Gilead Sciences Capabilities
Naftiko 0.5 capability definitions for Gilead Sciences - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Adverse Event Reporting Orchestration
▼
clinical regulatory safety oracle servicenow microsoft-teams
When a serious adverse event is reported, logs it in the safety database, notifies pharmacovigilance, and creates a regulatory filing task.
naftiko: "0.5"
info:
label: "Adverse Event Reporting Orchestration"
description: "When a serious adverse event is reported, logs it in the safety database, notifies pharmacovigilance, and creates a regulatory filing task."
tags:
- clinical
- regulatory
- safety
- oracle
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: drug-safety
port: 8080
tools:
- name: report-adverse-event
description: "Given study ID, patient ID, event description, and severity, log event, alert PV, and create filing task. Use when sites report SAEs."
inputParameters:
- name: study_id
in: body
type: string
description: "Study identifier."
- name: patient_id
in: body
type: string
description: "Patient identifier."
- name: event_description
in: body
type: string
description: "Event description."
- name: severity
in: body
type: string
description: "Severity level."
steps:
- name: log-event
type: call
call: oracle-argus.create-case
with:
study_id: "{{study_id}}"
subject_id: "{{patient_id}}"
description: "{{event_description}}"
seriousness: "{{severity}}"
- name: notify-pv
type: call
call: msteams.send-message
with:
channel_id: "pharmacovigilance"
text: "SAE: Study {{study_id}}, Patient {{patient_id}}: {{event_description}} ({{severity}}). Case: {{log-event.case_number}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "SAE report - {{log-event.case_number}}"
category: "regulatory_filing"
priority: "1"
assigned_group: "Drug_Safety"
consumes:
- type: http
namespace: oracle-argus
baseUri: "https://gilead-argus.oracle.com/api/v2"
authentication:
type: bearer
token: "$secrets.oracle_argus_token"
resources:
- name: cases
path: "/cases"
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Amazon S3 Clinical Data Archive
▼
data cloud amazon-s3
Retrieves metadata for archived clinical data files in Amazon S3.
naftiko: "0.5"
info:
label: "Amazon S3 Clinical Data Archive"
description: "Retrieves metadata for archived clinical data files in Amazon S3."
tags:
- data
- cloud
- amazon-s3
capability:
exposes:
- type: mcp
namespace: data-archive
port: 8080
tools:
- name: get-archive-metadata
description: "Given S3 bucket and prefix, return matching object metadata. Use for archived data lookup."
inputParameters:
- name: bucket
in: body
type: string
description: "S3 bucket."
- name: prefix
in: body
type: string
description: "Key prefix."
call: s3.list-objects
with:
bucket: "{{bucket}}"
prefix: "{{prefix}}"
outputParameters:
- name: object_count
type: integer
mapping: "$.KeyCount"
consumes:
- type: http
namespace: s3
baseUri: "https://s3.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_s3_auth"
placement: header
resources:
- name: objects
path: "/{{bucket}}?list-type=2&prefix={{prefix}}"
inputParameters:
- name: bucket
in: path
- name: prefix
in: query
operations:
- name: list-objects
method: GET
Antiviral Formulation Change Control Orchestration
▼
manufacturing quality regulatory sap servicenow microsoft-teams
Manages formulation changes for antiviral products by creating change controls, checking BOM, and notifying stakeholders.
naftiko: "0.5"
info:
label: "Antiviral Formulation Change Control Orchestration"
description: "Manages formulation changes for antiviral products by creating change controls, checking BOM, and notifying stakeholders."
tags:
- manufacturing
- quality
- regulatory
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: formulation-change
port: 8080
tools:
- name: initiate-formulation-change
description: "Given product code and change description, create change control, check BOM, and notify. Use for antiviral formulation changes."
inputParameters:
- name: product_code
in: body
type: string
description: "Product code."
- name: change_description
in: body
type: string
description: "Change description."
steps:
- name: create-change
type: call
call: servicenow.create-change
with:
short_description: "Formulation change: {{product_code}} - {{change_description}}"
category: "manufacturing"
- name: check-bom
type: call
call: sap-erp.get-bom
with:
material: "{{product_code}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "formulation-quality"
text: "Formulation change for {{product_code}}: {{change_description}}. Change: {{create-change.number}}. BOM components: {{check-bom.component_count}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_BOM_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: bom
path: "/A_BillOfMaterial('{{material}}')"
inputParameters:
- name: material
in: path
operations:
- name: get-bom
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Azure AD Group Membership Lookup
▼
security identity azure-active-directory
Retrieves Azure AD group memberships for a user.
naftiko: "0.5"
info:
label: "Azure AD Group Membership Lookup"
description: "Retrieves Azure AD group memberships for a user."
tags:
- security
- identity
- azure-active-directory
capability:
exposes:
- type: mcp
namespace: ad-groups
port: 8080
tools:
- name: get-user-groups
description: "Given UPN, return group memberships. Use for access auditing."
inputParameters:
- name: user_upn
in: body
type: string
description: "User principal name."
call: azure-ad.get-member-of
with:
upn: "{{user_upn}}"
outputParameters:
- name: group_count
type: integer
mapping: "$.value.length"
consumes:
- type: http
namespace: azure-ad
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.azure_ad_token"
resources:
- name: users
path: "/users/{{upn}}/memberOf"
inputParameters:
- name: upn
in: path
operations:
- name: get-member-of
method: GET
Azure Resource Cost Lookup
▼
it cloud microsoft-azure
Queries Azure Cost Management for resource group spend.
naftiko: "0.5"
info:
label: "Azure Resource Cost Lookup"
description: "Queries Azure Cost Management for resource group spend."
tags:
- it
- cloud
- microsoft-azure
capability:
exposes:
- type: mcp
namespace: cloud-cost
port: 8080
tools:
- name: get-resource-cost
description: "Given resource group, return current month spend. Use for FinOps visibility."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group."
call: azure.get-cost-summary
with:
rg_name: "{{resource_group}}"
outputParameters:
- name: current_spend
type: number
mapping: "$.properties.rows[0].cost"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: cost
path: "/subscriptions/{{sub}}/resourceGroups/{{rg_name}}/providers/Microsoft.CostManagement/query"
inputParameters:
- name: rg_name
in: path
operations:
- name: get-cost-summary
method: POST
Box Regulatory File Upload
▼
regulatory documentation box
Uploads a regulatory document to a Box folder.
naftiko: "0.5"
info:
label: "Box Regulatory File Upload"
description: "Uploads a regulatory document to a Box folder."
tags:
- regulatory
- documentation
- box
capability:
exposes:
- type: mcp
namespace: file-storage
port: 8080
tools:
- name: upload-to-box
description: "Given folder ID and file name, upload to Box. Use for document storage."
inputParameters:
- name: folder_id
in: body
type: string
description: "Box folder ID."
- name: file_name
in: body
type: string
description: "File name."
call: box.upload-file
with:
folder_id: "{{folder_id}}"
name: "{{file_name}}"
outputParameters:
- name: file_id
type: string
mapping: "$.entries[0].id"
consumes:
- type: http
namespace: box
baseUri: "https://upload.box.com/api/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
Clinical Data Lock Orchestration
▼
clinical rd snowflake oracle microsoft-teams
Orchestrates database lock by running quality checks, locking the study, and notifying biostatistics.
naftiko: "0.5"
info:
label: "Clinical Data Lock Orchestration"
description: "Orchestrates database lock by running quality checks, locking the study, and notifying biostatistics."
tags:
- clinical
- rd
- snowflake
- oracle
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-lock
port: 8080
tools:
- name: execute-database-lock
description: "Given study ID and lock date, run checks, lock database, and notify biostat. Use for study database locks."
inputParameters:
- name: study_id
in: body
type: string
description: "Study identifier."
- name: lock_date
in: body
type: string
description: "Lock date YYYY-MM-DD."
steps:
- name: run-checks
type: call
call: snowflake.execute-query
with:
query_name: "data_quality_check"
params: "{{study_id}}"
- name: lock-db
type: call
call: oracle-clinical.lock-study
with:
study_id: "{{study_id}}"
lock_date: "{{lock_date}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "biostatistics"
text: "Study {{study_id}} locked as of {{lock_date}}. Open queries: {{run-checks.open_query_count}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: oracle-clinical
baseUri: "https://gilead-ctms.oracle.com/api/v2"
authentication:
type: bearer
token: "$secrets.oracle_ctms_token"
resources:
- name: studies
path: "/studies/{{study_id}}/lock"
inputParameters:
- name: study_id
in: path
operations:
- name: lock-study
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Clinical Site Activation Orchestration
▼
clinical rd oracle okta microsoft-teams
Activates a clinical trial site by verifying IRB, provisioning access, scheduling visit, and notifying ops.
naftiko: "0.5"
info:
label: "Clinical Site Activation Orchestration"
description: "Activates a clinical trial site by verifying IRB, provisioning access, scheduling visit, and notifying ops."
tags:
- clinical
- rd
- oracle
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: site-activation
port: 8080
tools:
- name: activate-clinical-site
description: "Given study and site IDs, verify IRB, provision access, schedule visit, and notify. Use when clinical ops activates a trial site."
inputParameters:
- name: study_id
in: body
type: string
description: "Study identifier."
