from ServiceNow to identify conflicts."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date (ISO 8601)."
- name: end_date
in: body
type: string
description: "End date (ISO 8601)."
call: servicenow.get-changes
with:
start: "{{start_date}}"
end: "{{end_date}}"
outputParameters:
- name: changes
type: array
mapping: "$.result"
- name: count
type: integer
mapping: "$.result.length"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request?sysparm_query=start_dateBETWEEN{{start}}@{{end}}"
inputParameters:
- name: start
in: query
- name: end
in: query
operations:
- name: get-changes
method: GET
ServiceNow CMDB Asset Lookup
▼
it asset-management servicenow
Retrieves a configuration item from the ServiceNow CMDB by name, returning its class, status, owner, and environment.
naftiko: "0.5"
info:
label: "ServiceNow CMDB Asset Lookup"
description: "Retrieves a configuration item from the ServiceNow CMDB by name, returning its class, status, owner, and environment."
tags:
- it
- asset-management
- servicenow
capability:
exposes:
- type: mcp
namespace: it-cmdb
port: 8080
tools:
- name: get-ci
description: "Given a CI name, return its class, operational status, assigned owner, and environment from the ServiceNow CMDB."
inputParameters:
- name: ci_name
in: body
type: string
description: "Configuration item name."
call: servicenow.get-ci
with:
name: "{{ci_name}}"
outputParameters:
- name: sys_class_name
type: string
mapping: "$.result[0].sys_class_name"
- name: operational_status
type: string
mapping: "$.result[0].operational_status"
- name: assigned_to
type: string
mapping: "$.result[0].assigned_to.display_value"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci?sysparm_query=name={{name}}"
inputParameters:
- name: name
in: query
operations:
- name: get-ci
method: GET
ServiceNow Incident Lookup
▼
it incident-management servicenow
Looks up a ServiceNow incident by number and returns its current state, priority, assigned group, and short description.
naftiko: "0.5"
info:
label: "ServiceNow Incident Lookup"
description: "Looks up a ServiceNow incident by number and returns its current state, priority, assigned group, and short description."
tags:
- it
- incident-management
- servicenow
capability:
exposes:
- type: mcp
namespace: it-incidents
port: 8080
tools:
- name: get-incident
description: "Given a ServiceNow incident number, retrieve the incident state, priority, assigned group, and short description."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number (e.g., INC0012345)."
call: servicenow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
- name: assigned_group
type: string
mapping: "$.result.assignment_group.display_value"
- name: short_description
type: string
mapping: "$.result.short_description"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident?sysparm_query=number={{number}}"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
ServiceNow IT Change Request Workflow
▼
itsm change-management servicenow microsoft-teams
Submits a ServiceNow change request for a planned IT system change, assigns it to the CAB, and posts the request details to the IT governance Microsoft Teams channel.
naftiko: "0.5"
info:
label: "ServiceNow IT Change Request Workflow"
description: "Submits a ServiceNow change request for a planned IT system change, assigns it to the CAB, and posts the request details to the IT governance Microsoft Teams channel."
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: submit-change-request
description: "Given a change description, risk level, and planned maintenance window, create a ServiceNow change request for CAB approval and notify the IT governance Microsoft Teams channel."
inputParameters:
- name: short_description
in: body
type: string
description: "Brief description of the planned IT change."
- name: change_type
in: body
type: string
description: "Type of change: standard, normal, or emergency."
- name: risk_level
in: body
type: string
description: "Risk level: low, medium, or high."
- name: planned_start
in: body
type: string
description: "Planned change start time in ISO 8601 format."
