GEICO Capabilities
Naftiko 0.5 capability definitions for GEICO - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Access Review Pipeline
▼
security access-management okta compliance
Reviews access at GEICO via Okta, IAM, and Jira.
naftiko: "0.5"
info:
label: "Access Review Pipeline"
description: "Reviews access at GEICO via Okta, IAM, and Jira."
tags:
- security
- access-management
- okta
- compliance
capability:
exposes:
- type: mcp
namespace: access-rev
port: 8080
tools:
- name: review
description: "Review access at GEICO."
inputParameters:
- name: dept
in: body
type: string
description: "Department."
steps:
- name: ent
type: call
call: "okta.get-users"
with:
dept: "{{dept}}"
- name: compare
type: call
call: "iam.compare"
with:
data: "{{ent.data}}"
- name: flag
type: call
call: "iam.flag"
with:
violations: "{{compare.violations}}"
- name: fix
type: call
call: "jira.create-issue"
with:
project: "IAM"
summary: "Violations in {{dept}}"
consumes:
- type: http
namespace: okta
baseUri: "https://geico.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: get-users
method: GET
- type: http
namespace: iam
baseUri: "https://iam.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.iam_token"
resources:
- name: reviews
path: "/compare"
operations:
- name: compare
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Amazon ECS Service Health
▼
infrastructure containers amazon-ecs
Retrieves Amazon ECS service health for GEICO containerized workloads.
naftiko: "0.5"
info:
label: "Amazon ECS Service Health"
description: "Retrieves Amazon ECS service health for GEICO containerized workloads."
tags: [infrastructure, containers, amazon-ecs]
capability:
exposes:
- type: mcp
namespace: ecs-ops
port: 8080
tools:
- name: get-ecs-service
description: "Retrieve ECS service health."
inputParameters:
- name: cluster
in: body
type: string
description: "The ECS cluster name."
- name: service_name
in: body
type: string
description: "The ECS service name."
call: "ecs.describe-service"
with: { cluster: "{{cluster}}", service: "{{service_name}}" }
consumes:
- type: http
namespace: ecs
baseUri: "https://ecs.us-east-1.amazonaws.com"
authentication: { type: bearer, token: "$secrets.aws_ecs_token" }
resources:
- name: services
path: "/"
operations: [{ name: describe-service, method: POST }]
Amazon Kinesis Stream Status
▼
data-engineering streaming amazon-kinesis
Retrieves Kinesis stream metrics for real-time event processing.
naftiko: "0.5"
info:
label: "Amazon Kinesis Stream Status"
description: "Retrieves Kinesis stream metrics for real-time event processing."
tags: [data-engineering, streaming, amazon-kinesis]
capability:
exposes:
- type: mcp
namespace: streaming
port: 8080
tools:
- name: get-stream
description: "Retrieve Kinesis stream status."
inputParameters:
- name: stream_name
in: body
type: string
description: "The Kinesis stream name."
call: "kinesis.describe-stream"
with: { stream_name: "{{stream_name}}" }
consumes:
- type: http
namespace: kinesis
baseUri: "https://kinesis.us-east-1.amazonaws.com"
authentication: { type: bearer, token: "$secrets.aws_kinesis_token" }
resources:
- name: streams
path: "/"
operations: [{ name: describe-stream, method: POST }]
Amazon S3 Document Metadata
▼
infrastructure storage amazon-s3
Retrieves document metadata from Amazon S3 for claims and policy files.
naftiko: "0.5"
info:
label: "Amazon S3 Document Metadata"
description: "Retrieves document metadata from Amazon S3 for claims and policy files."
tags: [infrastructure, storage, amazon-s3]
capability:
exposes:
- type: mcp
namespace: s3-storage
port: 8080
tools:
- name: get-object-info
description: "Retrieve S3 object metadata by bucket and key."
inputParameters:
- name: bucket
in: body
type: string
description: "The S3 bucket name."
- name: key
in: body
type: string
description: "The S3 object key."
call: "s3.head-object"
with: { bucket: "{{bucket}}", key: "{{key}}" }
consumes:
- type: http
namespace: s3
baseUri: "https://s3.amazonaws.com"
authentication: { type: bearer, token: "$secrets.aws_s3_token" }
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters: [{ name: bucket, in: path }, { name: key, in: path }]
operations: [{ name: head-object, method: HEAD }]
API Deprecation Pipeline
▼
api-management communications governance
Manages API deprecation at GEICO via consumer identification, notices, and tracking.
naftiko: "0.5"
info:
label: "API Deprecation Pipeline"
description: "Manages API deprecation at GEICO via consumer identification, notices, and tracking."
tags:
- api-management
- communications
- governance
capability:
exposes:
- type: mcp
namespace: api-sunset
port: 8080
tools:
- name: notify-sunset
description: "Manage API sunset at GEICO."
inputParameters:
- name: api
in: body
type: string
description: "API name."
- name: date
in: body
type: string
description: "Sunset date."
steps:
- name: consumers
type: call
call: "api-gw.consumers"
with:
api: "{{api}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{consumers.emails}}"
subject: "{{api}} sunset: {{date}}"
- name: track
type: call
call: "analytics.usage"
with:
api: "{{api}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "API"
summary: "Sunset {{api}} by {{date}}"
consumes:
- type: http
namespace: api-gw
baseUri: "https://api-gw.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.api_gw_token"
resources:
- name: consumers
path: "/apis/{{api}}/consumers"
inputParameters:
- name: api
in: path
operations:
- name: consumers
method: GET
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: usage
path: "/api-usage"
operations:
- name: usage
method: GET
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Azure Cost Management Summary
▼
finance cloud microsoft-azure
Retrieves monthly Azure spend summary for GEICO's cloud infrastructure by resource group and service.
naftiko: "0.5"
info:
label: "Azure Cost Management Summary"
description: "Retrieves monthly Azure spend summary for GEICO's cloud infrastructure by resource group and service."
tags:
- finance
- cloud
- microsoft-azure
capability:
exposes:
- type: mcp
namespace: cloud-cost
port: 8080
tools:
- name: get-azure-spend
description: "Retrieve Azure cost summary by subscription and billing period."
inputParameters:
- name: subscription_id
in: body
type: string
description: "The Azure subscription ID."
- name: billing_period
in: body
type: string
description: "Billing period in YYYYMM format."
call: "azure.get-cost-report"
with:
subscription_id: "{{subscription_id}}"
billing_period: "{{billing_period}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: cost-management
path: "/subscriptions/{{subscription_id}}/providers/Microsoft.CostManagement/query"
inputParameters:
- name: subscription_id
in: path
operations:
- name: get-cost-report
method: POST
Azure DevOps Build Check
▼
devops azure-devops ci-cd
Checks build at GEICO.
naftiko: "0.5"
info:
label: "Azure DevOps Build Check"
description: "Checks build at GEICO."
tags:
- devops
- azure-devops
- ci-cd
capability:
exposes:
- type: mcp
namespace: azdo-build
port: 8080
tools:
- name: check-build
description: "Check build at GEICO."
inputParameters:
- name: project
in: body
type: string
description: "Project."
- name: build_id
in: body
type: string
description: "Build ID."
call: "azdo.get-build"
with:
project: "{{project}}"
build_id: "{{build_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/geico.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: builds
path: "/{{project}}/_apis/build/builds/{{build_id}}"
inputParameters:
- name: project
in: path
- name: build_id
in: path
operations:
- name: get-build
method: GET
Azure DevOps Build Status
▼
engineering cicd azure-devops
Retrieves the latest Azure DevOps build for a pipeline, returning status, result, duration, and trigger information.
naftiko: "0.5"
info:
label: "Azure DevOps Build Status"
description: "Retrieves the latest Azure DevOps build for a pipeline, returning status, result, duration, and trigger information."
tags:
- engineering
- cicd
- azure-devops
capability:
exposes:
- type: mcp
namespace: cicd
port: 8080
tools:
- name: get-build-status
description: "Look up the latest build for an Azure DevOps pipeline."
inputParameters:
- name: project
in: body
type: string
description: "The Azure DevOps project name."
- name: pipeline_id
in: body
type: string
description: "The pipeline definition ID."
call: "azdo.get-latest-build"
with:
project: "{{project}}"
pipeline_id: "{{pipeline_id}}"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/geico"
authentication:
type: basic
username: ""
password: "$secrets.azdo_pat"
resources:
- name: builds
path: "/{{project}}/_apis/build/builds?definitions={{pipeline_id}}&$top=1&api-version=7.0"
inputParameters:
- name: project
in: path
- name: pipeline_id
in: query
operations:
- name: get-latest-build
method: GET
Backup Verification Pipeline
▼
database backup operations
Verifies backups at GEICO.
naftiko: "0.5"
info:
label: "Backup Verification Pipeline"
description: "Verifies backups at GEICO."
tags:
- database
- backup
- operations
capability:
exposes:
- type: mcp
namespace: backup-verify
port: 8080
tools:
- name: verify-backups
description: "Verify backups at GEICO."
inputParameters:
- name: db
in: body
type: string
description: "Database."
- name: date
in: body
type: string
description: "Backup date."
steps:
- name: status
type: call
call: "backup.get-status"
with:
db: "{{db}}"
date: "{{date}}"
- name: verify
type: call
call: "backup.verify"
with:
id: "{{status.backup_id}}"
- name: log
type: call
call: "snowflake.query"
with:
query: "INSERT INTO backup_log VALUES ('{{db}}','{{date}}','{{verify.status}}')"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#dba"
text: "Backup {{db}}: {{verify.status}}"
consumes:
- type: http
namespace: backup
baseUri: "https://backup.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.backup_token"
resources:
- name: backups
path: "/databases/{{db}}/status"
inputParameters:
- name: db
in: path
operations:
- name: get-status
method: GET
- type: http
namespace: snowflake
baseUri: "https://geico.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Boomi Integration Status
▼
integration boomi
Checks Boomi integration process execution status.
naftiko: "0.5"
info:
label: "Boomi Integration Status"
description: "Checks Boomi integration process execution status."
tags: [integration, boomi]
capability:
exposes:
- type: mcp
namespace: boomi
port: 8080
tools:
- name: get-execution
description: "Look up a Boomi process execution."
inputParameters:
- name: execution_id
in: body
type: string
description: "The Boomi execution ID."
call: "boomi.get-execution"
with: { execution_id: "{{execution_id}}" }
consumes:
- type: http
namespace: boomi
baseUri: "https://api.boomi.com/api/rest/v1"
authentication: { type: basic, username: "$secrets.boomi_user", password: "$secrets.boomi_token" }
resources:
- name: executions
path: "/{{account_id}}/ExecutionRecord/{{execution_id}}"
inputParameters: [{ name: execution_id, in: path }]
operations: [{ name: get-execution, method: GET }]
Budget Variance Pipeline
▼
finance budget oracle workday
Analyzes budget variance at GEICO via Oracle, Workday, and Slack.
naftiko: "0.5"
info:
label: "Budget Variance Pipeline"
description: "Analyzes budget variance at GEICO via Oracle, Workday, and Slack."
tags:
- finance
- budget
- oracle
- workday
capability:
exposes:
- type: mcp
namespace: budget-var
port: 8080
tools:
- name: analyze-variance
description: "Check budget variance at GEICO."
inputParameters:
- name: cc
in: body
type: string
description: "Cost center."
- name: period
in: body
type: string
description: "Period."
steps:
- name: actuals
type: call
call: "oracle.get-actuals"
with:
cc: "{{cc}}"
period: "{{period}}"
- name: budget
type: call
call: "workday.get-budget"
with:
cc: "{{cc}}"
- name: compute
type: call
call: "analytics.variance"
with:
a: "{{actuals.total}}"
b: "{{budget.total}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Variance {{cc}}: ${{compute.variance}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/actuals"
operations:
- name: get-actuals
method: GET
- type: http
namespace: workday
baseUri: "https://wd5.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: budgets
path: "/budgets"
operations:
- name: get-budget
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: var
path: "/compute"
operations:
- name: variance
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Capacity Planning Pipeline
▼
infrastructure capacity-planning forecasting
Plans capacity at GEICO by collecting utilization and forecasting.
naftiko: "0.5"
info:
label: "Capacity Planning Pipeline"
description: "Plans capacity at GEICO by collecting utilization and forecasting."
tags:
- infrastructure
- capacity-planning
- forecasting
capability:
exposes:
- type: mcp
namespace: capacity
port: 8080
tools:
- name: plan-capacity
description: "Plan capacity at GEICO."
inputParameters:
- name: resource
in: body
type: string
description: "Resource type."
- name: months
in: body
type: number
description: "Forecast months."
steps:
- name: util
type: call
call: "monitoring.get-util"
with:
resource: "{{resource}}"
- name: forecast
type: call
call: "analytics.forecast"
with:
current: "{{util.pct}}"
months: "{{months}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "capacity"
resource: "{{resource}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "capacity"
consumes:
- type: http
namespace: monitoring
baseUri: "https://monitoring.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: util
path: "/resources/{{resource}}/util"
inputParameters:
- name: resource
in: path
operations:
- name: get-util
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: forecast
path: "/demand"
operations:
- name: forecast
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Catastrophe Event Response Orchestrator
▼
claims catastrophe snowflake servicenow mailchimp google-ads microsoft-teams
When a catastrophe event is declared, queries affected policies from Snowflake by geography, creates a claims surge task in ServiceNow, sends proactive outreach via MailChimp, activates a Google Ads campaign, and notifies all claims teams via Microsoft Teams.
naftiko: "0.5"
info:
label: "Catastrophe Event Response Orchestrator"
description: "When a catastrophe event is declared, queries affected policies from Snowflake by geography, creates a claims surge task in ServiceNow, sends proactive outreach via MailChimp, activates a Google Ads campaign, and notifies all claims teams via Microsoft Teams."
tags:
- claims
- catastrophe
- snowflake
- servicenow
- mailchimp
- google-ads
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cat-response
port: 8080
tools:
- name: activate-cat-response
description: "Given a catastrophe event ID, affected region, and event type, identify affected policyholders, mobilize claims resources, send outreach, and activate ads."
inputParameters:
- name: event_id
in: body
type: string
description: "The catastrophe event identifier."
- name: affected_region
in: body
type: string
description: "The affected geographic region (e.g. ZIP code range or state)."