- name: site_id
in: body
type: string
description: "Site identifier."
steps:
- name: verify-irb
type: call
call: oracle-clinical.get-irb-status
with:
study_id: "{{study_id}}"
site_id: "{{site_id}}"
- name: provision-access
type: call
call: okta.assign-group
with:
group_name: "study-{{study_id}}-site-{{site_id}}"
- name: schedule-visit
type: call
call: oracle-clinical.create-visit
with:
study_id: "{{study_id}}"
site_id: "{{site_id}}"
visit_type: "site_initiation"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "clinical-ops"
text: "Site {{site_id}} activated for study {{study_id}}. IRB: {{verify-irb.status}}. Visit: {{schedule-visit.visit_date}}"
consumes:
- type: http
namespace: oracle-clinical
baseUri: "https://gilead-ctms.oracle.com/api/v2"
authentication:
type: bearer
token: "$secrets.oracle_ctms_token"
resources:
- name: irb
path: "/studies/{{study_id}}/sites/{{site_id}}/irb"
inputParameters:
- name: study_id
in: path
- name: site_id
in: path
operations:
- name: get-irb-status
method: GET
- name: visits
path: "/studies/{{study_id}}/sites/{{site_id}}/visits"
inputParameters:
- name: study_id
in: path
- name: site_id
in: path
operations:
- name: create-visit
method: POST
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: groups
path: "/groups"
operations:
- name: assign-group
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Clinical Trial Patient Enrollment Tracker
▼
clinical rd oracle
Queries CTMS for patient enrollment counts and projected completion for an HIV or oncology study.
naftiko: "0.5"
info:
label: "Clinical Trial Patient Enrollment Tracker"
description: "Queries CTMS for patient enrollment counts and projected completion for an HIV or oncology study."
tags:
- clinical
- rd
- oracle
capability:
exposes:
- type: mcp
namespace: clinical-enrollment
port: 8080
tools:
- name: get-enrollment-status
description: "Given a study ID, return enrollment count, target, and projected completion. Use when clinical ops needs enrollment visibility."
inputParameters:
- name: study_id
in: body
type: string
description: "Clinical study identifier."
call: oracle-clinical.get-study-enrollment
with:
study_id: "{{study_id}}"
outputParameters:
- name: enrolled_count
type: integer
mapping: "$.data.enrolled"
- name: target_count
type: integer
mapping: "$.data.target"
consumes:
- type: http
namespace: oracle-clinical
baseUri: "https://gilead-ctms.oracle.com/api/v2"
authentication:
type: bearer
token: "$secrets.oracle_ctms_token"
resources:
- name: studies
path: "/studies/{{study_id}}/enrollment"
inputParameters:
- name: study_id
in: path
operations:
- name: get-study-enrollment
method: GET
Clinical Trial Randomization Orchestration
▼
clinical rd oracle microsoft-teams
Randomizes a patient into a clinical trial arm by verifying eligibility, executing randomization, and notifying the site.
naftiko: "0.5"
info:
label: "Clinical Trial Randomization Orchestration"
description: "Randomizes a patient into a clinical trial arm by verifying eligibility, executing randomization, and notifying the site."
tags:
- clinical
- rd
- oracle
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: randomization
port: 8080
tools:
- name: randomize-patient
description: "Given study, site, and patient ID, verify eligibility, randomize, and notify. Use for patient randomization."
inputParameters:
- name: study_id
in: body
type: string
description: "Study ID."
- name: site_id
in: body
type: string
description: "Site ID."
- name: patient_id
in: body
type: string
description: "Patient ID."
steps:
- name: verify
type: call
call: oracle-clinical.check-eligibility
with:
study_id: "{{study_id}}"
patient_id: "{{patient_id}}"
- name: randomize
type: call
call: oracle-clinical.randomize
with:
study_id: "{{study_id}}"
site_id: "{{site_id}}"
patient_id: "{{patient_id}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "clinical-sites"
text: "Patient {{patient_id}} randomized in {{study_id}} at {{site_id}}. Arm: {{randomize.treatment_arm}}"
consumes:
- type: http
namespace: oracle-clinical
baseUri: "https://gilead-ctms.oracle.com/api/v2"
authentication:
type: bearer
token: "$secrets.oracle_ctms_token"
resources:
- name: eligibility
path: "/studies/{{study_id}}/patients/{{patient_id}}/eligibility"
inputParameters:
- name: study_id
in: path
- name: patient_id
in: path
operations:
- name: check-eligibility
method: GET
- name: randomization
path: "/studies/{{study_id}}/randomize"
inputParameters:
- name: study_id
in: path
operations:
- name: randomize
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Clinical Trial Site Status Lookup
▼
clinical-trials veeva microsoft-teams reporting
Retrieves the current enrollment and activation status of a clinical trial site from Veeva Vault and posts a summary to Microsoft Teams.
naftiko: "0.5"
info:
label: "Clinical Trial Site Status Lookup"
description: "Retrieves the current enrollment and activation status of a clinical trial site from Veeva Vault and posts a summary to Microsoft Teams."
tags:
- clinical-trials
- veeva
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: clinical-ops
port: 8080
tools:
- name: get-trial-site-status
description: "Given a clinical trial ID and site ID, retrieve enrollment status from Veeva Vault and post a summary to a Teams channel."
inputParameters:
- name: trial_id
in: body
type: string
description: "The Veeva Vault clinical trial identifier, e.g. CTRIAL-2025-001."
- name: site_id
in: body
type: string
description: "The clinical site identifier."
- name: teams_channel_id
in: body
type: string
description: "The Microsoft Teams channel ID to post the status summary to."
steps:
- name: get-site-status
type: call
call: veeva.get-site-enrollment
with:
trial_id: "{{trial_id}}"
site_id: "{{site_id}}"
- name: post-summary
type: call
call: msteams.post-channel-message
with:
channel_id: "{{teams_channel_id}}"
text: "Trial {{trial_id}} Site {{site_id}}: Status={{get-site-status.status}}, Enrolled={{get-site-status.enrolled}}, Target={{get-site-status.target}}"
consumes:
- type: http
namespace: veeva
baseUri: "https://gilead.veevavault.com/api/v23.1"
authentication:
type: bearer
token: "$secrets.veeva_token"
resources:
- name: site-enrollment
path: "/objects/site__v/{{site_id}}"
inputParameters:
- name: site_id
in: path
operations:
- name: get-site-enrollment
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Cold Chain Temperature Excursion Orchestration
▼
supply-chain quality servicenow sap microsoft-teams
Handles cold chain temperature breach by creating deviation, quarantining batch, and notifying quality.
naftiko: "0.5"
info:
label: "Cold Chain Temperature Excursion Orchestration"
description: "Handles cold chain temperature breach by creating deviation, quarantining batch, and notifying quality."
tags:
- supply-chain
- quality
- servicenow
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cold-chain
port: 8080
tools:
- name: handle-temp-excursion
description: "Given shipment ID, batch, and temperature, create deviation, quarantine, and notify. Use for cold chain breaches."
inputParameters:
- name: shipment_id
in: body
type: string
description: "Shipment ID."
- name: batch_number
in: body
type: string
description: "Batch number."
- name: temperature
in: body
type: string
description: "Temperature reading."
steps:
- name: deviation
type: call
call: servicenow.create-deviation
with:
description: "Cold chain: Shipment {{shipment_id}}, Batch {{batch_number}}, Temp {{temperature}}"
priority: "1"
- name: quarantine
type: call
call: sap-erp.update-batch-status
with:
batch: "{{batch_number}}"
status: "quarantine"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "quality-supply-chain"
text: "COLD CHAIN: Shipment {{shipment_id}}, Batch {{batch_number}} quarantined. Temp: {{temperature}}. Deviation: {{deviation.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: deviations
path: "/table/u_deviation"
operations:
- name: create-deviation
method: POST
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: batches
path: "/A_Batch('{{batch}}')"
inputParameters:
- name: batch
in: path
operations:
- name: update-batch-status
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Compliance Document Review Orchestration
▼
compliance quality veeva-vault servicenow microsoft-teams
Initiates compliance document review by creating tasks and notifying reviewers.
naftiko: "0.5"
info:
label: "Compliance Document Review Orchestration"
description: "Initiates compliance document review by creating tasks and notifying reviewers."
tags:
- compliance
- quality
- veeva-vault
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: compliance-review
port: 8080
tools:
- name: initiate-review
description: "Given document ID and deadline, create tasks and notify. Use for document reviews."
inputParameters:
- name: document_id
in: body
type: string
description: "Veeva document ID."
- name: review_deadline
in: body
type: string
description: "Deadline YYYY-MM-DD."
steps:
- name: get-doc
type: call
call: veeva-vault.get-document
with:
doc_id: "{{document_id}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Review: {{get-doc.title}}"
due_date: "{{review_deadline}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "compliance"
text: "Review requested: {{get-doc.title}}. Due: {{review_deadline}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: veeva-vault
baseUri: "https://gilead-regulatory.veevavault.com/api/v24.1"
authentication:
type: bearer
token: "$secrets.veeva_vault_token"
resources:
- name: documents
path: "/objects/documents/{{doc_id}}"
inputParameters:
- name: doc_id
in: path
operations:
- name: get-document
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Concur Expense Report Audit
▼
finance expense-management sap-concur anthropic servicenow audit
Retrieves submitted expense reports from SAP Concur, flags policy violations using Anthropic, and creates ServiceNow audit tasks for out-of-policy items.
naftiko: "0.5"
info:
label: "Concur Expense Report Audit"
description: "Retrieves submitted expense reports from SAP Concur, flags policy violations using Anthropic, and creates ServiceNow audit tasks for out-of-policy items."
tags:
- finance
- expense-management
- sap-concur
- anthropic
- servicenow
- audit
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit-expense-reports
description: "Given a date range, retrieve expense reports from SAP Concur, use Anthropic to flag policy violations, and create ServiceNow audit tasks for non-compliant items."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date for expense report query in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date for expense report query in YYYY-MM-DD format."
steps:
- name: get-expense-reports
type: call
call: concur.list-expense-reports
with:
startDate: "{{start_date}}"
endDate: "{{end_date}}"
- name: flag-violations
type: call
call: anthropic.analyze-expenses
with:
model: claude-opus-4-5
prompt: "Review these expense reports and identify policy violations: {{get-expense-reports.reports}}"
- name: create-audit-task
type: call
call: servicenow.create-audit-task
with:
short_description: "Expense audit violations: {{start_date}} to {{end_date}}"
description: "{{flag-violations.violations_summary}}"
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reportdigests"
operations:
- name: list-expense-reports
method: GET
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: analyze-expenses
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/u_audit_task"
operations:
- name: create-audit-task
method: POST
Confluence SOP Retrieval
▼
quality documentation confluence
Retrieves an SOP document from Confluence.