- name: planned_end
in: body
type: string
description: "Planned change end time in ISO 8601 format."
steps:
- name: create-cr
type: call
call: servicenow.create-change-request
with:
type: "{{change_type}}"
risk: "{{risk_level}}"
short_description: "{{short_description}}"
start_date: "{{planned_start}}"
end_date: "{{planned_end}}"
- name: notify-it-governance
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_it_governance_team_id"
channel_id: "$secrets.teams_cab_channel_id"
text: "Change request submitted: {{short_description}} | Type: {{change_type}} | Risk: {{risk_level}} | Window: {{planned_start}} to {{planned_end}} | SNOW: {{create-cr.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
ServiceNow SLA Breach Escalation
▼
itsm sla servicenow microsoft-teams escalation
Monitors ServiceNow tickets for SLA breaches and escalates overdue tickets by updating priority and notifying the IT service delivery manager in Microsoft Teams.
naftiko: "0.5"
info:
label: "ServiceNow SLA Breach Escalation"
description: "Monitors ServiceNow tickets for SLA breaches and escalates overdue tickets by updating priority and notifying the IT service delivery manager in Microsoft Teams."
tags:
- itsm
- sla
- servicenow
- microsoft-teams
- escalation
capability:
exposes:
- type: mcp
namespace: sla-management
port: 8080
tools:
- name: escalate-sla-breach
description: "Given a ServiceNow incident number that has breached its SLA and breach duration, update the ticket priority and notify the IT service delivery manager in Microsoft Teams."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number that has breached its SLA."
- name: breach_minutes
in: body
type: integer
description: "Number of minutes the SLA has been exceeded."
- name: it_manager_upn
in: body
type: string
description: "Microsoft 365 UPN of the IT service delivery manager."
steps:
- name: escalate-ticket
type: call
call: servicenow.update-incident
with:
number: "{{incident_number}}"
priority: 1
assigned_group: IT_Service_Delivery
work_notes: "SLA breached by {{breach_minutes}} minutes. Escalated to service delivery."
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient_upn: "{{it_manager_upn}}"
text: "SLA breach: {{incident_number}} is {{breach_minutes}}min overdue. Priority escalated and reassigned."
consumes:
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{number}}"
inputParameters:
- name: number
in: path
operations:
- name: update-incident
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SharePoint Document Search
▼
knowledge-management collaboration sharepoint
Searches for documents in SharePoint by keyword, returning matching file names, locations, and last modified dates.
naftiko: "0.5"
info:
label: "SharePoint Document Search"
description: "Searches for documents in SharePoint by keyword, returning matching file names, locations, and last modified dates."
tags:
- knowledge-management
- collaboration
- sharepoint
capability:
exposes:
- type: mcp
namespace: doc-search
port: 8080
tools:
- name: search-documents
description: "Search SharePoint for documents matching a keyword query and return file names, paths, and modification dates."
inputParameters:
- name: search_term
in: body
type: string
description: "Keyword to search for in SharePoint documents."
call: sharepoint.search
with:
query: "{{search_term}}"
outputParameters:
- name: results
type: array
mapping: "$.value"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: search
path: "/search/query"
operations:
- name: search
method: POST
Snowflake Data Governance Scan
▼
data-governance privacy snowflake confluence microsoft-teams
Scans Snowflake metadata to identify tables with PII columns, creates a governance report in Confluence, and alerts the data privacy team in Teams.
naftiko: "0.5"
info:
label: "Snowflake Data Governance Scan"
description: "Scans Snowflake metadata to identify tables with PII columns, creates a governance report in Confluence, and alerts the data privacy team in Teams."
tags:
- data-governance
- privacy
- snowflake
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-governance
port: 8080
tools:
- name: run-governance-scan
description: "Scan Snowflake metadata for PII columns, publish findings, and notify the privacy team."
inputParameters:
- name: database_name
in: body
type: string
description: "Snowflake database to scan."
steps:
- name: scan-metadata
type: call
call: snowflake.execute-query
with:
statement: "SELECT table_name, column_name, data_type FROM {{database_name}}.information_schema.columns WHERE column_name ILIKE ANY ('%email%','%ssn%','%phone%','%address%','%dob%')"
warehouse: "GOVERNANCE_WH"
- name: publish-report
type: call
call: confluence.create-page
with:
spaceKey: GOVERNANCE
title: "PII Scan Report - {{database_name}}"
body: "Found {{scan-metadata.row_count}} potential PII columns in {{database_name}}."