- name: event_type
in: body
type: string
description: "Type of catastrophe (e.g. hurricane, tornado, wildfire)."
steps:
- name: query-affected-policies
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT policy_number, insured_name, insured_email, address FROM policies WHERE region='{{affected_region}}' AND status='active'"
warehouse: "CLAIMS_WH"
- name: create-surge-task
type: call
call: "servicenow.create-incident"
with:
short_description: "CAT Event {{event_id}}: {{event_type}} — {{affected_region}}"
priority: "1"
category: "catastrophe"
assigned_group: "CAT_Response"
description: "Catastrophe event: {{event_type}} in {{affected_region}}. Affected policies: {{query-affected-policies.row_count}}. Activate surge staffing."
- name: send-outreach
type: call
call: "mailchimp.send-campaign"
with:
subject: "GEICO Is Here to Help — {{event_type}} in {{affected_region}}"
segment: "region_{{affected_region}}"
- name: activate-ads
type: call
call: "google-ads.activate-campaign"
with:
campaign_name: "CAT_{{event_id}}"
region: "{{affected_region}}"
- name: notify-all-teams
type: call
call: "msteams.post-channel-message"
with:
team_id: "claims-operations"
channel_id: "catastrophe-alerts"
text: "CAT EVENT ACTIVATED: {{event_type}} in {{affected_region}} (Event: {{event_id}}). Affected policies: {{query-affected-policies.row_count}}. Surge task: {{create-surge-task.number}}. Outreach sent. Ads activated."
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: mailchimp
baseUri: "https://us1.api.mailchimp.com/3.0"
authentication:
type: bearer
token: "$secrets.mailchimp_api_key"
resources:
- name: campaigns
path: "/campaigns"
operations:
- name: send-campaign
method: POST
- type: http
namespace: google-ads
baseUri: "https://googleads.googleapis.com/v14"
authentication:
type: bearer
token: "$secrets.google_ads_token"
resources:
- name: campaigns
path: "/customers/{{customer_id}}/campaigns"
inputParameters:
- name: customer_id
in: path
operations:
- name: activate-campaign
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Certificate Expiry Pipeline
▼
security certificates monitoring
Monitors cert expiry at GEICO.
naftiko: "0.5"
info:
label: "Certificate Expiry Pipeline"
description: "Monitors cert expiry at GEICO."
tags:
- security
- certificates
- monitoring
capability:
exposes:
- type: mcp
namespace: cert-monitor
port: 8080
tools:
- name: check-certs
description: "Monitor certs at GEICO."
inputParameters:
- name: domains
in: body
type: string
description: "Domains to check."
steps:
- name: scan
type: call
call: "cert-scanner.scan"
with:
domains: "{{domains}}"
- name: filter
type: call
call: "analytics.filter-expiring"
with:
certs: "{{scan.results}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "{{filter.count}} certs expiring"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Cert alert: {{filter.count}} expiring"
consumes:
- type: http
namespace: cert-scanner
baseUri: "https://certs.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.cert_token"
resources:
- name: scans
path: "/scan"
operations:
- name: scan
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Change Management Pipeline
▼
change-management servicenow itil
Routes changes at GEICO through ServiceNow and CAB approval.
naftiko: "0.5"
info:
label: "Change Management Pipeline"
description: "Routes changes at GEICO through ServiceNow and CAB approval."
tags:
- change-management
- servicenow
- itil
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: process-change
description: "Process changes at GEICO."
inputParameters:
- name: change_id
in: body
type: string
description: "Change ID."
- name: date
in: body
type: string
description: "Date."
steps:
- name: get
type: call
call: "servicenow.get-change"
with:
id: "{{change_id}}"
- name: conflicts
type: call
call: "servicenow.check-conflicts"
with:
date: "{{date}}"
- name: submit
type: call
call: "servicenow.update"
with:
id: "{{change_id}}"
state: "approval"
- name: notify
type: call
call: "email.send"
with:
to: "cab@co.com"
subject: "CAB: {{change_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-change
method: GET
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Cisco Network Health Check
▼
infrastructure networking cisco
Queries Cisco DNA Center for network device health at GEICO data centers and offices, returning device count, health score, and active issues.
naftiko: "0.5"
info:
label: "Cisco Network Health Check"
description: "Queries Cisco DNA Center for network device health at GEICO data centers and offices, returning device count, health score, and active issues."
tags:
- infrastructure
- networking
- cisco
capability:
exposes:
- type: mcp
namespace: network-ops
port: 8080
tools:
- name: check-network-health
description: "Check network health for a site via Cisco DNA Center."
inputParameters:
- name: site_name
in: body
type: string
description: "The site name in Cisco DNA Center."
call: "cisco.get-site-health"
with:
site_name: "{{site_name}}"
consumes:
- type: http
namespace: cisco
baseUri: "https://geico-dnac.internal/dna/intent/api/v1"
authentication:
type: bearer
token: "$secrets.cisco_dnac_token"
resources:
- name: site-health
path: "/site-health"
operations:
- name: get-site-health
method: GET
Claim Status Check
▼
claims salesforce
Retrieves the current status of an insurance claim from Salesforce by claim number, returning claim state, adjuster, loss date, and reserve amount.
naftiko: "0.5"
info:
label: "Claim Status Check"
description: "Retrieves the current status of an insurance claim from Salesforce by claim number, returning claim state, adjuster, loss date, and reserve amount."
tags:
- claims
- salesforce
capability:
exposes:
- type: mcp
namespace: claims
port: 8080
tools:
- name: get-claim-status
description: "Look up a claim by claim number. Returns status, adjuster name, loss date, and current reserve."
inputParameters:
- name: claim_number
in: body
type: string
description: "The GEICO claim number."
call: "salesforce.get-claim"
with:
claim_number: "{{claim_number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/query?q=SELECT+Id,ClaimNumber__c,Status__c,Adjuster__c,LossDate__c,ReserveAmount__c+FROM+Claim__c+WHERE+ClaimNumber__c='{{claim_number}}'"
inputParameters:
- name: claim_number
in: query
operations:
- name: get-claim
method: GET
Claims Payment Processing Pipeline
▼
claims payments salesforce mastercard microsoft-outlook
When a claim is approved for payment, retrieves claim and policy details from Salesforce, processes payment via Mastercard, updates claim status, and notifies the claimant via Microsoft Outlook.
naftiko: "0.5"
info:
label: "Claims Payment Processing Pipeline"
description: "When a claim is approved for payment, retrieves claim and policy details from Salesforce, processes payment via Mastercard, updates claim status, and notifies the claimant via Microsoft Outlook."
tags:
- claims
- payments
- salesforce
- mastercard
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: claims-payment
port: 8080
tools:
- name: process-claim-payment
description: "Given a claim number and payment amount, process the payment, update the claim, and send confirmation to the claimant."
inputParameters:
- name: claim_number
in: body
type: string
description: "The claim number."
- name: payment_amount
in: body
type: number
description: "The approved payment amount."
steps:
- name: get-claim
type: call
call: "salesforce.get-claim"
with:
claim_number: "{{claim_number}}"
- name: process-payment
type: call
call: "mastercard.create-payment"
with:
amount: "{{payment_amount}}"
recipient: "{{get-claim.claimant_name}}"
reference: "{{claim_number}}"
- name: update-claim-status
type: call
call: "salesforce.update-claim"
with:
claim_number: "{{claim_number}}"
status: "Payment Issued"
payment_reference: "{{process-payment.transaction_id}}"
- name: send-confirmation
type: call
call: "outlook.send-email"
with:
to: "{{get-claim.claimant_email}}"
subject: "GEICO Claim Payment — {{claim_number}}"
body: "Dear {{get-claim.claimant_name}}, payment of ${{payment_amount}} for claim {{claim_number}} has been issued. Transaction: {{process-payment.transaction_id}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/query?q=SELECT+Id,ClaimNumber__c,ClaimantName__c,ClaimantEmail__c+FROM+Claim__c+WHERE+ClaimNumber__c='{{claim_number}}'"
inputParameters:
- name: claim_number
in: query
operations:
- name: get-claim
method: GET
- name: update-claim
method: PATCH
- type: http
namespace: mastercard
baseUri: "https://api.mastercard.com/gateway/v1"
authentication:
type: bearer
token: "$secrets.mastercard_token"
resources:
- name: payments
path: "/payments"
operations:
- name: create-payment
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
Cloud Cost Optimization Pipeline
▼
cloud cost-management finops
Optimizes cloud costs at GEICO via Azure, FinOps, Jira, and Power BI.
naftiko: "0.5"
info:
label: "Cloud Cost Optimization Pipeline"
description: "Optimizes cloud costs at GEICO via Azure, FinOps, Jira, and Power BI."
tags:
- cloud
- cost-management
- finops
capability:
exposes:
- type: mcp
namespace: cloud-opt
port: 8080
tools:
- name: optimize
description: "Optimize cloud costs at GEICO."
inputParameters:
- name: provider
in: body
type: string
description: "Provider."
- name: range
in: body
type: string
description: "Range."
steps:
- name: spend
type: call
call: "cloud.get-costs"
with:
provider: "{{provider}}"
range: "{{range}}"
- name: savings
type: call
call: "finops.analyze"
with:
data: "{{spend.data}}"
- name: action
type: call
call: "jira.create-issue"
with:
project: "FINOPS"
summary: "Save ${{savings.potential}}"
- name: report
type: call
call: "power-bi.refresh"
with:
dataset: "cloud"
consumes:
- type: http
namespace: cloud
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: costs
path: "/providers/Microsoft.CostManagement/query"
operations:
- name: get-costs
method: POST
- type: http
namespace: finops
baseUri: "https://finops.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.finops_token"
resources:
- name: analysis
path: "/savings"
operations:
- name: analyze
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Confluence Article Search
▼
knowledge-management confluence documentation
Searches Confluence at GEICO.
naftiko: "0.5"
info:
label: "Confluence Article Search"
description: "Searches Confluence at GEICO."
tags:
- knowledge-management
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: confluence-search
port: 8080
tools:
- name: search-articles
description: "Search Confluence at GEICO."
inputParameters:
- name: query
in: body
type: string
description: "Query."
call: "confluence.search"
with:
query: "{{query}}"
outputParameters:
- name: title
type: string
mapping: "$.results[0].title"
consumes:
- type: http
namespace: confluence
baseUri: "https://geico.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search
method: GET
Confluence Knowledge Base Search
▼
knowledge-management confluence
Searches GEICO's Confluence knowledge base by keyword, returning matching page titles, spaces, and direct URLs for agent support.
naftiko: "0.5"
info:
label: "Confluence Knowledge Base Search"
description: "Searches GEICO's Confluence knowledge base by keyword, returning matching page titles, spaces, and direct URLs for agent support."
tags:
- knowledge-management
- confluence
capability:
exposes:
- type: mcp
namespace: knowledge-base
port: 8080
tools:
- name: search-kb
description: "Search Confluence by keyword. Returns matching page titles, spaces, and URLs."
inputParameters:
- name: query
in: body
type: string
description: "The search keyword or phrase."
call: "confluence.search"
with:
cql: "text~\"{{query}}\""
consumes:
- type: http
namespace: confluence
baseUri: "https://geico.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: search
path: "/search"
operations:
- name: search
method: GET
Contract Renewal Pipeline
▼
procurement contracts salesforce jira
Tracks contract renewals at GEICO via contracts system, email, Jira, and Salesforce.
naftiko: "0.5"
info:
label: "Contract Renewal Pipeline"
description: "Tracks contract renewals at GEICO via contracts system, email, Jira, and Salesforce."
tags:
- procurement
- contracts
- salesforce
- jira
capability:
exposes:
- type: mcp
namespace: contract-renew
port: 8080
tools:
- name: track
description: "Track renewals at GEICO."
inputParameters:
- name: contract_id
in: body
type: string
description: "Contract ID."
- name: owner
in: body
type: string
description: "Owner email."
steps:
- name: get
type: call
call: "contracts.get"
with:
id: "{{contract_id}}"
- name: remind
type: call
call: "email.send"
with:
to: "{{owner}}"
subject: "Renewal: {{contract_id}}"
- name: task
type: call
call: "jira.create-issue"
with:
project: "PROC"
summary: "Renew {{contract_id}}"
- name: crm
type: call
call: "salesforce.update"
with:
id: "{{contract_id}}"
stage: "Renewal"
consumes:
- type: http
namespace: contracts
baseUri: "https://contracts.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.contracts_token"
resources:
- name: contracts
path: "/contracts/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: salesforce
baseUri: "https://geico.com.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opps
path: "/sobjects/Opportunity"
operations:
- name: update
method: PATCH
Cost Reallocation Pipeline
▼
finance cost-allocation oracle
Reallocates costs at GEICO.
naftiko: "0.5"
info:
label: "Cost Reallocation Pipeline"
description: "Reallocates costs at GEICO."
tags:
- finance
- cost-allocation
- oracle
capability:
exposes:
- type: mcp
namespace: cost-realloc
port: 8080
tools:
- name: reallocate
description: "Reallocate costs at GEICO."
inputParameters:
- name: source
in: body
type: string
description: "Source CC."
- name: target
in: body
type: string
description: "Target CC."