naftiko: "0.5"
info:
label: "Confluence SOP Retrieval"
description: "Retrieves an SOP document from Confluence."
tags:
- quality
- documentation
- confluence
capability:
exposes:
- type: mcp
namespace: sop-library
port: 8080
tools:
- name: get-sop
description: "Given page ID, return title and version. Use to reference SOPs."
inputParameters:
- name: page_id
in: body
type: string
description: "Confluence page ID."
call: confluence.get-page
with:
page_id: "{{page_id}}"
outputParameters:
- name: title
type: string
mapping: "$.title"
- name: version
type: integer
mapping: "$.version.number"
consumes:
- type: http
namespace: confluence
baseUri: "https://gilead.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content/{{page_id}}?expand=version"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
CrowdStrike Endpoint Threat Lookup
▼
security endpoint crowdstrike
Queries CrowdStrike for endpoint threat detections.
naftiko: "0.5"
info:
label: "CrowdStrike Endpoint Threat Lookup"
description: "Queries CrowdStrike for endpoint threat detections."
tags:
- security
- endpoint
- crowdstrike
capability:
exposes:
- type: mcp
namespace: endpoint-security
port: 8080
tools:
- name: get-endpoint-threats
description: "Given hostname, return detection count. Use for security investigation."
inputParameters:
- name: hostname
in: body
type: string
description: "Hostname."
call: crowdstrike.get-detections
with:
filter: "device.hostname:'{{hostname}}'"
outputParameters:
- name: detection_count
type: integer
mapping: "$.meta.pagination.total"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: detections
path: "/detects/queries/detects/v1"
operations:
- name: get-detections
method: GET
Databricks ML Model Deployment Orchestration
▼
rd ai databricks servicenow microsoft-teams
Deploys an ML model from Databricks to production with change management and notifications.
naftiko: "0.5"
info:
label: "Databricks ML Model Deployment Orchestration"
description: "Deploys an ML model from Databricks to production with change management and notifications."
tags:
- rd
- ai
- databricks
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ml-deployment
port: 8080
tools:
- name: deploy-model
description: "Given model name and version, register, create change request, and notify. Use for model deployments."
inputParameters:
- name: model_name
in: body
type: string
description: "Model name."
- name: model_version
in: body
type: string
description: "Version."
steps:
- name: register
type: call
call: databricks.register-model-version
with:
name: "{{model_name}}"
version: "{{model_version}}"
stage: "Production"
- name: change
type: call
call: servicenow.create-change
with:
short_description: "ML model: {{model_name}} v{{model_version}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "data-science"
text: "Model {{model_name}} v{{model_version}} deployed. Change: {{change.number}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://gilead.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: models
path: "/mlflow/model-versions/transition-stage"
operations:
- name: register-model-version
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Datadog Application Health Check
▼
it observability datadog
Queries Datadog for application health including uptime and error rate.
naftiko: "0.5"
info:
label: "Datadog Application Health Check"
description: "Queries Datadog for application health including uptime and error rate."
tags:
- it
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: app-monitoring
port: 8080
tools:
- name: get-app-health
description: "Given service name, return uptime and error rate. Use when SRE checks application health."
inputParameters:
- name: service_name
in: body
type: string
description: "Datadog service name."
call: datadog.get-service-summary
with:
service: "{{service_name}}"
outputParameters:
- name: uptime_percent
type: number
mapping: "$.data.uptime"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: services
path: "/service_summary?service={{service}}"
inputParameters:
- name: service
in: query
operations:
- name: get-service-summary
method: GET
Datadog Infrastructure Cost Anomaly Responder
▼
cloud observability datadog servicenow cost-management
Detects infrastructure cost anomalies via Datadog metrics, creates a ServiceNow change request for remediation, and posts findings to Microsoft Teams.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Cost Anomaly Responder"
description: "Detects infrastructure cost anomalies via Datadog metrics, creates a ServiceNow change request for remediation, and posts findings to Microsoft Teams."
tags:
- cloud
- observability
- datadog
- servicenow
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-ops
port: 8080
tools:
- name: respond-to-cost-anomaly
description: "Given a Datadog monitor ID with a cost anomaly alert, fetch the metric details, open a ServiceNow change request, and post remediation steps to Teams."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that detected the cost anomaly."
- name: resource_type
in: body
type: string
description: "The type of cloud resource with the anomaly, e.g. EC2, RDS, GCS."
steps:
- name: get-monitor
type: call
call: datadog.get-monitor
with:
monitor_id: "{{monitor_id}}"
- name: create-change
type: call
call: servicenow.create-change
with:
short_description: "Cost anomaly: {{resource_type}} — {{get-monitor.name}}"
category: "cloud_cost"
priority: "2"
- name: notify-team
type: call
call: msteams.post-cost-alert
with:
channel: "cloud-finops"
text: "Cost anomaly detected on {{resource_type}}. Monitor: {{get-monitor.name}}. Change: {{create-change.number}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/finops/channels/general/messages"
operations:
- name: post-cost-alert
method: POST
Datadog SLO Compliance Report
▼
observability datadog microsoft-teams slo reporting
Retrieves SLO compliance status from Datadog for all production services and posts a weekly compliance digest to the engineering Teams channel.
naftiko: "0.5"
info:
label: "Datadog SLO Compliance Report"
description: "Retrieves SLO compliance status from Datadog for all production services and posts a weekly compliance digest to the engineering Teams channel."
tags:
- observability
- datadog
- microsoft-teams
- slo
- reporting
capability:
exposes:
- type: mcp
namespace: slo-reporting
port: 8080
tools:
- name: digest-slo-compliance
description: "Retrieve all SLO statuses from Datadog and post a weekly compliance report to the engineering Teams channel highlighting any breaches."
inputParameters:
- name: timeframe
in: body
type: string
description: "SLO evaluation timeframe: 7d, 30d, or 90d."
steps:
- name: get-slos
type: call
call: datadog.list-slos
with:
timeframe: "{{timeframe}}"
- name: post-report
type: call
call: msteams.post-slo-report
with:
channel: "engineering-slo"
text: "SLO Compliance Report ({{timeframe}}): {{get-slos.compliant}} compliant, {{get-slos.breached}} breached."
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slos
path: "/slo"
operations:
- name: list-slos
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/engineering/channels/slo/messages"
operations:
- name: post-slo-report
method: POST
DocuSign Contract Execution Orchestration
▼
legal sales docusign salesforce microsoft-teams
Sends contract for signature via DocuSign, updates Salesforce, and notifies legal.
naftiko: "0.5"
info:
label: "DocuSign Contract Execution Orchestration"
description: "Sends contract for signature via DocuSign, updates Salesforce, and notifies legal."
tags:
- legal
- sales
- docusign
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contract-execution
port: 8080
tools:
- name: send-contract
description: "Given opportunity ID and template, send contract, update CRM, and notify. Use for contract execution."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
- name: template_id
in: body
type: string
description: "DocuSign template."
steps:
- name: get-opp
type: call
call: salesforce.get-opportunity
with:
opp_id: "{{opportunity_id}}"
- name: send-envelope
type: call
call: docusign.create-envelope
with:
template_id: "{{template_id}}"
signer_email: "{{get-opp.contact_email}}"
- name: update-crm
type: call
call: salesforce.update-opportunity
with:
opp_id: "{{opportunity_id}}"
status: "Sent for Signature"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "legal"
text: "Contract sent for {{get-opp.account_name}}. Envelope: {{send-envelope.envelope_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- name: update-opportunity
method: PATCH
- type: http
namespace: docusign
baseUri: "https://na4.docusign.net/restapi/v2.1"
authentication:
type: bearer
token: "$secrets.docusign_token"
resources:
- name: envelopes
path: "/accounts/{{account_id}}/envelopes"
operations:
- name: create-envelope
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Drug Product Lot Release Orchestration
▼
quality manufacturing sap servicenow microsoft-teams
Manages drug product lot release by verifying QC, releasing batch, creating CoA task, and notifying distribution.
naftiko: "0.5"
info:
label: "Drug Product Lot Release Orchestration"
description: "Manages drug product lot release by verifying QC, releasing batch, creating CoA task, and notifying distribution."
tags:
- quality
- manufacturing
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: lot-release
port: 8080
tools:
- name: release-drug-lot
description: "Given batch and product code, verify QC, release, create CoA, and notify. Use when QA releases a lot."
inputParameters:
- name: batch_number
in: body
type: string
description: "Batch number."
- name: product_code
in: body
type: string
description: "Product code."
steps:
- name: get-qc
type: call
call: sap-erp.get-inspection
with:
batch: "{{batch_number}}"
- name: release
type: call
call: sap-erp.release-batch
with:
batch: "{{batch_number}}"
status: "released"
- name: create-coa
type: call
call: servicenow.create-task
with:
short_description: "CoA: {{batch_number}} - {{product_code}}"
category: "quality_release"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "distribution"
text: "Lot {{batch_number}} ({{product_code}}) released. QC: {{get-qc.result}}. CoA: {{create-coa.number}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/QM_INSPECTION_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: inspections
path: "/A_InspectionResult"
operations:
- name: get-inspection
method: GET
- name: batches
path: "/A_BatchRelease"
operations:
- name: release-batch
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Drug Safety Signal Triage with AI
▼
pharmacovigilance safety anthropic veeva jira ai
Given a new adverse event report, extracts key clinical data via Anthropic, cross-references with Veeva Vault safety database, and creates a Jira triage task.
naftiko: "0.5"
info:
label: "Drug Safety Signal Triage with AI"
description: "Given a new adverse event report, extracts key clinical data via Anthropic, cross-references with Veeva Vault safety database, and creates a Jira triage task."
tags:
- pharmacovigilance
- safety
- anthropic
- veeva
- jira
- ai
capability:
exposes:
- type: mcp
namespace: safety-ops
port: 8080
tools:
- name: triage-adverse-event
description: "Given an adverse event report text, use Anthropic to extract structured clinical signals, cross-reference with Veeva safety data, and create a Jira triage task for the pharmacovigilance team."
inputParameters:
- name: report_text
in: body
type: string
description: "The raw text of the adverse event report to triage."