- name: notify-privacy
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.privacy_team_id"
channel_id: "$secrets.privacy_alerts_channel_id"
text: "Data governance scan complete for {{database_name}}: {{scan-metadata.row_count}} potential PII columns identified. Report: {{publish-report.url}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Snowflake Data Quality Check
▼
data analytics snowflake jira data-quality
Runs row count and null rate data quality checks on core Snowflake reporting tables and creates a Jira data quality bug when tables fail validation thresholds.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Check"
description: "Runs row count and null rate data quality checks on core Snowflake reporting tables and creates a Jira data quality bug when tables fail validation thresholds."
tags:
- data
- analytics
- snowflake
- jira
- data-quality
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: run-data-quality-check
description: "Given a Snowflake table name, expected minimum row count, and check date, run the validation and open a Jira bug if the table fails the quality threshold."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table name (e.g. PROD.BILLING.ENGAGEMENT_REVENUE)."
- name: expected_min_rows
in: body
type: integer
description: "Minimum expected row count for the quality check to pass."
- name: check_date
in: body
type: string
description: "ISO 8601 date for the data partition being checked."
steps:
- name: check-row-count
type: call
call: snowflake.execute-query
with:
statement: "SELECT COUNT(*) as row_count FROM {{table_name}} WHERE DATE(created_at) = '{{check_date}}'"
- name: raise-quality-bug
type: call
call: jira.create-issue
with:
project_key: DATA
issuetype: Bug
summary: "Data quality failure: {{table_name}} on {{check_date}}"
description: "Row count: {{check-row-count.row_count}}, below minimum {{expected_min_rows}} for date {{check_date}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Snowflake Query Execution
▼
data analytics snowflake
Executes a read-only SQL query against the Snowflake data warehouse and returns the result set for analytics and reporting.
naftiko: "0.5"
info:
label: "Snowflake Query Execution"
description: "Executes a read-only SQL query against the Snowflake data warehouse and returns the result set for analytics and reporting."
tags:
- data
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: data-queries
port: 8080
tools:
- name: run-query
description: "Execute a read-only SQL query on Snowflake and return the result set. Only SELECT statements are permitted."
inputParameters:
- name: sql_statement
in: body
type: string
description: "SQL SELECT statement to execute."
- name: warehouse
in: body
type: string
description: "Snowflake warehouse to use for the query."
call: snowflake.execute-query
with:
statement: "{{sql_statement}}"
warehouse: "{{warehouse}}"
outputParameters:
- name: row_count
type: integer
mapping: "$.resultSetMetaData.numRows"
- name: data
type: array
mapping: "$.data"
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Snowflake Workforce Analytics Snapshot
▼
analytics hr snowflake reporting resource-planning
Queries Snowflake for workforce utilisation and billing metrics and writes a weekly analytics snapshot for Deloitte's resource planning and finance leadership.
naftiko: "0.5"
info:
label: "Snowflake Workforce Analytics Snapshot"
description: "Queries Snowflake for workforce utilisation and billing metrics and writes a weekly analytics snapshot for Deloitte's resource planning and finance leadership."
tags:
- analytics
- hr
- snowflake
- reporting
- resource-planning
capability:
exposes:
- type: mcp
namespace: workforce-analytics
port: 8080
tools:
- name: snapshot-workforce-utilisation
description: "Given a week ending date, query Snowflake for billable utilisation rates and project staffing across practices, then store the analytics snapshot for resource planning dashboards."
inputParameters:
- name: week_ending_date
in: body
type: string
description: "ISO 8601 date for the workforce analytics snapshot."
call: snowflake.execute-query
with:
statement: "INSERT INTO workforce_utilisation_snapshots SELECT '{{week_ending_date}}' as week_ending, practice, COUNT(DISTINCT employee_id) as headcount, AVG(billable_hours / total_hours) as utilisation_rate FROM staffing_data WHERE week_ending = '{{week_ending_date}}' GROUP BY practice"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Splunk Log Search
▼
security observability splunk
Executes a Splunk search query and returns matching log events for incident investigation and troubleshooting.
naftiko: "0.5"
info:
label: "Splunk Log Search"
description: "Executes a Splunk search query and returns matching log events for incident investigation and troubleshooting."
tags:
- security
- observability
- splunk
capability:
exposes:
- type: mcp
namespace: security-logs
port: 8080
tools:
- name: search-logs
description: "Execute a Splunk search query over a specified time range and return matching events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk search query string."