- name: amount
in: body
type: number
description: "Amount."
steps:
- name: current
type: call
call: "oracle.get-alloc"
with:
cc: "{{source}}"
- name: compute
type: call
call: "analytics.realloc"
with:
source: "{{source}}"
target: "{{target}}"
amount: "{{amount}}"
- name: post
type: call
call: "oracle.post-journal"
with:
entries: "{{compute.entries}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Reallocated ${{amount}} from {{source}} to {{target}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: allocations
path: "/cost-centers/{{cc}}/allocations"
inputParameters:
- name: cc
in: path
operations:
- name: get-alloc
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: realloc
path: "/compute"
operations:
- name: realloc
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Customer Service Escalation Pipeline
▼
customer-service escalation salesforce servicenow microsoft-teams
When a customer interaction in Salesforce is marked as escalated, retrieves customer and case details, creates a high-priority ServiceNow incident, and alerts the customer experience manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "Customer Service Escalation Pipeline"
description: "When a customer interaction in Salesforce is marked as escalated, retrieves customer and case details, creates a high-priority ServiceNow incident, and alerts the customer experience manager via Microsoft Teams."
tags:
- customer-service
- escalation
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cs-escalation
port: 8080
tools:
- name: escalate-case
description: "Given a Salesforce case ID, pull details, create ServiceNow incident, and alert the CX manager."
inputParameters:
- name: case_id
in: body
type: string
description: "The Salesforce case ID."
steps:
- name: get-case
type: call
call: "salesforce.get-case"
with:
case_id: "{{case_id}}"
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "Escalated case: {{get-case.CaseNumber}} — {{get-case.Subject}}"
priority: "1"
description: "Customer: {{get-case.ContactName}}. Policy: {{get-case.PolicyNumber}}. Issue: {{get-case.Description}}"
assigned_group: "CX_Escalations"
- name: alert-manager
type: call
call: "msteams.send-message"
with:
recipient_upn: "cx-manager@geico.com"
text: "ESCALATION: Case {{get-case.CaseNumber}} from {{get-case.ContactName}}. Policy: {{get-case.PolicyNumber}}. Subject: {{get-case.Subject}}. ServiceNow: {{create-incident.number}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case/{{case_id}}"
inputParameters:
- name: case_id
in: path
operations:
- name: get-case
method: GET
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Data Pipeline Monitor Pipeline
▼
data-engineering databricks monitoring slack
Monitors data pipelines at GEICO via Databricks, Snowflake, Slack, and ServiceNow.
naftiko: "0.5"
info:
label: "Data Pipeline Monitor Pipeline"
description: "Monitors data pipelines at GEICO via Databricks, Snowflake, Slack, and ServiceNow."
tags:
- data-engineering
- databricks
- monitoring
- slack
capability:
exposes:
- type: mcp
namespace: pipeline-mon
port: 8080
tools:
- name: monitor
description: "Monitor pipelines at GEICO."
inputParameters:
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
steps:
- name: status
type: call
call: "databricks.get-run"
with:
id: "{{pipeline_id}}"
- name: quality
type: call
call: "snowflake.query"
with:
query: "SELECT COUNT(*) FROM out WHERE p='{{pipeline_id}}'"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#data"
text: "Pipeline {{pipeline_id}}: {{status.state}}"
- name: incident
type: call
call: "servicenow.create-incident"
with:
desc: "Pipeline {{pipeline_id}} issue"
consumes:
- type: http
namespace: databricks
baseUri: "https://geico.com.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/runs/get"
operations:
- name: get-run
method: GET
- type: http
namespace: snowflake
baseUri: "https://geico.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Datadog Application Health
▼
infrastructure monitoring datadog
Queries Datadog for application performance metrics including response time, error rate, and throughput for GEICO digital services.
naftiko: "0.5"
info:
label: "Datadog Application Health"
description: "Queries Datadog for application performance metrics including response time, error rate, and throughput for GEICO digital services."
tags:
- infrastructure
- monitoring
- datadog
capability:
exposes:
- type: mcp
namespace: apm
port: 8080
tools:
- name: get-app-health
description: "Retrieve application health from Datadog by service name. Returns latency, error rate, and request rate."
inputParameters:
- name: service_name
in: body
type: string
description: "The Datadog service name."
call: "datadog.get-service-summary"
with:
service: "{{service_name}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: services
path: "/service_dependencies"
operations:
- name: get-service-summary
method: GET
Datadog Monitor Check
▼
monitoring datadog observability
Checks Datadog monitor at GEICO.
naftiko: "0.5"
info:
label: "Datadog Monitor Check"
description: "Checks Datadog monitor at GEICO."
tags:
- monitoring
- datadog
- observability
capability:
exposes:
- type: mcp
namespace: dd-monitor
port: 8080
tools:
- name: check-monitor
description: "Check monitor at GEICO."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Monitor ID."
call: "datadog.get-monitor"
with:
monitor_id: "{{monitor_id}}"
outputParameters:
- name: status
type: string
mapping: "$.overall_state"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
Digital Marketing Campaign Performance
▼
marketing advertising google-ads facebook-ads google-analytics
Aggregates marketing campaign performance from Google Ads, Facebook Ads, and Google Analytics into a unified report for the marketing team.
naftiko: "0.5"
info:
label: "Digital Marketing Campaign Performance"
description: "Aggregates marketing campaign performance from Google Ads, Facebook Ads, and Google Analytics into a unified report for the marketing team."
tags:
- marketing
- advertising
- google-ads
- facebook-ads
- google-analytics
capability:
exposes:
- type: mcp
namespace: marketing-perf
port: 8080
tools:
- name: get-campaign-performance
description: "Given a date range, pull metrics from Google Ads, Facebook Ads, and Google Analytics for a unified marketing view."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
steps:
- name: get-google-ads
type: call
call: "google-ads.get-campaign-report"
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
- name: get-facebook-ads
type: call
call: "facebook-ads.get-insights"
with:
since: "{{start_date}}"
until: "{{end_date}}"
- name: get-web-data
type: call
call: "google-analytics.run-report"
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
consumes:
- type: http
namespace: google-ads
baseUri: "https://googleads.googleapis.com/v14"
authentication:
type: bearer
token: "$secrets.google_ads_token"
resources:
- name: reports
path: "/customers/{{customer_id}}/googleAds:searchStream"
inputParameters:
- name: customer_id
in: path
operations:
- name: get-campaign-report
method: POST
- type: http
namespace: facebook-ads
baseUri: "https://graph.facebook.com/v18.0"
authentication:
type: bearer
token: "$secrets.facebook_ads_token"
resources:
- name: insights
path: "/act_{{ad_account_id}}/insights"
inputParameters:
- name: ad_account_id
in: path
operations:
- name: get-insights
method: GET
- type: http
namespace: google-analytics
baseUri: "https://analyticsdata.googleapis.com/v1beta"
authentication:
type: bearer
token: "$secrets.google_analytics_token"
resources:
- name: reports
path: "/properties/{{property_id}}:runReport"
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
DR Test Pipeline
▼
disaster-recovery business-continuity testing
Tests disaster recovery at GEICO via failover, health checks, and reporting.
naftiko: "0.5"
info:
label: "DR Test Pipeline"
description: "Tests disaster recovery at GEICO via failover, health checks, and reporting."
tags:
- disaster-recovery
- business-continuity
- testing
capability:
exposes:
- type: mcp
namespace: dr-test
port: 8080
tools:
- name: test-dr
description: "Test DR at GEICO."
inputParameters:
- name: plan_id
in: body
type: string
description: "Plan ID."
- name: type
in: body
type: string
description: "Test type."
steps:
- name: failover
type: call
call: "dr.failover"
with:
plan: "{{plan_id}}"
type: "{{type}}"
- name: validate
type: call
call: "monitoring.check"
with:
scope: "critical"
- name: measure
type: call
call: "dr.metrics"
with:
id: "{{failover.id}}"
- name: report
type: call
call: "confluence.create-page"
with:
title: "DR - {{plan_id}}"
body: "RTO:{{measure.rto}}m RPO:{{measure.rpo}}m"
consumes:
- type: http
namespace: dr
baseUri: "https://dr.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.dr_token"
resources:
- name: failovers
path: "/failovers"
operations:
- name: failover
method: POST
- type: http
namespace: monitoring
baseUri: "https://monitoring.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: health
path: "/checks"
operations:
- name: check
method: POST
- type: http
namespace: confluence
baseUri: "https://geico.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Drift Detection Pipeline
▼
infrastructure terraform drift-detection devops
Detects infrastructure drift at GEICO via Terraform, Slack, and Jira.
naftiko: "0.5"
info:
label: "Drift Detection Pipeline"
description: "Detects infrastructure drift at GEICO via Terraform, Slack, and Jira."
tags:
- infrastructure
- terraform
- drift-detection
- devops
capability:
exposes:
- type: mcp
namespace: drift-det
port: 8080
tools:
- name: detect
description: "Detect drift at GEICO."
inputParameters:
- name: ws_id
in: body
type: string
description: "Workspace ID."
- name: env
in: body
type: string
description: "Environment."
steps:
- name: plan
type: call
call: "terraform.run"
with:
ws: "{{ws_id}}"
- name: check
type: call
call: "terraform.get-plan"
with:
run: "{{plan.id}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#infra"
text: "Drift {{env}}: {{check.changes}} changes"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "INFRA"
summary: "Drift in {{env}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: run
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Dynatrace Service Monitoring
▼
infrastructure monitoring dynatrace
Retrieves Dynatrace service health metrics.
naftiko: "0.5"
info:
label: "Dynatrace Service Monitoring"
description: "Retrieves Dynatrace service health metrics."
tags: [infrastructure, monitoring, dynatrace]
capability:
exposes:
- type: mcp
namespace: dynatrace-mon
port: 8080
tools:
- name: get-service
description: "Retrieve Dynatrace service by entity ID."
inputParameters:
- name: entity_id
in: body
type: string
description: "The Dynatrace entity ID."
call: "dynatrace.get-entity"
with: { entity_id: "{{entity_id}}" }
consumes:
- type: http
namespace: dynatrace
baseUri: "https://geico.live.dynatrace.com/api/v2"
authentication: { type: bearer, token: "$secrets.dynatrace_token" }
resources:
- name: entities
path: "/entities/{{entity_id}}"
inputParameters: [{ name: entity_id, in: path }]
operations: [{ name: get-entity, method: GET }]
ES Index Health
▼
search elasticsearch infrastructure
Checks ES index at GEICO.
naftiko: "0.5"
info:
label: "ES Index Health"
description: "Checks ES index at GEICO."
tags:
- search
- elasticsearch
- infrastructure
capability:
exposes:
- type: mcp
namespace: es-health
port: 8080
tools:
- name: check-index
description: "Check ES index at GEICO."
inputParameters:
- name: index
in: body
type: string
description: "Index name."
call: "es.get-health"
with:
index: "{{index}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: docs
type: number
mapping: "$.docs.count"
consumes:
- type: http
namespace: es
baseUri: "https://es.geico.com:9200"
authentication:
type: bearer
token: "$secrets.es_token"
resources:
- name: indices
path: "/{{index}}/_stats"
inputParameters:
- name: index
in: path
operations:
- name: get-health
method: GET
Elasticsearch Log Search
▼
infrastructure logging elasticsearch
Searches Elasticsearch for application and security logs.
naftiko: "0.5"
info:
label: "Elasticsearch Log Search"
description: "Searches Elasticsearch for application and security logs."
tags: [infrastructure, logging, elasticsearch]
capability:
exposes:
- type: mcp
namespace: log-search
port: 8080
tools:
- name: search-logs
description: "Search Elasticsearch logs by query."
inputParameters:
- name: query
in: body
type: string
description: "The search query."
- name: index
in: body
type: string
description: "The index pattern."
call: "elasticsearch.search"
with: { q: "{{query}}", index: "{{index}}" }
consumes:
- type: http
namespace: elasticsearch
baseUri: "https://geico-es.internal:9200"
authentication: { type: basic, username: "$secrets.es_user", password: "$secrets.es_password" }
resources:
- name: search
path: "/{{index}}/_search"
inputParameters: [{ name: index, in: path }]
operations: [{ name: search, method: POST }]
Employee Offboarding Pipeline
▼
hr offboarding okta servicenow
Offboards employees at GEICO via Okta, Slack, ServiceNow, and storage.
naftiko: "0.5"
info:
label: "Employee Offboarding Pipeline"
description: "Offboards employees at GEICO via Okta, Slack, ServiceNow, and storage."
tags:
- hr
- offboarding
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: offboarding
port: 8080
tools:
- name: offboard
description: "Offboard employees at GEICO."
inputParameters:
- name: emp_id
in: body
type: string
description: "Employee ID."
- name: last_day
in: body
type: string
description: "Last day."
steps:
- name: disable
type: call
call: "okta.deactivate"
with:
user: "{{emp_id}}"
- name: revoke
type: call
call: "slack.remove"
with:
user: "{{emp_id}}"
- name: return
type: call
call: "servicenow.create-request"
with:
type: "return"
emp: "{{emp_id}}"
- name: archive
type: call
call: "storage.archive"
with:
user: "{{emp_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://geico.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{user}}/lifecycle/deactivate"
inputParameters:
- name: user
in: path
operations:
- name: deactivate
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.remove"
operations:
- name: remove
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: storage
baseUri: "https://storage.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.storage_token"
resources:
- name: archives
path: "/archive"
operations:
- name: archive
method: POST
Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow sharepoint pluralsight microsoft-teams
On new hire creation in Workday, opens a ServiceNow onboarding ticket, provisions a SharePoint folder, assigns compliance training via Pluralsight, and sends a Microsoft Teams welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "On new hire creation in Workday, opens a ServiceNow onboarding ticket, provisions a SharePoint folder, assigns compliance training via Pluralsight, and sends a Microsoft Teams welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- sharepoint
- pluralsight
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: onboard-employee
description: "Given a Workday worker ID and start date, create IT ticket, training folder, assign learning, and send welcome."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID."
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: department
in: body
type: string
description: "The department the new hire is joining."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: open-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-employee.full_name}}"
category: "hr_onboarding"
assigned_group: "IT_Onboarding"
description: "Onboard {{get-employee.full_name}} starting {{start_date}} in {{department}}."