- name: product_name
in: body
type: string
description: "The Gilead product name referenced in the report."
steps:
- name: extract-signals
type: call
call: anthropic.extract-safety-signals
with:
model: claude-opus-4-5
prompt: "Extract adverse event signals from this pharmacovigilance report for {{product_name}}: {{report_text}}"
- name: search-safety-db
type: call
call: veeva.search-safety-cases
with:
product_name: "{{product_name}}"
signal: "{{extract-signals.primary_signal}}"
- name: create-triage-task
type: call
call: jira.create-triage-issue
with:
project_key: "PVGT"
summary: "AE Triage: {{product_name}} — {{extract-signals.primary_signal}}"
description: "Signal: {{extract-signals.primary_signal}}\nSeverity: {{extract-signals.severity}}\nRelated cases: {{search-safety-db.case_count}}"
consumes:
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: extract-safety-signals
method: POST
- type: http
namespace: veeva
baseUri: "https://gilead.veevavault.com/api/v23.1"
authentication:
type: bearer
token: "$secrets.veeva_token"
resources:
- name: safety-cases
path: "/objects/safety_case__v"
operations:
- name: search-safety-cases
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-triage-issue
method: POST
Employee Offboarding Automation
▼
hr offboarding workday okta servicenow salesforce
When an employee departure is recorded in Workday, deactivates their Okta account, revokes Salesforce access, and closes all open ServiceNow tickets assigned to them.
naftiko: "0.5"
info:
label: "Employee Offboarding Automation"
description: "When an employee departure is recorded in Workday, deactivates their Okta account, revokes Salesforce access, and closes all open ServiceNow tickets assigned to them."
tags:
- hr
- offboarding
- workday
- okta
- servicenow
- salesforce
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: "Given a departing employee's Workday ID, deactivate their Okta account, remove Salesforce access, and close open ServiceNow tickets."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID of the departing employee."
- name: okta_user_id
in: body
type: string
description: "The Okta user ID to deactivate, e.g. 00u1abc2defGHI3jk."
steps:
- name: deactivate-okta
type: call
call: okta.deactivate-user
with:
user_id: "{{okta_user_id}}"
- name: revoke-salesforce
type: call
call: salesforce.freeze-user
with:
workday_id: "{{workday_employee_id}}"
- name: close-tickets
type: call
call: servicenow.close-user-tickets
with:
assigned_to: "{{workday_employee_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users/{{user_id}}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/sobjects/User/{{workday_id}}"
inputParameters:
- name: workday_id
in: path
operations:
- name: freeze-user
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: close-user-tickets
method: PATCH
Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow okta microsoft-teams
When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions an Okta account, and sends a Microsoft Teams welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions an Okta account, and sends a Microsoft Teams welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full onboarding sequence: create a ServiceNow ticket, provision an Okta account, and send a Teams welcome message."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire, e.g. W-00123456."
- name: start_date
in: body
type: string
description: "The employee's first day in ISO 8601 format, e.g. 2026-04-01."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{workday_employee_id}}"
- name: open-ticket
type: call
call: servicenow.create-incident
with:
short_description: "New hire onboarding: {{get-employee.full_name}}"
category: hr_onboarding
assigned_to: IT_Onboarding
- name: provision-okta
type: call
call: okta.create-user
with:
firstName: "{{get-employee.first_name}}"
lastName: "{{get-employee.last_name}}"
email: "{{get-employee.work_email}}"
login: "{{get-employee.work_email}}"
- name: send-welcome
type: call
call: msteams.send-message
with:
recipient: "{{get-employee.work_email}}"
text: "Welcome to Gilead Sciences, {{get-employee.first_name}}! Your IT onboarding ticket is {{open-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/gilead-sciences/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient}}/sendMail"
inputParameters:
- name: recipient
in: path
operations:
- name: send-message
method: POST
Employee Transfer Orchestration
▼
hr identity workday okta servicenow microsoft-teams
Processes employee transfers by updating Workday, re-provisioning Okta, transferring assets, and notifying.
naftiko: "0.5"
info:
label: "Employee Transfer Orchestration"
description: "Processes employee transfers by updating Workday, re-provisioning Okta, transferring assets, and notifying."
tags:
- hr
- identity
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: employee-transfer
port: 8080
tools:
- name: process-transfer
description: "Given worker ID and target department, update records and notify. Use for inter-department transfers."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
- name: target_department
in: body
type: string
description: "Target department."
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: "{{worker_id}}"
- name: update-okta
type: call
call: okta.update-user-groups
with:
user_email: "{{get-employee.work_email}}"
department: "{{target_department}}"
- name: transfer-assets
type: call
call: servicenow.transfer-assets
with:
user_id: "{{worker_id}}"
department: "{{target_department}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "hr-ops"
text: "Transfer: {{get-employee.first_name}} {{get-employee.last_name}} to {{target_department}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{user_email}}/groups"
inputParameters:
- name: user_email
in: path
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: assets
path: "/table/alm_asset"
operations:
- name: transfer-assets
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Equipment Calibration Orchestration
▼
quality manufacturing sap servicenow microsoft-teams
Manages equipment calibration by checking due dates, scheduling calibration, and notifying metrology.
naftiko: "0.5"
info:
label: "Equipment Calibration Orchestration"
description: "Manages equipment calibration by checking due dates, scheduling calibration, and notifying metrology."
tags:
- quality
- manufacturing
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: calibration
port: 8080
tools:
- name: schedule-calibration
description: "Given equipment ID, check due date, create work order, and notify. Use for calibration management."
inputParameters:
- name: equipment_id
in: body
type: string
description: "Equipment ID."
steps:
- name: check-due
type: call
call: sap-erp.get-calibration-status
with:
equipment: "{{equipment_id}}"
- name: create-wo
type: call
call: servicenow.create-work-order
with:
short_description: "Calibration: {{equipment_id}}"
category: "calibration"
due_date: "{{check-due.next_cal_date}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "calibration"
text: "Calibration scheduled: {{equipment_id}}. Due: {{check-due.next_cal_date}}. WO: {{create-wo.number}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PM_EQUIPMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: equipment
path: "/A_Equipment('{{equipment}}')/calibration"
inputParameters:
- name: equipment
in: path
operations:
- name: get-calibration-status
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: work-orders
path: "/table/wm_order"
operations:
- name: create-work-order
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
FDA NDA Submission Status Lookup
▼
regulatory clinical veeva-vault
Retrieves the current status of a New Drug Application from the regulatory tracking system.
naftiko: "0.5"
info:
label: "FDA NDA Submission Status Lookup"
description: "Retrieves the current status of a New Drug Application from the regulatory tracking system."
tags:
- regulatory
- clinical
- veeva-vault
capability:
exposes:
- type: mcp
namespace: regulatory-submissions
port: 8080
tools:
- name: get-nda-status
description: "Given an NDA number, return review status, FDA division, and expected PDUFA date. Use when regulatory checks submission progress."
inputParameters:
- name: nda_number
in: body
type: string
description: "NDA application number."
call: veeva-vault.get-submission
with:
nda_number: "{{nda_number}}"
outputParameters:
- name: status
type: string
mapping: "$.data.status"
- name: pdufa_date
type: string
mapping: "$.data.pdufa_date"
consumes:
- type: http
namespace: veeva-vault
baseUri: "https://gilead-regulatory.veevavault.com/api/v24.1"
authentication:
type: bearer
token: "$secrets.veeva_vault_token"
resources:
- name: submissions
path: "/objects/submission__c/{{nda_number}}"
inputParameters:
- name: nda_number
in: path
operations:
- name: get-submission
method: GET
GitHub CI/CD Pipeline Failure Response
▼
devops cicd github jira datadog microsoft-teams
On a GitHub Actions workflow failure on a protected branch, opens a Jira bug, creates a Datadog event marker, and notifies the engineering team in Microsoft Teams.
naftiko: "0.5"
info:
label: "GitHub CI/CD Pipeline Failure Response"
description: "On a GitHub Actions workflow failure on a protected branch, opens a Jira bug, creates a Datadog event marker, and notifies the engineering team in Microsoft Teams."
tags:
- devops
- cicd
- github
- jira
- datadog
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions run ID, repo, and branch, open a Jira bug, create a Datadog deployment event, and post the failure summary to the engineering Teams channel."
inputParameters:
- name: run_id
in: body
type: string
description: "The GitHub Actions workflow run ID that failed."
- name: repo
in: body
type: string
description: "The GitHub repository full name, e.g. gilead-sciences/platform."
- name: branch
in: body
type: string
description: "The branch name where the failure occurred."