- name: earliest_time
in: body
type: string
description: "Earliest time for search range (e.g., -24h)."
call: splunk.create-search
with:
search: "{{search_query}}"
earliest_time: "{{earliest_time}}"
outputParameters:
- name: sid
type: string
mapping: "$.sid"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.deloitte.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs"
operations:
- name: create-search
method: POST
Sprint Retrospective Digest Orchestration
▼
engineering agile jira confluence microsoft-teams
Compiles sprint metrics from Jira, collects team feedback, generates a retrospective summary in Confluence, and posts highlights to the engineering Teams channel.
naftiko: "0.5"
info:
label: "Sprint Retrospective Digest Orchestration"
description: "Compiles sprint metrics from Jira, collects team feedback, generates a retrospective summary in Confluence, and posts highlights to the engineering Teams channel."
tags:
- engineering
- agile
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: agile-retro
port: 8080
tools:
- name: generate-retro-digest
description: "Given a Jira sprint ID, compile metrics, create a Confluence retro page, and post highlights."
inputParameters:
- name: sprint_id
in: body
type: string
description: "Jira sprint ID."
- name: board_id
in: body
type: string
description: "Jira board ID."
steps:
- name: get-sprint-report
type: call
call: jira.get-sprint-report
with:
board_id: "{{board_id}}"
sprint_id: "{{sprint_id}}"
- name: create-retro-page
type: call
call: confluence.create-page
with:
spaceKey: ENG
title: "Sprint {{sprint_id}} Retrospective"
body: "Completed: {{get-sprint-report.completedIssues.length}}, Incomplete: {{get-sprint-report.incompleteIssues.length}}, Velocity: {{get-sprint-report.velocity}}"
- name: post-highlights
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.eng_team_id"
channel_id: "$secrets.eng_retro_channel_id"
text: "Sprint {{sprint_id}} retro: {{get-sprint-report.completedIssues.length}} completed, {{get-sprint-report.incompleteIssues.length}} carried over. Full report: {{create-retro-page.url}}"
consumes:
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: sprint-reports
path: "/board/{{board_id}}/sprint/{{sprint_id}}/report"
inputParameters:
- name: board_id
in: path
- name: sprint_id
in: path
operations:
- name: get-sprint-report
method: GET
- type: http
namespace: confluence
baseUri: "https://deloitte.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Tableau Dashboard Refresh Trigger
▼
analytics reporting tableau
Triggers a data extract refresh for a specified Tableau workbook to ensure dashboards display current data.
naftiko: "0.5"
info:
label: "Tableau Dashboard Refresh Trigger"
description: "Triggers a data extract refresh for a specified Tableau workbook to ensure dashboards display current data."
tags:
- analytics
- reporting
- tableau
capability:
exposes:
- type: mcp
namespace: analytics-dashboards
port: 8080
tools:
- name: refresh-workbook
description: "Trigger a data extract refresh for a Tableau workbook by ID."
inputParameters:
- name: workbook_id
in: body
type: string
description: "Tableau workbook ID to refresh."
call: tableau.refresh-workbook
with:
workbook_id: "{{workbook_id}}"
outputParameters:
- name: job_id
type: string
mapping: "$.job.id"
- name: status
type: string
mapping: "$.job.status"
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.deloitte.com/api/3.21"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: workbooks
path: "/sites/$secrets.tableau_site_id/workbooks/{{workbook_id}}/refresh"
inputParameters:
- name: workbook_id
in: path
operations:
- name: refresh-workbook
method: POST
Talent Acquisition Pipeline Sync
▼
hr recruiting linkedin workday jira microsoft-teams
Syncs talent pipeline data from LinkedIn Recruiter to Workday Recruiting, creates a Jira intake ticket, and posts a weekly digest to the HR Teams channel.
naftiko: "0.5"
info:
label: "Talent Acquisition Pipeline Sync"
description: "Syncs talent pipeline data from LinkedIn Recruiter to Workday Recruiting, creates a Jira intake ticket, and posts a weekly digest to the HR Teams channel."
tags:
- hr
- recruiting
- linkedin
- workday
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: talent-pipeline
port: 8080
tools:
- name: sync-talent-pipeline
description: "Pull candidate data from LinkedIn, sync to Workday Recruiting, create intake tickets, and post digest."
inputParameters:
- name: job_posting_id
in: body
type: string
description: "LinkedIn job posting ID."