- name: provision-folder
type: call
call: "sharepoint.create-folder"
with:
site_id: "hr-onboarding"
folder_path: "NewHires/{{get-employee.full_name}}_{{start_date}}"
- name: assign-training
type: call
call: "pluralsight.assign-path"
with:
user_email: "{{get-employee.work_email}}"
path_id: "insurance-fundamentals"
- name: send-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-employee.work_email}}"
text: "Welcome to GEICO, {{get-employee.first_name}}! IT ticket: {{open-ticket.number}}. Training: {{provision-folder.url}}. Pluralsight: {{assign-training.path_url}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: folders
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/api/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: assignments
path: "/learning-paths/{{path_id}}/assignments"
inputParameters:
- name: path_id
in: path
operations:
- name: assign-path
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Expense Audit Pipeline
▼
finance travel sap-concur compliance
Audits expenses at GEICO via Concur, compliance checks, and email.
naftiko: "0.5"
info:
label: "Expense Audit Pipeline"
description: "Audits expenses at GEICO via Concur, compliance checks, and email."
tags:
- finance
- travel
- sap-concur
- compliance
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit
description: "Audit expenses at GEICO."
inputParameters:
- name: report_id
in: body
type: string
description: "Report ID."
steps:
- name: get
type: call
call: "concur.get-report"
with:
id: "{{report_id}}"
- name: check
type: call
call: "compliance.check"
with:
expenses: "{{get.entries}}"
- name: flag
type: call
call: "workflow.flag"
with:
id: "{{report_id}}"
violations: "{{check.violations}}"
- name: notify
type: call
call: "email.send"
with:
to: "{{get.approver}}"
subject: "Expense {{report_id}} violations"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-report
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: policies
path: "/check"
operations:
- name: check
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: reviews
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Customer Feedback Pipeline
▼
customer-experience analytics sentiment-analysis
Analyzes feedback at GEICO via surveys, AI sentiment, and Power BI.
naftiko: "0.5"
info:
label: "Customer Feedback Pipeline"
description: "Analyzes feedback at GEICO via surveys, AI sentiment, and Power BI."
tags:
- customer-experience
- analytics
- sentiment-analysis
capability:
exposes:
- type: mcp
namespace: feedback
port: 8080
tools:
- name: analyze
description: "Analyze feedback at GEICO."
inputParameters:
- name: survey_id
in: body
type: string
description: "Survey ID."
steps:
- name: collect
type: call
call: "survey.get"
with:
id: "{{survey_id}}"
- name: sentiment
type: call
call: "ai.analyze"
with:
text: "{{collect.responses}}"
- name: themes
type: call
call: "ai.themes"
with:
data: "{{collect.responses}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "cx"
consumes:
- type: http
namespace: survey
baseUri: "https://surveys.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.survey_token"
resources:
- name: responses
path: "/surveys/{{id}}/responses"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: ai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: analyze
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Figma Design File Metadata
▼
design figma
Retrieves Figma design file metadata for GEICO digital product designs.
naftiko: "0.5"
info:
label: "Figma Design File Metadata"
description: "Retrieves Figma design file metadata for GEICO digital product designs."
tags: [design, figma]
capability:
exposes:
- type: mcp
namespace: design
port: 8080
tools:
- name: get-design-file
description: "Look up a Figma file by key."
inputParameters:
- name: file_key
in: body
type: string
description: "The Figma file key."
call: "figma.get-file"
with: { file_key: "{{file_key}}" }
consumes:
- type: http
namespace: figma
baseUri: "https://api.figma.com/v1"
authentication: { type: bearer, token: "$secrets.figma_token" }
resources:
- name: files
path: "/files/{{file_key}}"
inputParameters: [{ name: file_key, in: path }]
operations: [{ name: get-file, method: GET }]
First Notice of Loss Orchestrator
▼
claims fnol salesforce servicenow microsoft-outlook microsoft-teams
When a customer reports a new claim, creates the claim record in Salesforce, opens a ServiceNow assignment task for the adjuster, sends a confirmation email via Microsoft Outlook, and notifies the claims team in Microsoft Teams.
naftiko: "0.5"
info:
label: "First Notice of Loss Orchestrator"
description: "When a customer reports a new claim, creates the claim record in Salesforce, opens a ServiceNow assignment task for the adjuster, sends a confirmation email via Microsoft Outlook, and notifies the claims team in Microsoft Teams."
tags:
- claims
- fnol
- salesforce
- servicenow
- microsoft-outlook
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: fnol
port: 8080
tools:
- name: process-fnol
description: "Given policy number, loss details, and contact info, create the claim, assign an adjuster, email confirmation, and notify the team."
inputParameters:
- name: policy_number
in: body
type: string
description: "The GEICO policy number."
- name: loss_date
in: body
type: string
description: "Date of loss in YYYY-MM-DD format."
- name: loss_description
in: body
type: string
description: "Description of the loss event."
- name: contact_email
in: body
type: string
description: "Claimant contact email."
- name: contact_name
in: body
type: string
description: "Claimant name."
steps:
- name: create-claim
type: call
call: "salesforce.create-claim"
with:
policy_number: "{{policy_number}}"
loss_date: "{{loss_date}}"
description: "{{loss_description}}"
claimant_name: "{{contact_name}}"
claimant_email: "{{contact_email}}"
- name: assign-adjuster
type: call
call: "servicenow.create-task"
with:
short_description: "New claim assignment: {{create-claim.claim_number}}"
assigned_group: "Claims_Adjusters"
description: "Policy: {{policy_number}}. Loss date: {{loss_date}}. Claimant: {{contact_name}}. Description: {{loss_description}}."
category: "claims"
- name: send-confirmation
type: call
call: "outlook.send-email"
with:
to: "{{contact_email}}"
subject: "GEICO Claim Filed — {{create-claim.claim_number}}"
body: "Dear {{contact_name}}, your claim {{create-claim.claim_number}} has been filed. An adjuster will contact you within 24 hours. Reference: {{create-claim.claim_number}}."
- name: notify-claims-team
type: call
call: "msteams.post-channel-message"
with:
team_id: "claims-operations"
channel_id: "new-claims"
text: "New FNOL: Claim {{create-claim.claim_number}}. Policy: {{policy_number}}. Loss: {{loss_date}}. Claimant: {{contact_name}}. Adjuster task: {{assign-adjuster.number}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/sobjects/Claim__c"
operations:
- name: create-claim
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Fraud Detection Alert Pipeline
▼
fraud claims salesforce servicenow sharepoint microsoft-teams
When the fraud scoring model flags a suspicious claim, retrieves the claim from Salesforce, creates a special investigation unit case in ServiceNow, logs evidence in SharePoint, and alerts the SIU team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Fraud Detection Alert Pipeline"
description: "When the fraud scoring model flags a suspicious claim, retrieves the claim from Salesforce, creates a special investigation unit case in ServiceNow, logs evidence in SharePoint, and alerts the SIU team via Microsoft Teams."
tags:
- fraud
- claims
- salesforce
- servicenow
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: fraud-detection
port: 8080
tools:
- name: process-fraud-alert
description: "Given a claim number and fraud score, retrieve claim details, open SIU case, provision evidence folder, and alert the investigation team."
inputParameters:
- name: claim_number
in: body
type: string
description: "The flagged claim number."
- name: fraud_score
in: body
type: number
description: "The fraud probability score (0-100)."
- name: fraud_indicators
in: body
type: string
description: "Comma-separated list of fraud indicators detected."
steps:
- name: get-claim
type: call
call: "salesforce.get-claim"
with:
claim_number: "{{claim_number}}"
- name: create-siu-case
type: call
call: "servicenow.create-incident"
with:
short_description: "SIU Investigation: Claim {{claim_number}} — Score {{fraud_score}}"
category: "fraud_investigation"
priority: "1"
assigned_group: "Special_Investigations"
description: "Claim: {{claim_number}}. Fraud score: {{fraud_score}}. Indicators: {{fraud_indicators}}. Policy: {{get-claim.policy_number}}. Claimant: {{get-claim.claimant_name}}. Loss date: {{get-claim.loss_date}}."
- name: provision-evidence
type: call
call: "sharepoint.create-folder"
with:
site_id: "siu-evidence"
folder_path: "Investigations/{{claim_number}}"
- name: alert-siu
type: call
call: "msteams.post-channel-message"
with:
team_id: "siu-team"
channel_id: "fraud-alerts"
text: "FRAUD ALERT: Claim {{claim_number}} scored {{fraud_score}}. Indicators: {{fraud_indicators}}. SIU case: {{create-siu-case.number}}. Evidence folder: {{provision-evidence.url}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/query?q=SELECT+Id,ClaimNumber__c,PolicyNumber__c,ClaimantName__c,LossDate__c+FROM+Claim__c+WHERE+ClaimNumber__c='{{claim_number}}'"
inputParameters:
- name: claim_number
in: query
operations:
- name: get-claim
method: GET
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: folders
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
GitHub Repo Check
▼
devops github version-control
Checks GitHub repo at GEICO.
naftiko: "0.5"
info:
label: "GitHub Repo Check"
description: "Checks GitHub repo at GEICO."
tags:
- devops
- github
- version-control
capability:
exposes:
- type: mcp
namespace: gh-repo
port: 8080
tools:
- name: get-branch
description: "Check branch at GEICO."
inputParameters:
- name: repo
in: body
type: string
description: "Repo."
- name: branch
in: body
type: string
description: "Branch."
call: "github.get-branch"
with:
repo: "{{repo}}"
branch: "{{branch}}"
outputParameters:
- name: sha
type: string
mapping: "$.commit.sha"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branches
path: "/repos/org/{{repo}}/branches/{{branch}}"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch
method: GET
GitHub Repository Status
▼
engineering github
Retrieves GitHub repository details for GEICO engineering.
naftiko: "0.5"
info:
label: "GitHub Repository Status"
description: "Retrieves GitHub repository details for GEICO engineering."
tags: [engineering, github]
capability:
exposes:
- type: mcp
namespace: source-control
port: 8080
tools:
- name: get-repo
description: "Look up a GitHub repository."
inputParameters:
- name: repo_name
in: body
type: string
description: "The repository name (owner/repo)."
call: "github.get-repo"
with: { repo: "{{repo_name}}" }
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication: { type: bearer, token: "$secrets.github_token" }
resources:
- name: repos
path: "/repos/{{repo}}"
inputParameters: [{ name: repo, in: path }]
operations: [{ name: get-repo, method: GET }]
Google Analytics Web Traffic
▼
marketing analytics google-analytics
Pulls daily web traffic metrics from Google Analytics for geico.com including sessions, page views, bounce rate, and quote start conversion.
naftiko: "0.5"
info:
label: "Google Analytics Web Traffic"
description: "Pulls daily web traffic metrics from Google Analytics for geico.com including sessions, page views, bounce rate, and quote start conversion."
tags:
- marketing
- analytics
- google-analytics
capability:
exposes:
- type: mcp
namespace: web-analytics
port: 8080
tools:
- name: get-web-traffic
description: "Retrieve daily web traffic metrics from Google Analytics for a date range."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
call: "google-analytics.run-report"
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
consumes:
- type: http
namespace: google-analytics
baseUri: "https://analyticsdata.googleapis.com/v1beta"
authentication:
type: bearer
token: "$secrets.google_analytics_token"
resources:
- name: reports
path: "/properties/{{property_id}}:runReport"
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
Grafana Dashboard Status
▼
monitoring grafana dashboards
Checks Grafana dashboard at GEICO.
naftiko: "0.5"
info:
label: "Grafana Dashboard Status"
description: "Checks Grafana dashboard at GEICO."
tags:
- monitoring
- grafana
- dashboards
capability:
exposes:
- type: mcp
namespace: grafana
port: 8080
tools:
- name: check-dash
description: "Check dashboard at GEICO."
inputParameters:
- name: uid
in: body
type: string
description: "Dashboard UID."
call: "grafana.get-dash"
with:
uid: "{{uid}}"
outputParameters:
- name: title
type: string
mapping: "$.dashboard.title"
consumes:
- type: http
namespace: grafana
baseUri: "https://grafana.geico.com/api"
authentication:
type: bearer
token: "$secrets.grafana_token"
resources:
- name: dashboards
path: "/dashboards/uid/{{uid}}"
inputParameters:
- name: uid
in: path
operations:
- name: get-dash
method: GET
HubSpot Lead Lookup
▼
marketing lead-management hubspot
Retrieves a marketing lead from HubSpot for GEICO lead generation.
naftiko: "0.5"
info:
label: "HubSpot Lead Lookup"
description: "Retrieves a marketing lead from HubSpot for GEICO lead generation."
tags: [marketing, lead-management, hubspot]
capability:
exposes:
- type: mcp
namespace: marketing-leads
port: 8080
tools:
- name: get-lead
description: "Look up a HubSpot lead by email."
inputParameters:
- name: email
in: body
type: string
description: "The lead email."
call: "hubspot.get-contact"
with: { email: "{{email}}" }
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication: { type: bearer, token: "$secrets.hubspot_token" }
resources:
- name: contacts
path: "/crm/v3/objects/contacts/search"
operations: [{ name: get-contact, method: POST }]
Informatica Data Job Status
▼
data-engineering etl informatica
Checks Informatica data integration job status.
naftiko: "0.5"
info:
label: "Informatica Data Job Status"
description: "Checks Informatica data integration job status."
tags: [data-engineering, etl, informatica]
capability:
exposes:
- type: mcp
namespace: data-integration
port: 8080
tools:
- name: get-job
description: "Look up an Informatica job by task ID."
inputParameters:
- name: task_id
in: body
type: string
description: "The Informatica task ID."
call: "informatica.get-activity"
with: { task_id: "{{task_id}}" }
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication: { type: bearer, token: "$secrets.informatica_token" }
resources:
- name: activity
path: "/activity/activityLog?taskId={{task_id}}"
inputParameters: [{ name: task_id, in: query }]
operations: [{ name: get-activity, method: GET }]
IT Incident Escalation Pipeline
▼
incident-management servicenow pagerduty slack
Escalates IT incidents at GEICO via ServiceNow, PagerDuty, and Slack.
naftiko: "0.5"
info:
label: "IT Incident Escalation Pipeline"
description: "Escalates IT incidents at GEICO via ServiceNow, PagerDuty, and Slack."
tags:
- incident-management
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-incident
description: "Escalate incidents at GEICO."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
- name: severity
in: body
type: string
description: "Severity."
steps:
- name: get-incident
type: call
call: "servicenow.get-incident"
with:
incident_id: "{{incident_id}}"
- name: page
type: call
call: "pagerduty.create-incident"
with:
title: "{{get-incident.description}}"
urgency: "{{severity}}"
- name: channel
type: call
call: "slack.create-channel"
with:
name: "inc-{{incident_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#inc-{{incident_id}}"
text: "P{{severity}}: {{get-incident.description}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: channels
path: "/conversations.create"
operations:
- name: create-channel
method: POST
Jira Sprint Progress Lookup
▼
project-management jira agile
Retrieves sprint progress at GEICO.
naftiko: "0.5"
info:
label: "Jira Sprint Progress Lookup"
description: "Retrieves sprint progress at GEICO."
tags:
- project-management
- jira
- agile
capability:
exposes:
- type: mcp
namespace: jira-sprint
port: 8080
tools:
- name: get-sprint
description: "Look up sprint at GEICO."
inputParameters:
- name: project_key
in: body
type: string
description: "Project key."
call: "jira.get-sprints"
with:
project: "{{project_key}}"
outputParameters:
- name: name
type: string
mapping: "$.values[0].name"
- name: state
type: string
mapping: "$.values[0].state"
consumes:
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/agile/1.0"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: sprints
path: "/board/1/sprint"
operations:
- name: get-sprints
method: GET
Jira Task Status
▼
engineering project-management jira
Retrieves a Jira task by issue key, returning summary, status, assignee, priority, and sprint information.
naftiko: "0.5"
info:
label: "Jira Task Status"
description: "Retrieves a Jira task by issue key, returning summary, status, assignee, priority, and sprint information."
tags:
- engineering
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: eng-tasks
port: 8080
tools:
- name: get-task
description: "Look up a Jira issue by key. Returns summary, status, assignee, and priority."
inputParameters:
- name: issue_key
in: body
type: string
description: "The Jira issue key."
call: "jira.get-issue"
with:
issue_key: "{{issue_key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://geico.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
Knowledge Base Maintenance Pipeline
▼
knowledge-management confluence maintenance
Maintains KB at GEICO by finding stale articles and notifying owners.
naftiko: "0.5"
info:
label: "Knowledge Base Maintenance Pipeline"
description: "Maintains KB at GEICO by finding stale articles and notifying owners."
tags:
- knowledge-management
- confluence
- maintenance
capability:
exposes:
- type: mcp
namespace: kb-maint
port: 8080
tools:
- name: maintain-kb
description: "Maintain KB at GEICO."
inputParameters:
- name: space
in: body
type: string
description: "Confluence space."