- name: workflow_name
in: body
type: string
description: "The name of the failed GitHub Actions workflow."
steps:
- name: get-run-details
type: call
call: github.get-workflow-run
with:
run_id: "{{run_id}}"
repo: "{{repo}}"
- name: create-bug
type: call
call: jira.create-issue
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{repo}} / {{branch}} — {{workflow_name}}"
description: "Run ID: {{run_id}}\nStatus: {{get-run-details.conclusion}}"
- name: create-dd-event
type: call
call: datadog.create-event
with:
title: "CI Failure: {{workflow_name}} on {{branch}}"
text: "Run {{run_id}} failed. Jira: {{create-bug.key}}"
alert_type: "error"
- name: notify-eng
type: call
call: msteams-notify.post-message
with:
channel: "engineering-alerts"
text: "Pipeline failure: {{repo}} | Branch: {{branch}} | Jira: {{create-bug.key}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-runs
path: "/repos/{{repo}}/actions/runs/{{run_id}}"
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: msteams-notify
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/engineering/channels/general/messages"
operations:
- name: post-message
method: POST
GitHub Repository Compliance Check
▼
security devops github
Checks a GitHub repo for branch protection and security scanning.
naftiko: "0.5"
info:
label: "GitHub Repository Compliance Check"
description: "Checks a GitHub repo for branch protection and security scanning."
tags:
- security
- devops
- github
capability:
exposes:
- type: mcp
namespace: repo-compliance
port: 8080
tools:
- name: check-compliance
description: "Given repo name, return protection and scanning status. Use to verify repo governance."
inputParameters:
- name: repo_name
in: body
type: string
description: "Repo in org/repo format."
call: github.get-repo-settings
with:
repo: "{{repo_name}}"
outputParameters:
- name: branch_protection
type: boolean
mapping: "$.data.branch_protection"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{repo}}"
inputParameters:
- name: repo
in: path
operations:
- name: get-repo-settings
method: GET
GitHub Repository Security Policy Enforcement
▼
security devops github jira compliance
Audits a GitHub repository for required security settings (branch protection, secret scanning) and files a Jira compliance task if any are missing.
naftiko: "0.5"
info:
label: "GitHub Repository Security Policy Enforcement"
description: "Audits a GitHub repository for required security settings (branch protection, secret scanning) and files a Jira compliance task if any are missing."
tags:
- security
- devops
- github
- jira
- compliance
capability:
exposes:
- type: mcp
namespace: repo-governance
port: 8080
tools:
- name: enforce-repo-security-policy
description: "Given a GitHub repository, check branch protection rules and secret scanning status; if non-compliant, create a Jira task for the security team."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository full name to audit, e.g. gilead-sciences/platform."
- name: default_branch
in: body
type: string
description: "The default branch name to check for protection, e.g. main."
steps:
- name: check-branch-protection
type: call
call: github.get-branch-protection
with:
repo: "{{repo}}"
branch: "{{default_branch}}"
- name: create-compliance-task
type: call
call: jira.create-security-task
with:
project_key: "SEC"
summary: "Repo policy violation: {{repo}}"
description: "Branch {{default_branch}} protection status: {{check-branch-protection.required_status_checks}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branch-protection
path: "/repos/{{repo}}/branches/{{branch}}/protection"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-security-task
method: POST
GitHub Security Scanning Summary
▼
security devops github jira code-scanning
Retrieves GitHub Advanced Security code scanning alerts for a repository and creates a prioritized Jira security backlog with critical findings.
naftiko: "0.5"
info:
label: "GitHub Security Scanning Summary"
description: "Retrieves GitHub Advanced Security code scanning alerts for a repository and creates a prioritized Jira security backlog with critical findings."
tags:
- security
- devops
- github
- jira
- code-scanning
capability:
exposes:
- type: mcp
namespace: security-devops
port: 8080
tools:
- name: sync-security-alerts-to-jira
description: "Given a GitHub repository, fetch all open critical and high code scanning alerts and create corresponding Jira security issues for remediation tracking."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository full name, e.g. gilead-sciences/platform."
- name: severity_filter
in: body
type: string
description: "Minimum severity to import: critical, high, or medium."
steps:
- name: get-alerts
type: call
call: github.list-code-scanning-alerts
with:
repo: "{{repo}}"
severity: "{{severity_filter}}"
- name: create-security-issues
type: call
call: jira.create-security-backlog
with:
project_key: "SEC"
summary: "Security alerts in {{repo}}: {{get-alerts.total}} findings"
description: "Severity: {{severity_filter}}\nTop finding: {{get-alerts.top_rule}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: code-scanning-alerts
path: "/repos/{{repo}}/code-scanning/alerts"
inputParameters:
- name: repo
in: path
operations:
- name: list-code-scanning-alerts
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-security-backlog
method: POST
GMP Training Compliance Check
▼
quality compliance workday
Checks GMP training compliance for a department from Workday Learning.
naftiko: "0.5"
info:
label: "GMP Training Compliance Check"
description: "Checks GMP training compliance for a department from Workday Learning."
tags:
- quality
- compliance
- workday
capability:
exposes:
- type: mcp
namespace: training-compliance
port: 8080
tools:
- name: check-gmp-compliance
description: "Given department code, return training completion rate. Use when quality checks training."
inputParameters:
- name: department_code
in: body
type: string
description: "Department code."
call: workday.get-training-compliance
with:
department: "{{department_code}}"
training_type: "gmp"
outputParameters:
- name: completion_rate
type: number
mapping: "$.data.completion_rate"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: training
path: "/training/compliance"
operations:
- name: get-training-compliance
method: GET
HIV Antiviral Pipeline Status Lookup
▼
rd clinical snowflake
Retrieves current development phase and milestones for an HIV antiviral compound in the pipeline.
naftiko: "0.5"
info:
label: "HIV Antiviral Pipeline Status Lookup"
description: "Retrieves current development phase and milestones for an HIV antiviral compound in the pipeline."
tags:
- rd
- clinical
- snowflake
capability:
exposes:
- type: mcp
namespace: pipeline-tracker
port: 8080
tools:
- name: get-compound-status
description: "Given a compound ID, return development phase, next milestone, and timeline. Use when R&D leadership needs HIV pipeline visibility."
inputParameters:
- name: compound_id
in: body
type: string
description: "Internal compound identifier."
call: snowflake.execute-query
with:
query_name: "compound_pipeline_status"
params: "{{compound_id}}"
outputParameters:
- name: phase
type: string
mapping: "$.data[0].phase"
- name: next_milestone
type: string
mapping: "$.data[0].next_milestone"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
HIV Drug Resistance Testing Orchestration
▼
clinical rd snowflake servicenow microsoft-teams
Orchestrates HIV resistance testing by submitting genotype samples, analyzing mutations, generating resistance reports, and notifying clinical teams.
naftiko: "0.5"
info:
label: "HIV Drug Resistance Testing Orchestration"
description: "Orchestrates HIV resistance testing by submitting genotype samples, analyzing mutations, generating resistance reports, and notifying clinical teams."
tags:
- clinical
- rd
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: resistance-testing
port: 8080
tools:
- name: process-resistance-test
description: "Given sample ID and patient ID, analyze genotype, identify mutations, generate report, and notify. Use for HIV resistance analysis."
inputParameters:
- name: sample_id
in: body
type: string
description: "Sample identifier."
- name: patient_id
in: body
type: string
description: "Patient identifier."
steps:
- name: analyze-genotype
type: call
call: snowflake.execute-query
with:
query_name: "hiv_genotype_analysis"
params: "{{sample_id}}"
- name: generate-report
type: call
call: snowflake.execute-query
with:
query_name: "resistance_report"
params: "{{sample_id}},{{analyze-genotype.mutations}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Resistance report: Patient {{patient_id}}"
category: "clinical_lab"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "hiv-clinical"
text: "Resistance test for patient {{patient_id}}: {{analyze-genotype.mutation_count}} mutations detected. Report task: {{create-task.number}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Informatica Data Integration Job Trigger
▼
data integration informatica
Triggers an Informatica Cloud ETL job.
naftiko: "0.5"
info:
label: "Informatica Data Integration Job Trigger"
description: "Triggers an Informatica Cloud ETL job."
tags:
- data
- integration
- informatica
capability:
exposes:
- type: mcp
namespace: data-integration
port: 8080
tools:
- name: trigger-job
description: "Given task ID, trigger ETL job. Use for data integration runs."
inputParameters:
- name: task_id
in: body
type: string
description: "Task ID."
call: informatica.start-job
with:
taskId: "{{task_id}}"
outputParameters:
- name: run_id
type: string
mapping: "$.runId"
consumes:
- type: http
namespace: informatica
baseUri: "https://na1.dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: jobs
path: "/job"
operations:
- name: start-job
method: POST
Invoice Processing and Approval Routing
▼
finance procurement sap-ariba servicenow approval
Retrieves a pending invoice from SAP Ariba, validates it against the SAP purchase order, and routes it for approval in ServiceNow.
naftiko: "0.5"
info:
label: "Invoice Processing and Approval Routing"
description: "Retrieves a pending invoice from SAP Ariba, validates it against the SAP purchase order, and routes it for approval in ServiceNow."
tags:
- finance
- procurement
- sap-ariba
- servicenow
- approval
capability:
exposes:
- type: mcp
namespace: invoice-ops
port: 8080
tools:
- name: process-invoice
description: "Given an Ariba invoice ID and PO number, validate the invoice against SAP and create a ServiceNow approval task for the finance team."
inputParameters:
- name: invoice_id
in: body
type: string
description: "The SAP Ariba invoice document ID to process."
- name: po_number
in: body
type: string
description: "The related SAP purchase order number for validation."
steps:
- name: get-invoice
type: call
call: ariba.get-invoice
with:
invoice_id: "{{invoice_id}}"
- name: get-po
type: call
call: sap.get-po-header
with:
po_number: "{{po_number}}"
- name: create-approval
type: call
call: servicenow.create-approval-task
with:
short_description: "Invoice {{invoice_id}} approval — PO {{po_number}}"
amount: "{{get-invoice.total_amount}}"
vendor: "{{get-invoice.vendor_name}}"
po_status: "{{get-po.status}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/invoice/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: invoices
path: "/invoices/{{invoice_id}}"
inputParameters:
- name: invoice_id
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: sap
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po-header
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: approval-tasks
path: "/table/sysapproval_approver"
operations:
- name: create-approval-task
method: POST
IT Incident Response Handler
▼
itsm incident-response datadog servicenow pagerduty microsoft-teams
On a critical Datadog alert, creates a ServiceNow P1 incident, pages the on-call team via PagerDuty, and posts context to Microsoft Teams.
naftiko: "0.5"
info:
label: "IT Incident Response Handler"
description: "On a critical Datadog alert, creates a ServiceNow P1 incident, pages the on-call team via PagerDuty, and posts context to Microsoft Teams."
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm-ops
port: 8080
tools:
- name: handle-critical-alert
description: "Given a Datadog alert ID and monitor name, create a ServiceNow P1 incident, trigger a PagerDuty incident, and notify the Microsoft Teams ops channel."
inputParameters:
- name: alert_id
in: body
type: string
description: "The Datadog alert or event ID triggering the incident."