- name: workday_requisition_id
in: body
type: string
description: "Workday job requisition ID."
steps:
- name: get-linkedin-candidates
type: call
call: linkedin.get-applicants
with:
job_id: "{{job_posting_id}}"
- name: sync-to-workday
type: call
call: workday.create-candidates
with:
requisition_id: "{{workday_requisition_id}}"
candidates: "{{get-linkedin-candidates.elements}}"
- name: create-intake-ticket
type: call
call: jira.create-issue
with:
project: TALENT
issuetype: Task
summary: "Review {{get-linkedin-candidates.total}} new candidates for req {{workday_requisition_id}}"
- name: post-digest
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.hr_team_id"
channel_id: "$secrets.recruiting_channel_id"
text: "Talent pipeline sync: {{get-linkedin-candidates.total}} candidates from LinkedIn synced to Workday req {{workday_requisition_id}}. Intake: {{create-intake-ticket.key}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: applicants
path: "/jobPostings/{{job_id}}/applicants"
inputParameters:
- name: job_id
in: path
operations:
- name: get-applicants
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: candidates
path: "/recruiting/candidates/bulk"
operations:
- name: create-candidates
method: POST
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Vendor Onboarding Orchestration
▼
procurement vendor-management sap salesforce servicenow microsoft-teams
When a new vendor is approved, creates the vendor master in SAP, sets up a Salesforce partner account, creates a ServiceNow request, and notifies procurement via Teams.
naftiko: "0.5"
info:
label: "Vendor Onboarding Orchestration"
description: "When a new vendor is approved, creates the vendor master in SAP, sets up a Salesforce partner account, creates a ServiceNow request, and notifies procurement via Teams."
tags:
- procurement
- vendor-management
- sap
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: procurement-onboarding
port: 8080
tools:
- name: onboard-vendor
description: "Given vendor details, create vendor master records across SAP and Salesforce, open a ServiceNow ticket, and notify procurement."
inputParameters:
- name: vendor_name
in: body
type: string
description: "Vendor company name."
- name: vendor_tax_id
in: body
type: string
description: "Vendor tax identification number."
- name: payment_terms
in: body
type: string
description: "Payment terms code."
steps:
- name: create-sap-vendor
type: call
call: sap.create-supplier
with:
SupplierName: "{{vendor_name}}"
TaxNumber1: "{{vendor_tax_id}}"
PaymentTerms: "{{payment_terms}}"
- name: create-sf-partner
type: call
call: salesforce.create-account
with:
Name: "{{vendor_name}}"
Type: Partner
TaxId__c: "{{vendor_tax_id}}"
- name: create-snow-request
type: call
call: servicenow.create-request
with:
short_description: "Vendor onboarding: {{vendor_name}}"
category: procurement
assigned_group: Vendor_Management
- name: notify-procurement
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.procurement_team_id"
channel_id: "$secrets.procurement_channel_id"
text: "New vendor onboarded: {{vendor_name}}. SAP: {{create-sap-vendor.SupplierNumber}}, Salesforce: {{create-sf-partner.id}}, SNOW: {{create-snow-request.number}}"
consumes:
- type: http
namespace: sap
baseUri: "https://deloitte-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: suppliers
path: "/A_Supplier"
operations:
- name: create-supplier
method: POST
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account"
operations:
- name: create-account
method: POST
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Weekly Executive Dashboard Orchestration
▼
executive reporting salesforce workday snowflake datadog power-bi
Aggregates KPIs from Salesforce pipeline, Workday headcount, Snowflake financial metrics, and Datadog service health into a weekly executive Power BI dashboard refresh.
naftiko: "0.5"
info:
label: "Weekly Executive Dashboard Orchestration"
description: "Aggregates KPIs from Salesforce pipeline, Workday headcount, Snowflake financial metrics, and Datadog service health into a weekly executive Power BI dashboard refresh."