- name: stale_days
in: body
type: number
description: "Days threshold."
steps:
- name: find
type: call
call: "confluence.search-stale"
with:
space: "{{space}}"
days: "{{stale_days}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{find.owners}}"
subject: "KB review needed"
- name: flag
type: call
call: "confluence.add-label"
with:
pages: "{{find.ids}}"
label: "needs-review"
- name: report
type: call
call: "slack.post-message"
with:
channel: "#kb"
text: "KB: {{find.count}} stale articles"
consumes:
- type: http
namespace: confluence
baseUri: "https://geico.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search-stale
method: GET
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Weekly KPI Digest Pipeline
▼
reporting kpi snowflake executive
Generates KPI digest at GEICO from Snowflake, Oracle, Power BI, and email.
naftiko: "0.5"
info:
label: "Weekly KPI Digest Pipeline"
description: "Generates KPI digest at GEICO from Snowflake, Oracle, Power BI, and email."
tags:
- reporting
- kpi
- snowflake
- executive
capability:
exposes:
- type: mcp
namespace: kpi-digest
port: 8080
tools:
- name: gen-digest
description: "Generate KPI digest at GEICO."
inputParameters:
- name: week
in: body
type: string
description: "Week ending."
- name: dist
in: body
type: string
description: "Distribution list."
steps:
- name: ops
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM kpis WHERE w='{{week}}'"
- name: fin
type: call
call: "oracle.get-summary"
with:
period: "{{week}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "exec_kpis"
- name: send
type: call
call: "email.send"
with:
to: "{{dist}}"
subject: "KPIs - {{week}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/summary"
operations:
- name: get-summary
method: GET
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
K8s Pod Health
▼
containers kubernetes infrastructure
Checks K8s pod health at GEICO.
naftiko: "0.5"
info:
label: "K8s Pod Health"
description: "Checks K8s pod health at GEICO."
tags:
- containers
- kubernetes
- infrastructure
capability:
exposes:
- type: mcp
namespace: k8s-pod
port: 8080
tools:
- name: check-pod
description: "Check pod at GEICO."
inputParameters:
- name: namespace
in: body
type: string
description: "Namespace."
- name: pod
in: body
type: string
description: "Pod name."
call: "k8s.get-pod"
with:
namespace: "{{namespace}}"
pod: "{{pod}}"
outputParameters:
- name: phase
type: string
mapping: "$.status.phase"
consumes:
- type: http
namespace: k8s
baseUri: "https://k8s.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.k8s_token"
resources:
- name: pods
path: "/namespaces/{{namespace}}/pods/{{pod}}"
inputParameters:
- name: namespace
in: path
- name: pod
in: path
operations:
- name: get-pod
method: GET
License Compliance Pipeline
▼
compliance licensing procurement
Checks license compliance at GEICO via scanning, entitlements, and procurement.
naftiko: "0.5"
info:
label: "License Compliance Pipeline"
description: "Checks license compliance at GEICO via scanning, entitlements, and procurement."
tags:
- compliance
- licensing
- procurement
capability:
exposes:
- type: mcp
namespace: license-comp
port: 8080
tools:
- name: check-licenses
description: "Check license compliance at GEICO."
inputParameters:
- name: software
in: body
type: string
description: "Software."
- name: vendor
in: body
type: string
description: "Vendor."
steps:
- name: scan
type: call
call: "assets.installations"
with:
sw: "{{software}}"
- name: entitlements
type: call
call: "licenses.get"
with:
sw: "{{software}}"
- name: flag
type: call
call: "compliance.flag"
with:
installed: "{{scan.count}}"
entitled: "{{entitlements.count}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "license"
sw: "{{software}}"
consumes:
- type: http
namespace: assets
baseUri: "https://assets.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.asset_token"
resources:
- name: installations
path: "/installations"
operations:
- name: installations
method: GET
- type: http
namespace: licenses
baseUri: "https://licenses.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.license_token"
resources:
- name: ent
path: "/entitlements"
operations:
- name: get
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: overages
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
LinkedIn Job Posting Status
▼
recruiting linkedin
Retrieves LinkedIn job posting status for GEICO recruiting.
naftiko: "0.5"
info:
label: "LinkedIn Job Posting Status"
description: "Retrieves LinkedIn job posting status for GEICO recruiting."
tags: [recruiting, linkedin]
capability:
exposes:
- type: mcp
namespace: recruiting
port: 8080
tools:
- name: get-job-posting
description: "Look up a LinkedIn job posting."
inputParameters:
- name: job_id
in: body
type: string
description: "The LinkedIn job posting ID."
call: "linkedin.get-job"
with: { job_id: "{{job_id}}" }
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication: { type: bearer, token: "$secrets.linkedin_token" }
resources:
- name: jobs
path: "/jobs/{{job_id}}"
inputParameters: [{ name: job_id, in: path }]
operations: [{ name: get-job, method: GET }]
Microsoft Teams Channel Notification
▼
communications microsoft-teams
Sends a formatted notification message to a Microsoft Teams channel for operational alerts, claims updates, or system announcements.
naftiko: "0.5"
info:
label: "Microsoft Teams Channel Notification"
description: "Sends a formatted notification message to a Microsoft Teams channel for operational alerts, claims updates, or system announcements."
tags:
- communications
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: notifications
port: 8080
tools:
- name: send-channel-alert
description: "Post a message to a Microsoft Teams channel."
inputParameters:
- name: team_id
in: body
type: string
description: "The Microsoft Teams team ID."
- name: channel_id
in: body
type: string
description: "The Microsoft Teams channel ID."
- name: message
in: body
type: string
description: "The notification message text."
call: "msteams.post-channel-message"
with:
team_id: "{{team_id}}"
channel_id: "{{channel_id}}"
text: "{{message}}"
consumes:
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Monthly Security Report Pipeline
▼
security reporting splunk compliance
Generates monthly security reports at GEICO from Splunk and Qualys.
naftiko: "0.5"
info:
label: "Monthly Security Report Pipeline"
description: "Generates monthly security reports at GEICO from Splunk and Qualys."
tags:
- security
- reporting
- splunk
- compliance
capability:
exposes:
- type: mcp
namespace: sec-report
port: 8080
tools:
- name: gen-sec-report
description: "Generate security report at GEICO."
inputParameters:
- name: month
in: body
type: string
description: "Month."
steps:
- name: splunk
type: call
call: "splunk.search"
with:
query: "index=security earliest=-30d"
- name: scans
type: call
call: "qualys.results"
with:
month: "{{month}}"
- name: compile
type: call
call: "analytics.compile-security"
with:
events: "{{splunk.count}}"
vulns: "{{scans.critical}}"
- name: send
type: call
call: "email.send"
with:
to: "ciso@co.com"
subject: "Security - {{month}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.geico.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: results
path: "/fo/scan/results"
operations:
- name: results
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: security
path: "/compile"
operations:
- name: compile-security
method: POST
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
MuleSoft API Gateway Health
▼
infrastructure integration mulesoft
Checks MuleSoft API gateway health for GEICO's integration layer, returning active APIs, error rates, and throughput metrics.
naftiko: "0.5"
info:
label: "MuleSoft API Gateway Health"
description: "Checks MuleSoft API gateway health for GEICO's integration layer, returning active APIs, error rates, and throughput metrics."
tags:
- infrastructure
- integration
- mulesoft
capability:
exposes:
- type: mcp
namespace: api-gateway
port: 8080
tools:
- name: get-api-health
description: "Retrieve MuleSoft API gateway health metrics. Returns active API count, error rate, and throughput."
inputParameters:
- name: environment_id
in: body
type: string
description: "The MuleSoft environment ID."
call: "mulesoft.get-api-stats"
with:
environment_id: "{{environment_id}}"
consumes:
- type: http
namespace: mulesoft
baseUri: "https://anypoint.mulesoft.com/analytics/1.0"
authentication:
type: bearer
token: "$secrets.mulesoft_token"
resources:
- name: api-stats
path: "/{{org_id}}/environments/{{environment_id}}/apis"
inputParameters:
- name: environment_id
in: path
operations:
- name: get-api-stats
method: GET
New Employee IT Onboarding Pipeline
▼
hr onboarding okta servicenow slack
Onboards employees at GEICO with Okta, ServiceNow, Slack, and calendar.
naftiko: "0.5"
info:
label: "New Employee IT Onboarding Pipeline"
description: "Onboards employees at GEICO with Okta, ServiceNow, Slack, and calendar."
tags:
- hr
- onboarding
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: it-onboarding
port: 8080
tools:
- name: onboard-employee
description: "Onboard employees at GEICO."
inputParameters:
- name: name
in: body
type: string
description: "Name."
- name: dept
in: body
type: string
description: "Department."
- name: start
in: body
type: string
description: "Start date."
steps:
- name: okta
type: call
call: "okta.create-user"
with:
name: "{{name}}"
department: "{{dept}}"
- name: equip
type: call
call: "servicenow.create-request"
with:
type: "new_hire"
for: "{{name}}"
- name: slack
type: call
call: "slack.invite"
with:
email: "{{okta.email}}"
- name: orient
type: call
call: "calendar.create-event"
with:
title: "Orientation - {{name}}"
date: "{{start}}"
consumes:
- type: http
namespace: okta
baseUri: "https://geico.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.invite"
operations:
- name: invite
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/hr/events"
operations:
- name: create-event
method: POST
New Relic APM Check
▼
monitoring new-relic apm
Checks New Relic APM at GEICO.
naftiko: "0.5"
info:
label: "New Relic APM Check"
description: "Checks New Relic APM at GEICO."
tags:
- monitoring
- new-relic
- apm
capability:
exposes:
- type: mcp
namespace: nr-apm
port: 8080
tools:
- name: check-apm
description: "Check APM at GEICO."
inputParameters:
- name: app_id
in: body
type: string
description: "App ID."
call: "newrelic.get-app"
with:
app_id: "{{app_id}}"
outputParameters:
- name: health
type: string
mapping: "$.application.health_status"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: bearer
token: "$secrets.new_relic_api_key"
resources:
- name: applications
path: "/applications/{{app_id}}.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-app
method: GET
New Relic Application Performance
▼
infrastructure apm new-relic
Queries New Relic for application performance metrics.
naftiko: "0.5"
info:
label: "New Relic Application Performance"
description: "Queries New Relic for application performance metrics."
tags: [infrastructure, apm, new-relic]
capability:
exposes:
- type: mcp
namespace: apm-newrelic
port: 8080
tools:
- name: get-app-perf
description: "Retrieve New Relic app metrics."
inputParameters:
- name: app_id
in: body
type: string
description: "The New Relic application ID."
call: "newrelic.get-app"
with: { app_id: "{{app_id}}" }
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication: { type: apiKey, name: "Api-Key", in: header, value: "$secrets.newrelic_api_key" }
resources:
- name: apps
path: "/applications/{{app_id}}.json"
inputParameters: [{ name: app_id, in: path }]
operations: [{ name: get-app, method: GET }]
Okta User Check
▼
identity okta access-management
Checks Okta user at GEICO.
naftiko: "0.5"
info:
label: "Okta User Check"
description: "Checks Okta user at GEICO."
tags:
- identity
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: okta-user
port: 8080
tools:
- name: check-user
description: "Check user at GEICO."
inputParameters:
- name: email
in: body
type: string
description: "Email."
call: "okta.get-user"
with:
email: "{{email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: okta
baseUri: "https://geico.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
PagerDuty On-Call Check
▼
incident-management pagerduty on-call
Checks on-call at GEICO.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Check"
description: "Checks on-call at GEICO."
tags:
- incident-management
- pagerduty
- on-call
capability:
exposes:
- type: mcp
namespace: pd-oncall
port: 8080
tools:
- name: get-oncall
description: "Check on-call at GEICO."
inputParameters:
- name: schedule_id
in: body
type: string
description: "Schedule ID."
call: "pagerduty.get-oncall"
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user
type: string
mapping: "$.oncalls[0].user.summary"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
Palo Alto Networks Firewall Health
▼
security firewall palo-alto-networks
Queries Palo Alto Networks firewall for GEICO network perimeter health.
naftiko: "0.5"
info:
label: "Palo Alto Networks Firewall Health"
description: "Queries Palo Alto Networks firewall for GEICO network perimeter health."
tags: [security, firewall, palo-alto-networks]
capability:
exposes:
- type: mcp
namespace: firewall
port: 8080
tools:
- name: get-firewall-status
description: "Retrieve firewall system info."