- name: monitor_name
in: body
type: string
description: "The name of the Datadog monitor that fired."
- name: severity
in: body
type: string
description: "Alert severity, e.g. critical, high, medium."
steps:
- name: create-incident
type: call
call: servicenow.create-p1
with:
short_description: "Critical alert: {{monitor_name}}"
impact: "1"
urgency: "1"
description: "Datadog alert {{alert_id}} fired for monitor {{monitor_name}}"
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
title: "P1: {{monitor_name}}"
service_id: "$secrets.pagerduty_service_id"
body: "ServiceNow: {{create-incident.number}}"
- name: notify-teams
type: call
call: msteams.post-alert
with:
channel: "it-ops-alerts"
text: "P1 Incident: {{monitor_name}} | SN: {{create-incident.number}} | PD: {{page-oncall.id}} | Alert: {{alert_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-p1
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/it-ops/channels/general/messages"
operations:
- name: post-alert
method: POST
Jira Bug Report Creation
▼
devops engineering jira
Creates a bug report in Jira.
naftiko: "0.5"
info:
label: "Jira Bug Report Creation"
description: "Creates a bug report in Jira."
tags:
- devops
- engineering
- jira
capability:
exposes:
- type: mcp
namespace: issue-tracking
port: 8080
tools:
- name: create-bug
description: "Given project key and summary, create a Jira bug. Use for defect logging."
inputParameters:
- name: project_key
in: body
type: string
description: "Project key."
- name: summary
in: body
type: string
description: "Bug summary."
call: jira.create-issue
with:
project: "{{project_key}}"
issuetype: "Bug"
summary: "{{summary}}"
outputParameters:
- name: issue_key
type: string
mapping: "$.key"
consumes:
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Jira Sprint Planning Digest
▼
devops jira microsoft-teams reporting sprint-planning
Compiles a sprint planning digest from Jira by fetching open issues for a project and posting a prioritized summary to Microsoft Teams.
naftiko: "0.5"
info:
label: "Jira Sprint Planning Digest"
description: "Compiles a sprint planning digest from Jira by fetching open issues for a project and posting a prioritized summary to Microsoft Teams."
tags:
- devops
- jira
- microsoft-teams
- reporting
- sprint-planning
capability:
exposes:
- type: mcp
namespace: devops-reporting
port: 8080
tools:
- name: digest-sprint-backlog
description: "Given a Jira project key and sprint name, retrieve open issues and post a prioritized sprint planning digest to the engineering Teams channel."
inputParameters:
- name: project_key
in: body
type: string
description: "The Jira project key to pull sprint issues from, e.g. PLAT."
- name: sprint_name
in: body
type: string
description: "The sprint name to filter issues, e.g. Sprint 42."
- name: teams_channel
in: body
type: string
description: "The Microsoft Teams channel name to post the digest to."
steps:
- name: get-sprint-issues
type: call
call: jira.search-issues
with:
jql: "project={{project_key}} AND sprint='{{sprint_name}}' AND status!=Done"
- name: post-digest
type: call
call: msteams.post-digest
with:
channel: "{{teams_channel}}"
text: "Sprint digest for {{project_key}} — {{sprint_name}}: {{get-sprint-issues.total}} open issues."
consumes:
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/search"
operations:
- name: search-issues
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/engineering/channels/general/messages"
operations:
- name: post-digest
method: POST
LinkedIn Employer Brand Metrics
▼
hr marketing linkedin
Retrieves employer brand metrics from LinkedIn.
naftiko: "0.5"
info:
label: "LinkedIn Employer Brand Metrics"
description: "Retrieves employer brand metrics from LinkedIn."
tags:
- hr
- marketing
- linkedin
capability:
exposes:
- type: mcp
namespace: employer-brand
port: 8080
tools:
- name: get-brand-metrics
description: "Return follower count and engagement rate. Use for employer brand tracking."
inputParameters:
- name: time_period
in: body
type: string
description: "Reporting period."
call: linkedin.get-organization-stats
with:
period: "{{time_period}}"
outputParameters:
- name: follower_count
type: integer
mapping: "$.data.followerCount"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: stats
path: "/organizationPageStatistics"
operations:
- name: get-organization-stats
method: GET
LinkedIn Talent Pipeline Report
▼
hr recruiting linkedin microsoft-teams reporting
Retrieves active job postings from LinkedIn Recruiter and posts a weekly talent pipeline summary to the HR team in Microsoft Teams.
naftiko: "0.5"
info:
label: "LinkedIn Talent Pipeline Report"
description: "Retrieves active job postings from LinkedIn Recruiter and posts a weekly talent pipeline summary to the HR team in Microsoft Teams."
tags:
- hr
- recruiting
- linkedin
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: talent-reporting
port: 8080
tools:
- name: digest-talent-pipeline
description: "Fetch active job postings and applicant counts from LinkedIn and post a weekly pipeline summary to the HR Teams channel."
inputParameters:
- name: organization_id
in: body
type: string
description: "The LinkedIn organization URN for Gilead Sciences."
steps:
- name: get-job-postings
type: call
call: linkedin.list-job-postings
with:
organization_id: "{{organization_id}}"
- name: post-summary
type: call
call: msteams.post-talent-digest
with:
channel: "hr-talent"
text: "Weekly talent pipeline: {{get-job-postings.total}} active postings, {{get-job-postings.applicant_count}} total applicants."
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-postings
path: "/jobPostings"
operations:
- name: list-job-postings
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/hr/channels/general/messages"
operations:
- name: post-talent-digest
method: POST
Manufacturing Batch Record Status Check
▼
manufacturing quality sap
Retrieves a pharmaceutical manufacturing batch record from SAP, returning status, yield, and quality release information.
naftiko: "0.5"
info:
label: "Manufacturing Batch Record Status Check"
description: "Retrieves a pharmaceutical manufacturing batch record from SAP, returning status, yield, and quality release information."
tags:
- manufacturing
- quality
- sap
capability:
exposes:
- type: mcp
namespace: manufacturing-batch
port: 8080
tools:
- name: get-batch-status
description: "Given a batch number, return status, yield, and release status. Use when production needs batch visibility."
inputParameters:
- name: batch_number
in: body
type: string
description: "SAP batch number."
call: sap-erp.get-batch-record
with:
batch_id: "{{batch_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.BatchStatus"
- name: yield_percentage
type: number
mapping: "$.d.YieldPercent"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: batch-records
path: "/A_BatchRecord('{{batch_id}}')"
inputParameters:
- name: batch_id
in: path
operations:
- name: get-batch-record
method: GET
Manufacturing Line Downtime Response
▼
manufacturing it servicenow sap microsoft-teams
When a manufacturing line goes down, creates incident, alerts maintenance, and logs downtime.
naftiko: "0.5"
info:
label: "Manufacturing Line Downtime Response"
description: "When a manufacturing line goes down, creates incident, alerts maintenance, and logs downtime."
tags:
- manufacturing
- it
- servicenow
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: mfg-downtime
port: 8080
tools:
- name: handle-line-downtime
description: "Given line ID and failure reason, create incident, notify team, and log downtime. Use when manufacturing detects stoppage."
inputParameters:
- name: line_id
in: body
type: string
description: "Production line ID."
- name: failure_reason
in: body
type: string
description: "Failure description."
steps:
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "Line {{line_id}} down: {{failure_reason}}"
category: "manufacturing"
priority: "1"
- name: alert-team
type: call
call: msteams.send-message
with:
channel_id: "manufacturing-ops"
text: "ALERT: Line {{line_id}} down. {{failure_reason}}. Incident: {{create-incident.number}}"
- name: log-downtime
type: call
call: sap-erp.create-downtime-record
with:
work_center: "{{line_id}}"
reason: "{{failure_reason}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_DOWNTIME_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: downtime
path: "/A_DowntimeRecord"
operations:
- name: create-downtime-record
method: POST
NDA Submission Package Orchestration
▼
regulatory clinical veeva-vault servicenow microsoft-teams
Assembles an NDA submission package from Veeva Vault documents, creates tracking task, and notifies regulatory.
naftiko: "0.5"
info:
label: "NDA Submission Package Orchestration"
description: "Assembles an NDA submission package from Veeva Vault documents, creates tracking task, and notifies regulatory."
tags:
- regulatory
- clinical
- veeva-vault
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: nda-submission
port: 8080
tools:
- name: assemble-nda
description: "Given NDA number and molecule, gather docs, create submission, and notify. Use for NDA filing."
inputParameters:
- name: nda_number
in: body
type: string
description: "NDA number."
- name: molecule_name
in: body
type: string
description: "Molecule name."
steps:
- name: gather-docs
type: call
call: veeva-vault.query-documents
with:
nda_number: "{{nda_number}}"
- name: create-submission
type: call
call: veeva-vault.create-submission
with:
nda_number: "{{nda_number}}"
molecule: "{{molecule_name}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "NDA: {{nda_number}} - {{molecule_name}}"
category: "regulatory_submission"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "regulatory"
text: "NDA {{nda_number}} package assembled for {{molecule_name}}. Docs: {{gather-docs.count}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: veeva-vault
baseUri: "https://gilead-regulatory.veevavault.com/api/v24.1"
authentication:
type: bearer
token: "$secrets.veeva_vault_token"
resources:
- name: documents
path: "/query"
operations:
- name: query-documents
method: POST
- name: submissions
path: "/objects/submission__c"
operations:
- name: create-submission
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Okta Application Access Review
▼
identity security okta microsoft-teams access-review
Retrieves all user-application assignments from Okta for a specific application and generates an access review report posted to the security team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Okta Application Access Review"
description: "Retrieves all user-application assignments from Okta for a specific application and generates an access review report posted to the security team in Microsoft Teams."
tags:
- identity
- security
- okta
- microsoft-teams
- access-review
capability:
exposes:
- type: mcp
namespace: access-review
port: 8080
tools:
- name: run-app-access-review
description: "Given an Okta application ID, list all users with access and post a review summary to the security Teams channel for quarterly access certification."
inputParameters:
- name: app_id
in: body
type: string
description: "The Okta application ID to review user access for."