tags:
- executive
- reporting
- salesforce
- workday
- snowflake
- datadog
- power-bi
capability:
exposes:
- type: mcp
namespace: executive-reporting
port: 8080
tools:
- name: refresh-executive-dashboard
description: "Compile weekly KPIs from multiple sources and refresh the executive Power BI dashboard."
inputParameters:
- name: report_week
in: body
type: string
description: "ISO week for the report."
steps:
- name: get-pipeline
type: call
call: salesforce.get-pipeline-summary
with:
week: "{{report_week}}"
- name: get-headcount
type: call
call: workday.get-org-headcount
with: {}
- name: get-financials
type: call
call: snowflake.execute-query
with:
statement: "SELECT * FROM executive.weekly_kpis WHERE report_week = '{{report_week}}'"
warehouse: "EXECUTIVE_WH"
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
group_id: "$secrets.executive_workspace_id"
dataset_id: "$secrets.executive_dashboard_dataset_id"
consumes:
- type: http
namespace: salesforce
baseUri: "https://deloitte.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: pipeline
path: "/query?q=SELECT+SUM(Amount),StageName+FROM+Opportunity+GROUP+BY+StageName"
operations:
- name: get-pipeline-summary
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/workers/count"
operations:
- name: get-org-headcount
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Workday Annual Compensation Cycle Orchestration
▼
hr compensation workday snowflake power-bi microsoft-teams
Launches the annual compensation review cycle by pulling market data from Snowflake, initiating Workday compensation events, refreshing the HR Power BI dashboard, and notifying HR leadership.
naftiko: "0.5"
info:
label: "Workday Annual Compensation Cycle Orchestration"
description: "Launches the annual compensation review cycle by pulling market data from Snowflake, initiating Workday compensation events, refreshing the HR Power BI dashboard, and notifying HR leadership."
tags:
- hr
- compensation
- workday
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-comp-cycle
port: 8080
tools:
- name: launch-comp-cycle
description: "Initiate annual compensation review with market data and notify HR leadership."
inputParameters:
- name: fiscal_year
in: body
type: string
description: "Fiscal year for the compensation cycle."
steps:
- name: get-market-data
type: call
call: snowflake.execute-query
with:
statement: "SELECT * FROM hr.market_compensation_benchmarks WHERE fiscal_year = '{{fiscal_year}}'"
warehouse: "HR_WH"
- name: initiate-cycle
type: call
call: workday.create-comp-event
with:
fiscal_year: "{{fiscal_year}}"
type: annual_review
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
group_id: "$secrets.hr_workspace_id"
dataset_id: "$secrets.comp_review_dataset_id"
- name: notify-hr
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.hr_team_id"
channel_id: "$secrets.hr_comp_channel_id"
text: "Annual compensation cycle for FY{{fiscal_year}} launched. Market benchmarks loaded ({{get-market-data.row_count}} records). Workday event: {{initiate-cycle.event_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: comp-events
path: "/compensation/events"
operations:
- name: create-comp-event
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Workday Benefits Enrollment Lookup
▼
hr benefits workday
Retrieves an employee's current benefits enrollment status from Workday, including health plan, dental, and vision selections.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Lookup"
description: "Retrieves an employee's current benefits enrollment status from Workday, including health plan, dental, and vision selections."
tags:
- hr
- benefits
- workday
capability:
exposes:
- type: mcp
namespace: hr-benefits
port: 8080
tools:
- name: get-benefits
description: "Given a Workday employee ID, return their current health, dental, and vision benefit elections."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-benefits
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: health_plan
type: string
mapping: "$.benefits.healthPlan"
- name: dental_plan
type: string
mapping: "$.benefits.dentalPlan"
- name: vision_plan
type: string
mapping: "$.benefits.visionPlan"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: benefits
path: "/workers/{{worker_id}}/benefits"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-benefits
method: GET
Workday Compensation Review Lookup
▼
hr compensation workday
Retrieves the current compensation details for a given employee from Workday, including base salary, bonus target, and pay grade.
naftiko: "0.5"
info:
label: "Workday Compensation Review Lookup"
description: "Retrieves the current compensation details for a given employee from Workday, including base salary, bonus target, and pay grade."