inputParameters:
- name: device_name
in: body
type: string
description: "The firewall device name."
call: "paloalto.get-info"
with: { device: "{{device_name}}" }
consumes:
- type: http
namespace: paloalto
baseUri: "https://geico-panorama.internal/restapi/v10.2"
authentication: { type: apiKey, name: "X-PAN-KEY", in: header, value: "$secrets.paloalto_key" }
resources:
- name: system
path: "/Device/SystemInfo"
operations: [{ name: get-info, method: GET }]
Policy Lookup by Number
▼
insurance policy salesforce
Retrieves an insurance policy from Salesforce by policy number, returning coverage details, premium amount, effective dates, and named insured.
naftiko: "0.5"
info:
label: "Policy Lookup by Number"
description: "Retrieves an insurance policy from Salesforce by policy number, returning coverage details, premium amount, effective dates, and named insured."
tags:
- insurance
- policy
- salesforce
capability:
exposes:
- type: mcp
namespace: policy-mgmt
port: 8080
tools:
- name: get-policy
description: "Look up an insurance policy by policy number. Returns coverage, premium, effective dates, and insured name."
inputParameters:
- name: policy_number
in: body
type: string
description: "The GEICO policy number."
call: "salesforce.get-policy"
with:
policy_number: "{{policy_number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: policies
path: "/query?q=SELECT+Id,PolicyNumber__c,Coverage__c,Premium__c,EffectiveDate__c,ExpirationDate__c,InsuredName__c+FROM+Policy__c+WHERE+PolicyNumber__c='{{policy_number}}'"
inputParameters:
- name: policy_number
in: query
operations:
- name: get-policy
method: GET
Policy Renewal Pipeline
▼
insurance renewal salesforce microsoft-outlook
When a policy approaches expiration, retrieves policy and customer details from Salesforce, generates a renewal quote, sends the renewal offer via Microsoft Outlook, and logs the activity in Salesforce.
naftiko: "0.5"
info:
label: "Policy Renewal Pipeline"
description: "When a policy approaches expiration, retrieves policy and customer details from Salesforce, generates a renewal quote, sends the renewal offer via Microsoft Outlook, and logs the activity in Salesforce."
tags:
- insurance
- renewal
- salesforce
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: policy-renewal
port: 8080
tools:
- name: process-renewal
description: "Given a policy number, retrieve details, generate renewal quote, email the customer, and log the activity."
inputParameters:
- name: policy_number
in: body
type: string
description: "The policy number."
steps:
- name: get-policy
type: call
call: "salesforce.get-policy"
with:
policy_number: "{{policy_number}}"
- name: generate-quote
type: call
call: "salesforce.create-renewal-quote"
with:
policy_id: "{{get-policy.Id}}"
- name: send-offer
type: call
call: "outlook.send-email"
with:
to: "{{get-policy.insured_email}}"
subject: "Your GEICO Policy Renewal — {{policy_number}}"
body: "Dear {{get-policy.insured_name}}, your policy {{policy_number}} expires on {{get-policy.expiration_date}}. Your renewal premium is ${{generate-quote.premium}}. Renew online or call us."
- name: log-activity
type: call
call: "salesforce.create-activity"
with:
policy_id: "{{get-policy.Id}}"
subject: "Renewal offer sent"
description: "Renewal quote: ${{generate-quote.premium}}. Email sent to {{get-policy.insured_email}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: policies
path: "/query?q=SELECT+Id,PolicyNumber__c,InsuredName__c,InsuredEmail__c,ExpirationDate__c+FROM+Policy__c+WHERE+PolicyNumber__c='{{policy_number}}'"
inputParameters:
- name: policy_number
in: query
operations:
- name: get-policy
method: GET
- name: renewal-quotes
path: "/sobjects/RenewalQuote__c"
operations:
- name: create-renewal-quote
method: POST
- name: activities
path: "/sobjects/Task"
operations:
- name: create-activity
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
Incident Postmortem Pipeline
▼
incident-management postmortem pagerduty confluence
Creates postmortems at GEICO.
naftiko: "0.5"
info:
label: "Incident Postmortem Pipeline"
description: "Creates postmortems at GEICO."
tags:
- incident-management
- postmortem
- pagerduty
- confluence
capability:
exposes:
- type: mcp
namespace: postmortem
port: 8080
tools:
- name: create-postmortem
description: "Create postmortem at GEICO."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
steps:
- name: timeline
type: call
call: "pagerduty.get-log"
with:
id: "{{incident_id}}"
- name: metrics
type: call
call: "datadog.get-metrics"
with:
incident: "{{incident_id}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Postmortem: {{timeline.title}}"
body: "Impact: {{metrics.impact}}"
- name: review
type: call
call: "calendar.create-event"
with:
title: "Review: {{timeline.title}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents/{{id}}/log_entries"
inputParameters:
- name: id
in: path
operations:
- name: get-log
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: incidents
path: "/incidents"
operations:
- name: get-metrics
method: GET
- type: http
namespace: confluence
baseUri: "https://geico.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/sre/events"
operations:
- name: create-event
method: POST
Power BI Claims Dashboard Refresh
▼
analytics reporting power-bi
Triggers a Power BI dataset refresh for claims analytics dashboards used by GEICO claims management and returns the refresh status.
naftiko: "0.5"
info:
label: "Power BI Claims Dashboard Refresh"
description: "Triggers a Power BI dataset refresh for claims analytics dashboards used by GEICO claims management and returns the refresh status."
tags:
- analytics
- reporting
- power-bi
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: refresh-claims-dashboard
description: "Trigger a Power BI dataset refresh by dataset ID."
inputParameters:
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID."
call: "powerbi.refresh-dataset"
with:
dataset_id: "{{dataset_id}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Power BI Refresh Check
▼
analytics power-bi dashboards
Checks Power BI refresh at GEICO.
naftiko: "0.5"
info:
label: "Power BI Refresh Check"
description: "Checks Power BI refresh at GEICO."
tags:
- analytics
- power-bi
- dashboards
capability:
exposes:
- type: mcp
namespace: pbi-refresh
port: 8080
tools:
- name: check-refresh
description: "Check refresh at GEICO."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Dataset ID."
call: "power-bi.get-refresh"
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].status"
consumes:
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh
method: GET
Quarterly Compliance Report Pipeline
▼
compliance reporting snowflake power-bi
Generates compliance reports at GEICO from Snowflake, Power BI, and email.
naftiko: "0.5"
info:
label: "Quarterly Compliance Report Pipeline"
description: "Generates compliance reports at GEICO from Snowflake, Power BI, and email."
tags:
- compliance
- reporting
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: compliance-rpt
port: 8080
tools:
- name: gen-report
description: "Generate compliance reports at GEICO."
inputParameters:
- name: quarter
in: body
type: string
description: "Quarter."
- name: type
in: body
type: string
description: "Type."
steps:
- name: data
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM compliance WHERE q='{{quarter}}'"
- name: metrics
type: call
call: "analytics.compute"
with:
data: "{{data.results}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "compliance"
- name: send
type: call
call: "email.send"
with:
to: "compliance@co.com"
subject: "{{type}} - {{quarter}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: metrics
path: "/compute"
operations:
- name: compute
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Redis Cache Status
▼
caching redis infrastructure
Checks Redis at GEICO.
naftiko: "0.5"
info:
label: "Redis Cache Status"
description: "Checks Redis at GEICO."
tags:
- caching
- redis
- infrastructure
capability:
exposes:
- type: mcp
namespace: redis
port: 8080
tools:
- name: check-cache
description: "Check Redis at GEICO."
inputParameters:
- name: instance
in: body
type: string
description: "Instance ID."
call: "redis.get-info"
with:
instance: "{{instance}}"
outputParameters:
- name: memory
type: string
mapping: "$.used_memory_human"
consumes:
- type: http
namespace: redis
baseUri: "https://redis.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.redis_token"
resources:
- name: instances
path: "/instances/{{instance}}/info"
inputParameters:
- name: instance
in: path
operations:
- name: get-info
method: GET
Regulatory Compliance Filing Orchestrator
▼
compliance regulatory snowflake sharepoint servicenow confluence microsoft-teams
Prepares a regulatory filing by pulling policy and claims data from Snowflake, generating the report document in SharePoint, creating a compliance task in ServiceNow, documenting in Confluence, and notifying the compliance team.
naftiko: "0.5"
info:
label: "Regulatory Compliance Filing Orchestrator"
description: "Prepares a regulatory filing by pulling policy and claims data from Snowflake, generating the report document in SharePoint, creating a compliance task in ServiceNow, documenting in Confluence, and notifying the compliance team."
tags:
- compliance
- regulatory
- snowflake
- sharepoint
- servicenow
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: regulatory-filing
port: 8080
tools:
- name: prepare-filing
description: "Given a filing type and reporting period, extract data, generate the report, create compliance task, document, and notify."
inputParameters:
- name: filing_type
in: body
type: string
description: "Type of regulatory filing."
- name: reporting_period
in: body
type: string
description: "Reporting period (e.g. 2026-Q1)."
- name: state
in: body
type: string
description: "State jurisdiction for the filing."
steps:
- name: extract-data
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT * FROM regulatory_filings WHERE filing_type='{{filing_type}}' AND period='{{reporting_period}}' AND state='{{state}}'"
warehouse: "COMPLIANCE_WH"
- name: generate-report
type: call
call: "sharepoint.create-file"
with:
site_id: "compliance-filings"
folder_path: "{{state}}/{{filing_type}}/{{reporting_period}}"
- name: create-task
type: call
call: "servicenow.create-task"
with:
short_description: "Regulatory filing: {{filing_type}} — {{state}} — {{reporting_period}}"
assigned_group: "Compliance_Team"
description: "Filing type: {{filing_type}}. State: {{state}}. Period: {{reporting_period}}. Report: {{generate-report.url}}."
- name: document-filing
type: call
call: "confluence.create-page"
with:
space_key: "COMPLY"
title: "{{filing_type}} Filing: {{state}} — {{reporting_period}}"
body: "Filing: {{filing_type}}. State: {{state}}. Period: {{reporting_period}}. ServiceNow: {{create-task.number}}. Report: {{generate-report.url}}."
- name: notify-team
type: call
call: "msteams.post-channel-message"
with:
team_id: "compliance"
channel_id: "regulatory-filings"
text: "Regulatory filing prepared: {{filing_type}} for {{state}} ({{reporting_period}}). Task: {{create-task.number}}. Report: {{generate-report.url}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: confluence
baseUri: "https://geico.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Release Readiness Pipeline
▼
release-management devops quality
Checks release readiness at GEICO.
naftiko: "0.5"
info:
label: "Release Readiness Pipeline"
description: "Checks release readiness at GEICO."
tags:
- release-management
- devops
- quality
capability:
exposes:
- type: mcp
namespace: release-ready
port: 8080
tools:
- name: check-release
description: "Check release at GEICO."
inputParameters:
- name: release_id
in: body
type: string
description: "Release ID."
- name: project
in: body
type: string
description: "Project."
steps:
- name: tests
type: call
call: "azdo.get-tests"
with:
project: "{{project}}"
release: "{{release_id}}"
- name: quality
type: call
call: "sonarqube.get-gate"
with:
project: "{{project}}"
- name: security
type: call
call: "security.get-scan"
with:
project: "{{project}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Release - {{release_id}}"
body: "Tests: {{tests.pass_rate}}% Quality: {{quality.status}}"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/geico.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: tests
path: "/{{project}}/_apis/test/runs"
inputParameters:
- name: project
in: path
operations:
- name: get-tests
method: GET
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.geico.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality
path: "/qualitygates/project_status"
operations:
- name: get-gate
method: GET
- type: http
namespace: security
baseUri: "https://security.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: scans
path: "/results"
operations:
- name: get-scan
method: GET
- type: http
namespace: confluence
baseUri: "https://geico.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
SAP PO Check
▼
procurement sap purchase-orders
Checks SAP PO at GEICO.
naftiko: "0.5"
info:
label: "SAP PO Check"
description: "Checks SAP PO at GEICO."
tags:
- procurement
- sap
- purchase-orders
capability:
exposes:
- type: mcp
namespace: sap-po
port: 8080
tools:
- name: get-po
description: "Check PO at GEICO."
inputParameters:
- name: po_number
in: body
type: string
description: "PO number."
call: "sap.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: vendor
type: string
mapping: "$.order.vendor"
- name: status
type: string
mapping: "$.order.status"
consumes:
- type: http
namespace: sap
baseUri: "https://sap.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: purchase-orders
path: "/purchase-orders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
Security Vulnerability Remediation Pipeline
▼
security vulnerability-management jira
Remediates vulnerabilities at GEICO via scanning, Jira, and Slack.
naftiko: "0.5"
info:
label: "Security Vulnerability Remediation Pipeline"
description: "Remediates vulnerabilities at GEICO via scanning, Jira, and Slack."
tags:
- security
- vulnerability-management
- jira
capability:
exposes:
- type: mcp
namespace: vuln-fix
port: 8080
tools:
- name: remediate
description: "Fix vulnerabilities at GEICO."
inputParameters:
- name: target
in: body
type: string
description: "Target."