- name: app_name
in: body
type: string
description: "Human-readable application name for the report, e.g. Salesforce."
steps:
- name: list-app-users
type: call
call: okta.list-app-users
with:
app_id: "{{app_id}}"
- name: post-review
type: call
call: msteams.post-access-review
with:
channel: "security-reviews"
text: "Access review for {{app_name}}: {{list-app-users.total}} users have access. Review required by end of quarter."
consumes:
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: app-users
path: "/apps/{{app_id}}/users"
inputParameters:
- name: app_id
in: path
operations:
- name: list-app-users
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/security/channels/reviews/messages"
operations:
- name: post-access-review
method: POST
Okta MFA Compliance Audit
▼
identity security okta servicenow compliance
Audits all Okta users for MFA enrollment compliance and posts a non-compliant user list to ServiceNow as a compliance incident.
naftiko: "0.5"
info:
label: "Okta MFA Compliance Audit"
description: "Audits all Okta users for MFA enrollment compliance and posts a non-compliant user list to ServiceNow as a compliance incident."
tags:
- identity
- security
- okta
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: security-compliance
port: 8080
tools:
- name: audit-mfa-compliance
description: "Retrieve all active Okta users, identify those without MFA enrolled, and create a ServiceNow compliance incident with the non-compliant user list."
inputParameters:
- name: compliance_threshold
in: body
type: number
description: "Maximum allowed percentage of non-MFA users before a P2 incident is opened, e.g. 5."
steps:
- name: list-users
type: call
call: okta.list-active-users
- name: create-compliance-incident
type: call
call: servicenow.create-compliance-incident
with:
short_description: "Okta MFA non-compliance detected"
category: "security_compliance"
description: "Users without MFA exceeds threshold of {{compliance_threshold}}%"
consumes:
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: list-active-users
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-compliance-incident
method: POST
Okta User Status Check
▼
security identity okta
Retrieves Okta user profile by email, returning account status and MFA enrollment.
naftiko: "0.5"
info:
label: "Okta User Status Check"
description: "Retrieves Okta user profile by email, returning account status and MFA enrollment."
tags:
- security
- identity
- okta
capability:
exposes:
- type: mcp
namespace: identity-management
port: 8080
tools:
- name: get-user-status
description: "Given an email, return Okta status and last login. Use when IT verifies access."
inputParameters:
- name: email
in: body
type: string
description: "Employee email."
call: okta.get-user
with:
login: "{{email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: last_login
type: string
mapping: "$.lastLogin"
consumes:
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{login}}"
inputParameters:
- name: login
in: path
operations:
- name: get-user
method: GET
OpenAI Clinical Document Summarization
▼
clinical ai openai
Uses OpenAI to generate structured summaries of clinical study reports.
naftiko: "0.5"
info:
label: "OpenAI Clinical Document Summarization"
description: "Uses OpenAI to generate structured summaries of clinical study reports."
tags:
- clinical
- ai
- openai
capability:
exposes:
- type: mcp
namespace: doc-summarization
port: 8080
tools:
- name: summarize-document
description: "Given document text, produce a structured summary. Use for clinical document overviews."
inputParameters:
- name: document_text
in: body
type: string
description: "Document text."
call: openai.create-completion
with:
model: "gpt-4"
prompt: "Summarize: {{document_text}}"
outputParameters:
- name: summary
type: string
mapping: "$.choices[0].message.content"
consumes:
- type: http
namespace: openai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: create-completion
method: POST
PagerDuty On-Call Schedule Lookup
▼
itsm pagerduty on-call operations
Retrieves the current on-call engineer from PagerDuty for a given service and returns their contact details.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Lookup"
description: "Retrieves the current on-call engineer from PagerDuty for a given service and returns their contact details."
tags:
- itsm
- pagerduty
- on-call
- operations
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-oncall-engineer
description: "Given a PagerDuty schedule ID, return the name and contact of the currently on-call engineer. Use to identify who to escalate incidents to."
inputParameters:
- name: schedule_id
in: body
type: string
description: "The PagerDuty schedule ID to query for the current on-call user."
call: pagerduty.get-oncall
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user_name
type: string
mapping: "$.oncalls[0].user.summary"
- name: user_email
type: string
mapping: "$.oncalls[0].user.email"
- name: escalation_policy
type: string
mapping: "$.oncalls[0].escalation_policy.summary"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
Patient Access Program Enrollment Orchestration
▼
commercial clinical salesforce servicenow microsoft-teams
Enrolls patients in Gilead access programs by verifying eligibility, creating enrollment records, notifying case managers, and updating Salesforce.
naftiko: "0.5"
info:
label: "Patient Access Program Enrollment Orchestration"
description: "Enrolls patients in Gilead access programs by verifying eligibility, creating enrollment records, notifying case managers, and updating Salesforce."
tags:
- commercial
- clinical
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: patient-access
port: 8080
tools:
- name: enroll-patient
description: "Given patient ID and program, verify eligibility, create enrollment, and notify. Use for patient access program enrollments."
inputParameters:
- name: patient_id
in: body
type: string
description: "Patient identifier."
- name: program_name
in: body
type: string
description: "Access program name."
steps:
- name: verify-eligibility
type: call
call: salesforce.check-eligibility
with:
patient_id: "{{patient_id}}"
program: "{{program_name}}"
- name: create-enrollment
type: call
call: salesforce.create-enrollment
with:
patient_id: "{{patient_id}}"
program: "{{program_name}}"
- name: create-case
type: call
call: servicenow.create-task
with:
short_description: "Access enrollment: {{patient_id}} - {{program_name}}"
category: "patient_access"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "patient-access"
text: "Patient {{patient_id}} enrolled in {{program_name}}. Eligible: {{verify-eligibility.eligible}}. Case: {{create-case.number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: eligibility
path: "/sobjects/Patient_Access__c"
operations:
- name: check-eligibility
method: GET
- name: create-enrollment
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Payroll Headcount Snapshot
▼
hr finance workday reporting headcount
Pulls current headcount and salary band data from Workday by department and cost center for finance planning.
naftiko: "0.5"
info:
label: "Payroll Headcount Snapshot"
description: "Pulls current headcount and salary band data from Workday by department and cost center for finance planning."
tags:
- hr
- finance
- workday
- reporting
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-by-department
description: "Returns a list of active employees grouped by department and cost center with employment type from Workday. Use for headcount planning and cost analysis."
call: workday.headcount-export
outputParameters:
- name: employees
type: array
mapping: "$.data"
items:
- name: employee_id
type: string
mapping: "$.id"
- name: full_name
type: string
mapping: "$.displayName"
- name: department
type: string
mapping: "$.department"
- name: cost_center
type: string
mapping: "$.costCenter"
- name: employment_type
type: string
mapping: "$.employmentType"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/gilead-sciences/workers"
operations:
- name: headcount-export
method: GET
Pharmacokinetics Data Analysis Orchestration
▼
clinical rd snowflake microsoft-teams
Orchestrates PK analysis by extracting concentration data, running NCA, and notifying clinical pharmacology.
naftiko: "0.5"
info:
label: "Pharmacokinetics Data Analysis Orchestration"
description: "Orchestrates PK analysis by extracting concentration data, running NCA, and notifying clinical pharmacology."
tags:
- clinical
- rd
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: pk-analysis
port: 8080
tools:
- name: run-pk-analysis
description: "Given study ID and analyte, extract PK data, run NCA, and notify. Use for PK analysis."
inputParameters:
- name: study_id
in: body
type: string
description: "Study ID."
- name: analyte
in: body
type: string
description: "Analyte name."
steps:
- name: extract
type: call
call: snowflake.execute-query
with:
query_name: "pk_concentrations"
params: "{{study_id}},{{analyte}}"
- name: nca
type: call
call: snowflake.execute-query
with:
query_name: "pk_nca"
params: "{{study_id}},{{analyte}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "clinical-pharmacology"
text: "PK analysis: {{study_id}} {{analyte}}. Cmax: {{nca.cmax}}. AUC: {{nca.auc}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Post-Market Surveillance Report Orchestration
▼
regulatory quality safety snowflake veeva-vault microsoft-teams
Generates periodic safety update reports by aggregating adverse events and complaints.
naftiko: "0.5"
info:
label: "Post-Market Surveillance Report Orchestration"
description: "Generates periodic safety update reports by aggregating adverse events and complaints."
tags:
- regulatory
- quality
- safety
- snowflake
- veeva-vault
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: pms-reporting
port: 8080
tools:
- name: generate-psur
description: "Given product and period, aggregate safety data and generate PSUR. Use for periodic safety reports."
inputParameters:
- name: product_name
in: body
type: string
description: "Product name."