tags:
- hr
- compensation
- workday
capability:
exposes:
- type: mcp
namespace: hr-compensation
port: 8080
tools:
- name: get-compensation-details
description: "Given a Workday employee ID, return their current base salary, bonus target percentage, and pay grade from Workday."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-compensation
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: base_salary
type: string
mapping: "$.compensation.baseSalary"
- name: bonus_target
type: string
mapping: "$.compensation.bonusTarget"
- name: pay_grade
type: string
mapping: "$.compensation.payGrade"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: compensation
path: "/workers/{{worker_id}}/compensation"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-compensation
method: GET
Workday Employee Offboarding
▼
hr offboarding workday microsoft-365 servicenow
When an employee is terminated in Workday, disables their Microsoft 365 account, resolves their open ServiceNow tickets, and notifies the IT security team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Workday Employee Offboarding"
description: "When an employee is terminated in Workday, disables their Microsoft 365 account, resolves their open ServiceNow tickets, and notifies the IT security team in Microsoft Teams."
tags:
- hr
- offboarding
- workday
- microsoft-365
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: execute-employee-offboarding
description: "Given a Workday employee ID and Microsoft 365 UPN, disable the M365 account, create a ServiceNow offboarding task, and notify IT security in Microsoft Teams."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID of the terminated employee."
- name: upn
in: body
type: string
description: "Microsoft 365 user principal name of the terminated employee."
steps:
- name: disable-m365-account
type: call
call: msgraph.disable-user
with:
user_id: "{{upn}}"
accountEnabled: false
- name: create-offboarding-task
type: call
call: servicenow.create-task
with:
category: hr_offboarding
short_description: "Offboarding: {{upn}}"
assigned_group: IT_Security
- name: notify-security
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_security_team_id"
channel_id: "$secrets.teams_security_channel_id"
text: "Employee offboarded: {{upn}} (Workday: {{workday_employee_id}}) | M365 disabled | SNOW: {{create-offboarding-task.number}}"
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_id}}"
inputParameters:
- name: user_id
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://deloitte.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Workday Org Chart Lookup
▼
hr organization workday
Retrieves the organizational hierarchy for a specified employee from Workday, including manager, department, and cost center.
naftiko: "0.5"
info:
label: "Workday Org Chart Lookup"
description: "Retrieves the organizational hierarchy for a specified employee from Workday, including manager, department, and cost center."
tags:
- hr
- organization
- workday
capability:
exposes:
- type: mcp
namespace: hr-org
port: 8080
tools:
- name: get-org-hierarchy
description: "Given a Workday employee ID, return their manager, department, and cost center."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-worker-org
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: manager
type: string
mapping: "$.manager.displayName"
- name: department
type: string
mapping: "$.department"
- name: cost_center
type: string
mapping: "$.costCenter"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}/organizationInfo"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker-org
method: GET
Workday Payroll Headcount Snapshot
▼
hr finance workday snowflake reporting
Pulls active headcount from Workday by practice and cost center and writes the snapshot to Snowflake for finance planning and payroll reconciliation.
naftiko: "0.5"
info:
label: "Workday Payroll Headcount Snapshot"
description: "Pulls active headcount from Workday by practice and cost center and writes the snapshot to Snowflake for finance planning and payroll reconciliation."
tags:
- hr
- finance
- workday
- snowflake
- reporting
capability:
exposes:
- type: mcp
namespace: payroll-reporting
port: 8080
tools:
- name: snapshot-payroll-headcount
description: "Retrieve active employees from Workday segmented by practice and cost center, then write the periodic headcount snapshot to Snowflake for finance planning and payroll reconciliation."
inputParameters:
- name: snapshot_date
in: body
type: string
description: "ISO 8601 date for the payroll headcount snapshot."