- name: policy
in: body
type: string
description: "Policy."
steps:
- name: scan
type: call
call: "qualys.scan"
with:
target: "{{target}}"
policy: "{{policy}}"
- name: prioritize
type: call
call: "security.prioritize"
with:
scan: "{{scan.id}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "Vulns: {{prioritize.critical}} critical"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Scan: {{prioritize.critical}} critical"
consumes:
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: scans
path: "/fo/scan"
operations:
- name: scan
method: POST
- type: http
namespace: security
baseUri: "https://security.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: vulns
path: "/prioritize"
operations:
- name: prioritize
method: POST
- type: http
namespace: jira
baseUri: "https://geico.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ServiceNow Incident Detail Check
▼
it-service servicenow incident-management
Checks IT incident in ServiceNow for GEICO.
naftiko: "0.5"
info:
label: "ServiceNow Incident Detail Check"
description: "Checks IT incident in ServiceNow for GEICO."
tags:
- it-service
- servicenow
- incident-management
capability:
exposes:
- type: mcp
namespace: snow-incident
port: 8080
tools:
- name: check-incident
description: "Check incident at GEICO."
inputParameters:
- name: incident_number
in: body
type: string
description: "Incident number."
call: "servicenow.get-incident"
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
consumes:
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
ServiceNow IT Incident Lookup
▼
it-operations servicenow
Looks up a ServiceNow IT incident by number, returning state, priority, assigned group, and resolution details.
naftiko: "0.5"
info:
label: "ServiceNow IT Incident Lookup"
description: "Looks up a ServiceNow IT incident by number, returning state, priority, assigned group, and resolution details."
tags:
- it-operations
- servicenow
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: get-incident
description: "Retrieve a ServiceNow incident by number. Returns state, priority, assigned group, and description."
inputParameters:
- name: incident_number
in: body
type: string
description: "The ServiceNow incident number."
call: "servicenow.get-incident"
with:
incident_number: "{{incident_number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident?sysparm_query=number={{incident_number}}"
inputParameters:
- name: incident_number
in: query
operations:
- name: get-incident
method: GET
SharePoint Document Retrieval
▼
documentation sharepoint
Searches SharePoint for internal documents by keyword, returning file names, URLs, and last-modified dates for underwriting, claims, and compliance teams.
naftiko: "0.5"
info:
label: "SharePoint Document Retrieval"
description: "Searches SharePoint for internal documents by keyword, returning file names, URLs, and last-modified dates for underwriting, claims, and compliance teams."
tags:
- documentation
- sharepoint
capability:
exposes:
- type: mcp
namespace: documents
port: 8080
tools:
- name: search-documents
description: "Search GEICO SharePoint by keyword. Returns matching file names, URLs, and metadata."
inputParameters:
- name: keyword
in: body
type: string
description: "Search keyword for documents."
call: "sharepoint.search"
with:
query: "{{keyword}}"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: search
path: "/geico-hub/drive/root/search(q='{{query}}')"
inputParameters:
- name: query
in: path
operations:
- name: search
method: GET
SharePoint File Metadata
▼
document-management sharepoint collaboration
Retrieves SharePoint metadata at GEICO.
naftiko: "0.5"
info:
label: "SharePoint File Metadata"
description: "Retrieves SharePoint metadata at GEICO."
tags:
- document-management
- sharepoint
- collaboration
capability:
exposes:
- type: mcp
namespace: sp-docs
port: 8080
tools:
- name: get-file
description: "Look up file at GEICO."
inputParameters:
- name: site_id
in: body
type: string
description: "Site ID."
- name: file_path
in: body
type: string
description: "Path."
call: "sharepoint.get-file"
with:
site_id: "{{site_id}}"
path: "{{file_path}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
- name: size
type: number
mapping: "$.size"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: files
path: "/sites/{{site_id}}/drive/root:/{{path}}"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: get-file
method: GET
SLA Monitoring Pipeline
▼
operations sla datadog slack
Monitors SLAs at GEICO via Datadog and Slack.
naftiko: "0.5"
info:
label: "SLA Monitoring Pipeline"
description: "Monitors SLAs at GEICO via Datadog and Slack."
tags:
- operations
- sla
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: sla-monitor
port: 8080
tools:
- name: check-sla
description: "Monitor SLAs at GEICO."
inputParameters:
- name: service
in: body
type: string
description: "Service."
- name: target
in: body
type: number
description: "SLA target %."
steps:
- name: metrics
type: call
call: "datadog.get-sla"
with:
service: "{{service}}"
- name: check
type: call
call: "analytics.check-sla"
with:
uptime: "{{metrics.uptime}}"
target: "{{target}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "SLA: {{service}} at {{metrics.uptime}}% (target: {{target}}%)"
- name: log
type: call
call: "servicenow.create-incident"
with:
desc: "SLA breach: {{service}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/metrics"
operations:
- name: get-sla
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://geico.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Snowflake Data Query
▼
data-analytics snowflake
Executes a SQL query against GEICO's Snowflake data warehouse and returns results for analytics and reporting teams.
naftiko: "0.5"
info:
label: "Snowflake Data Query"
description: "Executes a SQL query against GEICO's Snowflake data warehouse and returns results for analytics and reporting teams."
tags:
- data-analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: data-warehouse
port: 8080
tools:
- name: run-query
description: "Execute a SQL query against Snowflake. Returns result set with column names and rows."
inputParameters:
- name: sql_statement
in: body
type: string
description: "The SQL query to execute."
- name: warehouse
in: body
type: string
description: "The Snowflake warehouse to use."
call: "snowflake.execute-statement"
with:
statement: "{{sql_statement}}"
warehouse: "{{warehouse}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
Snowflake Warehouse Usage
▼
data snowflake analytics
Checks Snowflake warehouse usage at GEICO.
naftiko: "0.5"
info:
label: "Snowflake Warehouse Usage"
description: "Checks Snowflake warehouse usage at GEICO."
tags:
- data
- snowflake
- analytics
capability:
exposes:
- type: mcp
namespace: sf-usage
port: 8080
tools:
- name: check-warehouse
description: "Check warehouse at GEICO."
inputParameters:
- name: warehouse
in: body
type: string
description: "Warehouse."
call: "snowflake.get-usage"
with:
warehouse: "{{warehouse}}"
outputParameters:
- name: credits
type: number
mapping: "$.data.credits_used"
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: warehouses
path: "/statements"
operations:
- name: get-usage
method: GET
Splunk Log Search
▼
security splunk logging
Searches Splunk at GEICO.
naftiko: "0.5"
info:
label: "Splunk Log Search"
description: "Searches Splunk at GEICO."
tags:
- security
- splunk
- logging
capability:
exposes:
- type: mcp
namespace: splunk-search
port: 8080
tools:
- name: search-logs
description: "Search logs at GEICO."
inputParameters:
- name: query
in: body
type: string
description: "SPL query."
call: "splunk.search"
with:
query: "{{query}}"
outputParameters:
- name: count
type: number
mapping: "$.results.count"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.geico.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
Splunk Security Event Search
▼
security monitoring splunk
Queries Splunk for security events matching a given pattern, returning event count, source IPs, and severity distribution for GEICO's security operations center.
naftiko: "0.5"
info:
label: "Splunk Security Event Search"
description: "Queries Splunk for security events matching a given pattern, returning event count, source IPs, and severity distribution for GEICO's security operations center."
tags:
- security
- monitoring
- splunk
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: search-security-events
description: "Run a Splunk search for security events. Returns event count, top sources, and severity breakdown."
inputParameters:
- name: search_query
in: body
type: string
description: "The Splunk search query."
- name: time_range
in: body
type: string
description: "Time range (e.g. -24h, -7d)."
call: "splunk.search"
with:
search: "{{search_query}}"
earliest_time: "{{time_range}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://geico-splunk.internal:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
Subrogation Recovery Orchestrator
▼
claims subrogation salesforce servicenow microsoft-outlook jira
When a subrogation opportunity is identified, retrieves claim and at-fault party details from Salesforce, creates a recovery case in ServiceNow, sends a demand letter via Microsoft Outlook, and tracks in Jira.
naftiko: "0.5"
info:
label: "Subrogation Recovery Orchestrator"
description: "When a subrogation opportunity is identified, retrieves claim and at-fault party details from Salesforce, creates a recovery case in ServiceNow, sends a demand letter via Microsoft Outlook, and tracks in Jira."
tags:
- claims
- subrogation
- salesforce
- servicenow
- microsoft-outlook
- jira
capability:
exposes:
- type: mcp
namespace: subrogation
port: 8080
tools:
- name: initiate-subrogation
description: "Given a claim number and at-fault party details, create recovery case, send demand, and track."
inputParameters:
- name: claim_number
in: body
type: string
description: "The GEICO claim number."
- name: at_fault_insurer
in: body
type: string
description: "The at-fault party's insurance carrier."
- name: at_fault_policy
in: body
type: string
description: "The at-fault party's policy number."
- name: recovery_amount
in: body
type: number
description: "The target recovery amount."
steps:
- name: get-claim
type: call
call: "salesforce.get-claim"
with:
claim_number: "{{claim_number}}"
- name: create-recovery-case
type: call
call: "servicenow.create-task"
with:
short_description: "Subrogation: Claim {{claim_number}} — ${{recovery_amount}}"
assigned_group: "Subrogation_Unit"
description: "Claim: {{claim_number}}. At-fault: {{at_fault_insurer}} ({{at_fault_policy}}). Target recovery: ${{recovery_amount}}."
- name: send-demand
type: call
call: "outlook.send-email"
with:
to: "claims@{{at_fault_insurer}}.com"
subject: "Subrogation Demand — GEICO Claim {{claim_number}}"
body: "Please be advised of our subrogation demand of ${{recovery_amount}} for claim {{claim_number}}. At-fault policy: {{at_fault_policy}}."
- name: track-in-jira
type: call
call: "jira.create-issue"
with:
project: "SUBRO"
summary: "Subrogation: {{claim_number}} vs {{at_fault_insurer}}"
description: "Recovery target: ${{recovery_amount}}. ServiceNow: {{create-recovery-case.number}}. Demand sent."
issue_type: "Task"
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/query?q=SELECT+Id,ClaimNumber__c,ClaimantName__c+FROM+Claim__c+WHERE+ClaimNumber__c='{{claim_number}}'"
inputParameters:
- name: claim_number
in: query
operations:
- name: get-claim
method: GET
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
- type: http
namespace: jira
baseUri: "https://geico.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Tableau Claims Dashboard View
▼
analytics claims tableau
Retrieves data from a Tableau claims analytics dashboard view.
naftiko: "0.5"
info:
label: "Tableau Claims Dashboard View"
description: "Retrieves data from a Tableau claims analytics dashboard view."
tags: [analytics, claims, tableau]
capability:
exposes:
- type: mcp
namespace: tableau-analytics
port: 8080
tools:
- name: get-view-data
description: "Retrieve Tableau view data by view ID."
inputParameters:
- name: view_id
in: body
type: string
description: "The Tableau view ID."
call: "tableau.get-view"
with: { view_id: "{{view_id}}" }
consumes:
- type: http
namespace: tableau
baseUri: "https://geico-tableau.internal/api/3.18"
authentication: { type: bearer, token: "$secrets.tableau_token" }
resources:
- name: views
path: "/sites/{{site_id}}/views/{{view_id}}/data"
inputParameters: [{ name: view_id, in: path }]
operations: [{ name: get-view, method: GET }]
Teams Channel Activity
▼
communications microsoft-teams analytics
Retrieves Teams activity at GEICO.
naftiko: "0.5"
info:
label: "Teams Channel Activity"
description: "Retrieves Teams activity at GEICO."
tags:
- communications
- microsoft-teams
- analytics
capability:
exposes:
- type: mcp
namespace: teams-activity
port: 8080
tools:
- name: get-activity
description: "Check Teams activity at GEICO."
inputParameters:
- name: team_id
in: body
type: string
description: "Team ID."
- name: channel_id
in: body
type: string
description: "Channel ID."
call: "teams.get-messages"
with:
team_id: "{{team_id}}"
channel_id: "{{channel_id}}"
outputParameters:
- name: count
type: number
mapping: "$.value.length"
consumes:
- type: http
namespace: teams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: get-messages
method: GET
Terraform Infrastructure Drift Check
▼
infrastructure terraform microsoft-teams
Runs a Terraform plan against GEICO's cloud infrastructure to detect configuration drift and posts results to Microsoft Teams.
naftiko: "0.5"
info:
label: "Terraform Infrastructure Drift Check"
description: "Runs a Terraform plan against GEICO's cloud infrastructure to detect configuration drift and posts results to Microsoft Teams."
tags:
- infrastructure
- terraform
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: infra-drift
port: 8080
tools:
- name: check-drift
description: "Given a Terraform workspace, run a plan and notify the infra team of drift."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Terraform Cloud workspace ID."
steps:
- name: create-run
type: call
call: "terraform.create-run"
with:
workspace_id: "{{workspace_id}}"
message: "Automated drift detection"
- name: notify-infra
type: call
call: "msteams.post-channel-message"
with:
team_id: "infrastructure"
channel_id: "drift-alerts"
text: "Terraform drift check for workspace {{workspace_id}}. Run: {{create-run.id}}. Status: {{create-run.status}}."