steps:
- name: get-workers
type: call
call: workday.list-workers
with:
effective_date: "{{snapshot_date}}"
employment_status: active
- name: store-snapshot
type: call
call: snowflake.execute-query
with:
statement: "INSERT INTO headcount_snapshots (snapshot_date, total_headcount) VALUES ('{{snapshot_date}}', {{get-workers.total_results}})"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
inputParameters:
- name: effective_date
in: query
- name: employment_status
in: query
operations:
- name: list-workers
method: GET
- type: http
namespace: snowflake
baseUri: "https://deloitte.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Workday Position Approval for Recruiting
▼
hr recruiting workday jira microsoft-teams
When a new headcount requisition is approved in Workday, creates a Jira recruiting task and notifies the talent acquisition team in Microsoft Teams to start the hiring process.
naftiko: "0.5"
info:
label: "Workday Position Approval for Recruiting"
description: "When a new headcount requisition is approved in Workday, creates a Jira recruiting task and notifies the talent acquisition team in Microsoft Teams to start the hiring process."
tags:
- hr
- recruiting
- workday
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: recruiting
port: 8080
tools:
- name: activate-recruiting-position
description: "Given a Workday position requisition ID, job title, and practice area, create a Jira recruiting task and notify the talent acquisition Microsoft Teams channel to begin sourcing."
inputParameters:
- name: requisition_id
in: body
type: string
description: "Workday position requisition ID."
- name: job_title
in: body
type: string
description: "Job title for the open position."
- name: practice_area
in: body
type: string
description: "Deloitte practice area requesting the headcount."
steps:
- name: create-recruiting-task
type: call
call: jira.create-issue
with:
project_key: HR
issuetype: Task
summary: "Recruiting: {{job_title}} — {{practice_area}}"
description: "Position requisition {{requisition_id}} approved. Begin sourcing for {{job_title}} in {{practice_area}}."
- name: notify-ta-team
type: call
call: msteams.send-channel-message
with:
team_id: "$secrets.teams_hr_team_id"
channel_id: "$secrets.teams_ta_channel_id"
text: "New position to fill: {{job_title}} in {{practice_area}} | Jira: {{create-recruiting-task.key}} | Workday req: {{requisition_id}}"
consumes:
- type: http
namespace: jira
baseUri: "https://deloitte.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: send-channel-message
method: POST
Workday Time Off Balance Lookup
▼
hr time-off workday
Retrieves the current time off balance for an employee from Workday, including vacation, sick, and personal days remaining.
naftiko: "0.5"
info:
label: "Workday Time Off Balance Lookup"
description: "Retrieves the current time off balance for an employee from Workday, including vacation, sick, and personal days remaining."
tags:
- hr
- time-off
- workday
capability:
exposes:
- type: mcp
namespace: hr-timeoff
port: 8080
tools:
- name: get-time-off-balance
description: "Given a Workday employee ID, return their remaining vacation, sick, and personal time off balances."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: workday.get-timeoff-balance
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: vacation_balance
type: number
mapping: "$.timeOffBalances[0].balance"
- name: sick_balance
type: number
mapping: "$.timeOffBalances[1].balance"
- name: personal_balance
type: number
mapping: "$.timeOffBalances[2].balance"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: timeoff
path: "/workers/{{worker_id}}/timeOffBalances"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-timeoff-balance
method: GET
ZoomInfo Company Enrichment
▼
sales data-enrichment zoominfo
Enriches a company record with firmographic data from ZoomInfo, including employee count, revenue, and industry classification.
naftiko: "0.5"
info:
label: "ZoomInfo Company Enrichment"
description: "Enriches a company record with firmographic data from ZoomInfo, including employee count, revenue, and industry classification."
tags:
- sales
- data-enrichment
- zoominfo
capability:
exposes:
- type: mcp
namespace: sales-enrichment
port: 8080
tools:
- name: enrich-company
description: "Given a company name or domain, return ZoomInfo firmographic data including revenue, employee count, and industry."
inputParameters:
- name: company_domain
in: body
type: string
description: "Company website domain to look up."
call: zoominfo.enrich-company
with:
domain: "{{company_domain}}"
outputParameters:
- name: company_name
type: string
mapping: "$.data[0].name"
- name: employee_count
type: integer
mapping: "$.data[0].employeeCount"
- name: revenue
type: string
mapping: "$.data[0].revenue"
- name: industry
type: string
mapping: "$.data[0].industry"
consumes:
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/enrich/company"
operations:
- name: enrich-company
method: POST