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: create-run
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Terraform Workspace Check
▼
infrastructure terraform iac
Checks Terraform workspace at GEICO.
naftiko: "0.5"
info:
label: "Terraform Workspace Check"
description: "Checks Terraform workspace at GEICO."
tags:
- infrastructure
- terraform
- iac
capability:
exposes:
- type: mcp
namespace: tf-ws
port: 8080
tools:
- name: check-ws
description: "Check workspace at GEICO."
inputParameters:
- name: workspace_id
in: body
type: string
description: "Workspace ID."
call: "terraform.get-ws"
with:
workspace_id: "{{workspace_id}}"
outputParameters:
- name: name
type: string
mapping: "$.data.attributes.name"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/workspaces/{{workspace_id}}"
inputParameters:
- name: workspace_id
in: path
operations:
- name: get-ws
method: GET
Underwriting Risk Assessment Orchestrator
▼
underwriting risk salesforce azure-machine-learning microsoft-teams
Pulls applicant data from Salesforce, runs the risk scoring model via Azure Machine Learning, updates the underwriting decision in Salesforce, and notifies the underwriter via Microsoft Teams.
naftiko: "0.5"
info:
label: "Underwriting Risk Assessment Orchestrator"
description: "Pulls applicant data from Salesforce, runs the risk scoring model via Azure Machine Learning, updates the underwriting decision in Salesforce, and notifies the underwriter via Microsoft Teams."
tags:
- underwriting
- risk
- salesforce
- azure-machine-learning
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: underwriting
port: 8080
tools:
- name: assess-risk
description: "Given an application ID, pull applicant data, run risk model, update the underwriting decision, and notify the underwriter."
inputParameters:
- name: application_id
in: body
type: string
description: "The Salesforce insurance application ID."
steps:
- name: get-application
type: call
call: "salesforce.get-application"
with:
application_id: "{{application_id}}"
- name: score-risk
type: call
call: "azure-ml.score"
with:
applicant_data: "{{get-application}}"
- name: update-decision
type: call
call: "salesforce.update-application"
with:
application_id: "{{application_id}}"
risk_score: "{{score-risk.risk_score}}"
recommendation: "{{score-risk.recommendation}}"
- name: notify-underwriter
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-application.underwriter_email}}"
text: "Underwriting assessment complete for application {{application_id}}. Risk score: {{score-risk.risk_score}}. Recommendation: {{score-risk.recommendation}}. Applicant: {{get-application.applicant_name}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: applications
path: "/sobjects/Application__c/{{application_id}}"
inputParameters:
- name: application_id
in: path
operations:
- name: get-application
method: GET
- name: update-application
method: PATCH
- type: http
namespace: azure-ml
baseUri: "https://geico-ml.azureml.net/score"
authentication:
type: bearer
token: "$secrets.azure_ml_token"
resources:
- name: scoring
path: "/underwriting-risk"
operations:
- name: score
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Vault Secret Metadata
▼
security vault secrets-management
Checks Vault secret at GEICO.
naftiko: "0.5"
info:
label: "Vault Secret Metadata"
description: "Checks Vault secret at GEICO."
tags:
- security
- vault
- secrets-management
capability:
exposes:
- type: mcp
namespace: vault
port: 8080
tools:
- name: check-secret
description: "Check secret at GEICO."
inputParameters:
- name: path
in: body
type: string
description: "Secret path."
call: "vault.get-metadata"
with:
path: "{{path}}"
outputParameters:
- name: version
type: number
mapping: "$.data.current_version"
consumes:
- type: http
namespace: vault
baseUri: "https://vault.geico.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: secrets
path: "/secret/metadata/{{path}}"
inputParameters:
- name: path
in: path
operations:
- name: get-metadata
method: GET
Vehicle Damage Assessment Orchestrator
▼
claims damage-assessment azure-machine-learning salesforce microsoft-teams
When photos are uploaded for a claim, sends them to the Azure Machine Learning damage assessment model, updates the estimate in Salesforce, assigns a repair shop, and notifies the claimant and adjuster via Microsoft Teams.
naftiko: "0.5"
info:
label: "Vehicle Damage Assessment Orchestrator"
description: "When photos are uploaded for a claim, sends them to the Azure Machine Learning damage assessment model, updates the estimate in Salesforce, assigns a repair shop, and notifies the claimant and adjuster via Microsoft Teams."
tags:
- claims
- damage-assessment
- azure-machine-learning
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: damage-assessment
port: 8080
tools:
- name: assess-vehicle-damage
description: "Given a claim number and photo URLs, run AI damage assessment, update the estimate, and notify parties."
inputParameters:
- name: claim_number
in: body
type: string
description: "The claim number."
- name: photo_urls
in: body
type: string
description: "Comma-separated URLs of damage photos."
steps:
- name: run-assessment
type: call
call: "azure-ml.assess-damage"
with:
photos: "{{photo_urls}}"
- name: update-estimate
type: call
call: "salesforce.update-claim"
with:
claim_number: "{{claim_number}}"
damage_estimate: "{{run-assessment.estimated_cost}}"
damage_severity: "{{run-assessment.severity}}"
- name: notify-adjuster
type: call
call: "msteams.post-channel-message"
with:
team_id: "claims-adjusters"
channel_id: "damage-assessments"
text: "AI damage assessment for claim {{claim_number}}: Severity: {{run-assessment.severity}}. Estimated cost: ${{run-assessment.estimated_cost}}. Components: {{run-assessment.damaged_components}}."
consumes:
- type: http
namespace: azure-ml
baseUri: "https://geico-ml.azureml.net/score"
authentication:
type: bearer
token: "$secrets.azure_ml_token"
resources:
- name: damage-model
path: "/vehicle-damage-assessment"
operations:
- name: assess-damage
method: POST
- type: http
namespace: salesforce
baseUri: "https://geico.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: claims
path: "/sobjects/Claim__c"
operations:
- name: update-claim
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Vendor Invoice Processing Pipeline
▼
finance accounts-payable sap oracle
Processes invoices at GEICO via OCR, SAP matching, approval, and Oracle recording.
naftiko: "0.5"
info:
label: "Vendor Invoice Processing Pipeline"
description: "Processes invoices at GEICO via OCR, SAP matching, approval, and Oracle recording."
tags:
- finance
- accounts-payable
- sap
- oracle
capability:
exposes:
- type: mcp
namespace: invoice-proc
port: 8080
tools:
- name: process-invoice
description: "Process invoices at GEICO."
inputParameters:
- name: invoice_id
in: body
type: string
description: "Invoice ID."
- name: vendor_id
in: body
type: string
description: "Vendor ID."
steps:
- name: extract
type: call
call: "ocr.extract"
with:
doc: "{{invoice_id}}"
- name: match
type: call
call: "sap.match-po"
with:
vendor: "{{vendor_id}}"
amount: "{{extract.total}}"
- name: approve
type: call
call: "workflow.submit"
with:
invoice: "{{invoice_id}}"
- name: record
type: call
call: "oracle.create-payment"
with:
invoice: "{{invoice_id}}"
consumes:
- type: http
namespace: ocr
baseUri: "https://ocr.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.ocr_token"
resources:
- name: invoices
path: "/extract"
operations:
- name: extract
method: POST
- type: http
namespace: sap
baseUri: "https://sap.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: pos
path: "/match"
operations:
- name: match-po
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: approvals
path: "/submit"
operations:
- name: submit
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: payments
path: "/payments"
operations:
- name: create-payment
method: POST
Vendor Invoice Processing Pipeline
▼
finance accounts-payable workday servicenow microsoft-teams
Retrieves vendor invoices from Workday Financials, validates against purchase orders, creates payment tasks in ServiceNow, and notifies accounts payable via Microsoft Teams.
naftiko: "0.5"
info:
label: "Vendor Invoice Processing Pipeline"
description: "Retrieves vendor invoices from Workday Financials, validates against purchase orders, creates payment tasks in ServiceNow, and notifies accounts payable via Microsoft Teams."
tags:
- finance
- accounts-payable
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ap-processing
port: 8080
tools:
- name: process-vendor-invoice
description: "Given an invoice ID, retrieve from Workday, validate, create payment task, and notify AP."
inputParameters:
- name: invoice_id
in: body
type: string
description: "The Workday vendor invoice ID."
steps:
- name: get-invoice
type: call
call: "workday.get-invoice"
with:
invoice_id: "{{invoice_id}}"
- name: create-payment-task
type: call
call: "servicenow.create-task"
with:
short_description: "Vendor payment: {{get-invoice.vendor_name}} — ${{get-invoice.amount}}"
assigned_group: "Accounts_Payable"
description: "Invoice: {{invoice_id}}. Vendor: {{get-invoice.vendor_name}}. Amount: ${{get-invoice.amount}}. PO: {{get-invoice.po_number}}. Due: {{get-invoice.due_date}}."
- name: notify-ap
type: call
call: "msteams.post-channel-message"
with:
team_id: "finance"
channel_id: "accounts-payable"
text: "Vendor invoice ready: {{get-invoice.vendor_name}} — ${{get-invoice.amount}}. Invoice: {{invoice_id}}. PO: {{get-invoice.po_number}}. Due: {{get-invoice.due_date}}. Task: {{create-payment-task.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: invoices
path: "/supplier_invoices/{{invoice_id}}"
inputParameters:
- name: invoice_id
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: servicenow
baseUri: "https://geico.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Quarterly Vendor Review Pipeline
▼
procurement vendor-management review
Reviews vendors at GEICO.
naftiko: "0.5"
info:
label: "Quarterly Vendor Review Pipeline"
description: "Reviews vendors at GEICO."
tags:
- procurement
- vendor-management
- review
capability:
exposes:
- type: mcp
namespace: vendor-review
port: 8080
tools:
- name: review-vendor
description: "Review vendors at GEICO."
inputParameters:
- name: vendor_id
in: body
type: string
description: "Vendor ID."
- name: quarter
in: body
type: string
description: "Quarter."
steps:
- name: perf
type: call
call: "procurement.get-metrics"
with:
vendor: "{{vendor_id}}"
q: "{{quarter}}"
- name: scorecard
type: call
call: "analytics.scorecard"
with:
data: "{{perf.data}}"
- name: invite
type: call
call: "email.send"
with:
to: "{{perf.contact}}"
subject: "QBR - {{quarter}}"
- name: schedule
type: call
call: "calendar.create-event"
with:
title: "QBR - {{perf.name}}"
consumes:
- type: http
namespace: procurement
baseUri: "https://procurement.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.procurement_token"
resources:
- name: vendors
path: "/vendors/{{vendor}}/metrics"
inputParameters:
- name: vendor
in: path
operations:
- name: get-metrics
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: scorecards
path: "/compute"
operations:
- name: scorecard
method: POST
- type: http
namespace: email
baseUri: "https://email.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/proc/events"
operations:
- name: create-event
method: POST
Weekly Claims Performance Report
▼
claims reporting snowflake power-bi confluence microsoft-teams
Aggregates weekly claims metrics from Snowflake, refreshes the Power BI claims dashboard, documents the summary in Confluence, and posts results to the claims leadership channel in Microsoft Teams.
naftiko: "0.5"
info:
label: "Weekly Claims Performance Report"
description: "Aggregates weekly claims metrics from Snowflake, refreshes the Power BI claims dashboard, documents the summary in Confluence, and posts results to the claims leadership channel in Microsoft Teams."
tags:
- claims
- reporting
- snowflake
- power-bi
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: claims-reporting
port: 8080
tools:
- name: generate-weekly-claims-report
description: "Given a week ending date, aggregate claims metrics, refresh dashboard, create Confluence report, and notify leadership."
inputParameters:
- name: week_ending
in: body
type: string
description: "Week ending date in YYYY-MM-DD format."
steps:
- name: get-claims-metrics
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT COUNT(*) as new_claims, AVG(cycle_time_days) as avg_cycle, SUM(paid_amount) as total_paid FROM claims_fact WHERE week_ending = '{{week_ending}}'"
warehouse: "CLAIMS_WH"
- name: refresh-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
dataset_id: "claims-performance"
- name: create-report
type: call
call: "confluence.create-page"
with:
space_key: "CLAIMS"
title: "Weekly Claims Report — W/E {{week_ending}}"
body: "New claims: {{get-claims-metrics.new_claims}}. Avg cycle time: {{get-claims-metrics.avg_cycle}} days. Total paid: ${{get-claims-metrics.total_paid}}."
- name: notify-leadership
type: call
call: "msteams.post-channel-message"
with:
team_id: "claims-leadership"
channel_id: "weekly-reports"
text: "Weekly Claims Report (w/e {{week_ending}}): {{get-claims-metrics.new_claims}} new claims. Avg cycle: {{get-claims-metrics.avg_cycle}}d. Total paid: ${{get-claims-metrics.total_paid}}. Report: {{create-report.url}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://geico.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: confluence
baseUri: "https://geico.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Workday Employee Profile Lookup
▼
hr workday employee-directory
Retrieves employee profile from Workday for GEICO.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves employee profile from Workday for GEICO."
tags:
- hr
- workday
- employee-directory
capability:
exposes:
- type: mcp
namespace: workday-profile
port: 8080
tools:
- name: get-employee-profile
description: "Look up GEICO employee in Workday."
inputParameters:
- name: employee_id
in: body
type: string
description: "Employee ID."
call: "workday.get-worker"
with:
employee_id: "{{employee_id}}"
outputParameters:
- name: name
type: string
mapping: "$.worker.name"
- name: title
type: string
mapping: "$.worker.title"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5.geico.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{employee_id}}"
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
Workday Employee Record Lookup
▼
hr workday
Retrieves an employee profile from Workday by worker ID, returning name, department, job title, location, and manager details.
naftiko: "0.5"
info:
label: "Workday Employee Record Lookup"
description: "Retrieves an employee profile from Workday by worker ID, returning name, department, job title, location, and manager details."
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-employee
description: "Look up an employee in Workday. Returns name, department, title, location, and manager."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID."
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Workday Financials Journal Entry
▼
finance workday
Retrieves a financial journal entry from Workday Financials.
naftiko: "0.5"
info:
label: "Workday Financials Journal Entry"
description: "Retrieves a financial journal entry from Workday Financials."
tags: [finance, workday]
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: get-journal-entry
description: "Look up a journal entry by ID."
inputParameters:
- name: doc_id
in: body
type: string
description: "The journal entry document ID."
call: "workday-fin.get-journal"
with: { document_id: "{{doc_id}}" }
consumes:
- type: http
namespace: workday-fin
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication: { type: bearer, token: "$secrets.workday_token" }
resources:
- name: journals
path: "/journalEntries/{{document_id}}"
inputParameters: [{ name: document_id, in: path }]
operations: [{ name: get-journal, method: GET }]
Workday Headcount Report
▼
hr workforce workday
Retrieves headcount summary by department from Workday.
naftiko: "0.5"
info:
label: "Workday Headcount Report"
description: "Retrieves headcount summary by department from Workday."
tags: [hr, workforce, workday]
capability:
exposes:
- type: mcp
namespace: hr-analytics
port: 8080
tools:
- name: get-headcount
description: "Retrieve headcount metrics for a department."
inputParameters:
- name: department
in: body
type: string
description: "The department name."
call: "workday.get-headcount"
with: { department: "{{department}}" }
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication: { type: bearer, token: "$secrets.workday_token" }
resources:
- name: headcount
path: "/headcountReport?department={{department}}"
inputParameters: [{ name: department, in: query }]
operations: [{ name: get-headcount, method: GET }]
Zendesk Ticket Check
▼
support zendesk ticketing
Checks Zendesk ticket at GEICO.
naftiko: "0.5"
info:
label: "Zendesk Ticket Check"
description: "Checks Zendesk ticket at GEICO."
tags:
- support
- zendesk
- ticketing
capability:
exposes:
- type: mcp
namespace: zd-ticket
port: 8080
tools:
- name: check-ticket
description: "Check ticket at GEICO."
inputParameters:
- name: ticket_id
in: body
type: string
description: "Ticket ID."
call: "zendesk.get-ticket"
with:
id: "{{ticket_id}}"
outputParameters:
- name: status
type: string
mapping: "$.ticket.status"
consumes:
- type: http
namespace: zendesk
baseUri: "https://geico.com.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{id}}.json"
inputParameters:
- name: id
in: path
operations:
- name: get-ticket
method: GET