- name: reporting_period
in: body
type: string
description: "Reporting period."
steps:
- name: get-aes
type: call
call: snowflake.execute-query
with:
query_name: "psur_aes"
params: "{{product_name}},{{reporting_period}}"
- name: create-report
type: call
call: veeva-vault.create-document
with:
doc_type: "psur"
product: "{{product_name}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "pharmacovigilance"
text: "PSUR for {{product_name}} ({{reporting_period}}). AEs: {{get-aes.total}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: veeva-vault
baseUri: "https://gilead-regulatory.veevavault.com/api/v24.1"
authentication:
type: bearer
token: "$secrets.veeva_vault_token"
resources:
- name: documents
path: "/objects/documents"
operations:
- name: create-document
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Power BI Commercial Dashboard Refresh
▼
commercial analytics power-bi
Triggers a Power BI commercial dashboard refresh.
naftiko: "0.5"
info:
label: "Power BI Commercial Dashboard Refresh"
description: "Triggers a Power BI commercial dashboard refresh."
tags:
- commercial
- analytics
- power-bi
capability:
exposes:
- type: mcp
namespace: bi-refresh
port: 8080
tools:
- name: refresh-dashboard
description: "Given dataset ID, trigger refresh. Use for updated commercial metrics."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID."
call: powerbi.trigger-refresh
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Power BI Financial Dashboard Refresh
▼
finance data-analytics power-bi microsoft-teams reporting
Triggers a Power BI dataset refresh for the quarterly financial dashboard and posts the completion status to the finance team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Power BI Financial Dashboard Refresh"
description: "Triggers a Power BI dataset refresh for the quarterly financial dashboard and posts the completion status to the finance team in Microsoft Teams."
tags:
- finance
- data-analytics
- power-bi
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: finance-reporting
port: 8080
tools:
- name: refresh-financial-dashboard
description: "Given a Power BI workspace ID and dataset ID, trigger a dataset refresh and notify the finance team in Teams when complete."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Power BI workspace GUID containing the financial dashboard."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset GUID to refresh."
steps:
- name: trigger-refresh
type: call
call: powerbi.refresh-dataset
with:
workspace_id: "{{workspace_id}}"
dataset_id: "{{dataset_id}}"
- name: notify-finance
type: call
call: msteams.post-refresh-status
with:
channel: "finance-analytics"
text: "Power BI financial dashboard refresh triggered for dataset {{dataset_id}}."
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/finance/channels/general/messages"
operations:
- name: post-refresh-status
method: POST
Quality CAPA Status Lookup
▼
quality compliance servicenow
Retrieves a CAPA record from the quality management system.
naftiko: "0.5"
info:
label: "Quality CAPA Status Lookup"
description: "Retrieves a CAPA record from the quality management system."
tags:
- quality
- compliance
- servicenow
capability:
exposes:
- type: mcp
namespace: quality-capa
port: 8080
tools:
- name: get-capa-status
description: "Given a CAPA number, return phase, root cause, and due date. Use when quality tracks CAPA progress."
inputParameters:
- name: capa_number
in: body
type: string
description: "CAPA record number."
call: servicenow.get-capa
with:
number: "{{capa_number}}"
outputParameters:
- name: phase
type: string
mapping: "$.result.phase"
- name: due_date
type: string
mapping: "$.result.due_date"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: capa-records
path: "/table/u_capa?sysparm_query=number={{number}}"
inputParameters:
- name: number
in: query
operations:
- name: get-capa
method: GET
Quality Deviation Investigation Orchestration
▼
quality manufacturing servicenow sap microsoft-teams
Investigates a quality deviation by pulling batch data, creating investigation tasks, and notifying quality.
naftiko: "0.5"
info:
label: "Quality Deviation Investigation Orchestration"
description: "Investigates a quality deviation by pulling batch data, creating investigation tasks, and notifying quality."
tags:
- quality
- manufacturing
- servicenow
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: deviation-investigation
port: 8080
tools:
- name: initiate-investigation
description: "Given deviation number, pull batch data, create task, and notify. Use when QA escalates deviations."
inputParameters:
- name: deviation_number
in: body
type: string
description: "Deviation number."
steps:
- name: get-deviation
type: call
call: servicenow.get-deviation
with:
number: "{{deviation_number}}"
- name: get-batch
type: call
call: sap-erp.get-batch-record
with:
batch_id: "{{get-deviation.batch_number}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Investigate: {{deviation_number}}"
category: "quality_investigation"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "quality"
text: "Investigation for {{deviation_number}}. Batch: {{get-deviation.batch_number}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: deviations
path: "/table/u_deviation"
operations:
- name: get-deviation
method: GET
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: batches
path: "/A_BatchRecord('{{batch_id}}')"
inputParameters:
- name: batch_id
in: path
operations:
- name: get-batch-record
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Quarterly Business Review Data Orchestration
▼
finance sales hr sap salesforce workday snowflake
Assembles QBR data from SAP, Salesforce, Workday, and generates a consolidated report.
naftiko: "0.5"
info:
label: "Quarterly Business Review Data Orchestration"
description: "Assembles QBR data from SAP, Salesforce, Workday, and generates a consolidated report."
tags:
- finance
- sales
- hr
- sap
- salesforce
- workday
- snowflake
capability:
exposes:
- type: mcp
namespace: qbr-data
port: 8080
tools:
- name: assemble-qbr
description: "Given business unit and quarter, pull data and generate report. Use for QBR prep."
inputParameters:
- name: business_unit
in: body
type: string
description: "Business unit."
- name: quarter
in: body
type: string
description: "Fiscal quarter."
steps:
- name: financials
type: call
call: sap-erp.get-pl-summary
with:
unit: "{{business_unit}}"
quarter: "{{quarter}}"
- name: pipeline
type: call
call: salesforce.get-pipeline-summary
with:
unit: "{{business_unit}}"
- name: headcount
type: call
call: workday.get-headcount
with:
unit: "{{business_unit}}"
- name: report
type: call
call: snowflake.execute-query
with:
query_name: "qbr_report"
params: "{{business_unit}},{{quarter}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/FI_PL_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: pl
path: "/A_PLSummary"
operations:
- name: get-pl-summary
method: GET
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: pipeline
path: "/analytics/reports/pipeline_summary"
operations:
- name: get-pipeline-summary
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: headcount
path: "/headcount"
operations:
- name: get-headcount
method: GET
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Regulatory Audit Preparation Orchestration
▼
regulatory quality compliance servicenow workday snowflake
Prepares for FDA/EMA audits by gathering CAPAs, deviations, training compliance, and generating a readiness report.
naftiko: "0.5"
info:
label: "Regulatory Audit Preparation Orchestration"
description: "Prepares for FDA/EMA audits by gathering CAPAs, deviations, training compliance, and generating a readiness report."
tags:
- regulatory
- quality
- compliance
- servicenow
- workday
- snowflake
capability:
exposes:
- type: mcp
namespace: audit-preparation
port: 8080
tools:
- name: prepare-audit-package
description: "Given audit type and facility, gather CAPAs, deviations, training, and generate report. Use when quality prepares for audits."
inputParameters:
- name: audit_type
in: body
type: string
description: "Audit type."
- name: facility_code
in: body
type: string
description: "Facility code."
steps:
- name: get-capas
type: call
call: servicenow.query-capas
with:
facility: "{{facility_code}}"
status: "open"
- name: get-deviations
type: call
call: servicenow.query-deviations
with:
facility: "{{facility_code}}"
- name: get-training
type: call
call: workday.get-training-status
with:
facility: "{{facility_code}}"
- name: generate-report
type: call
call: snowflake.execute-query
with:
query_name: "audit_readiness"
params: "{{facility_code}},{{audit_type}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: capas
path: "/table/u_capa"
operations:
- name: query-capas
method: GET
- name: deviations
path: "/table/u_deviation"
operations:
- name: query-deviations
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: training
path: "/training/compliance"
operations:
- name: get-training-status
method: GET
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Regulatory Submission Document Package
▼
regulatory veeva anthropic clinical-trials ai
Compiles a regulatory submission document package by retrieving trial data from Veeva Vault, generating a summary via Anthropic, and uploading the package back to Veeva.
naftiko: "0.5"
info:
label: "Regulatory Submission Document Package"
description: "Compiles a regulatory submission document package by retrieving trial data from Veeva Vault, generating a summary via Anthropic, and uploading the package back to Veeva."
tags:
- regulatory
- veeva
- anthropic
- clinical-trials
- ai
capability:
exposes:
- type: mcp
namespace: regulatory-ops
port: 8080
tools:
- name: build-submission-package
description: "Given a trial ID and submission type, retrieve all trial documents from Veeva Vault, generate an AI-drafted executive summary via Anthropic, and upload the compiled package to Veeva."
inputParameters:
- name: trial_id
in: body
type: string
description: "The Veeva Vault clinical trial ID for the submission."
- name: submission_type
in: body
type: string
description: "Regulatory submission type, e.g. IND, NDA, BLA, MAA."
steps:
- name: get-documents
type: call
call: veeva.list-trial-documents
with:
trial_id: "{{trial_id}}"
- name: generate-summary
type: call
call: anthropic.create-message
with:
model: claude-opus-4-5
prompt: "Summarize the following clinical trial documents for a {{submission_type}} regulatory submission: {{get-documents.document_list}}"
- name: upload-package
type: call
call: veeva.create-document
with:
trial_id: "{{trial_id}}"
document_type: "{{submission_type}}_Package"
content: "{{generate-summary.content}}"
consumes:
- type: http
namespace: veeva
baseUri: "https://gilead.veevavault.com/api/v23.1"
authentication:
type: bearer
token: "$secrets.veeva_token"
resources:
- name: trial-documents
path: "/objects/documents"
operations:
- name: list-trial-documents
method: GET
- name: create-document
method: POST
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
Salesforce Account Health Digest
▼
sales crm salesforce microsoft-teams reporting
Compiles a weekly account health digest from Salesforce for key biopharma accounts and posts it to the commercial ops team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Salesforce Account Health Digest"
description: "Compiles a weekly account health digest from Salesforce for key biopharma accounts and posts it to the commercial ops team in Microsoft Teams."
tags:
- sales
- crm
- salesforce
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: commercial-reporting
port: 8080
tools:
- name: digest-account-health
description: "Retrieve open opportunities, recent activities, and pipeline values for key accounts from Salesforce and post a weekly digest to the commercial Teams channel."
inputParameters:
- name: account_segment
in: body
type: string
description: "The account segment to report on, e.g. Top 50, Strategic Accounts."
steps:
- name: get-opportunities
type: call
call: salesforce.query-opportunities
with:
segment: "{{account_segment}}"
- name: post-digest
type: call
call: msteams.post-account-digest
with:
channel: "commercial-ops"
text: "Weekly account health ({{account_segment}}): {{get-opportunities.total}} open opps, ${{get-opportunities.pipeline_value}} pipeline."
consumes:
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/query"
operations:
- name: query-opportunities
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/commercial/channels/general/messages"
operations:
- name: post-account-digest
method: POST
Salesforce Account Lookup
▼
sales crm salesforce
Retrieves a Salesforce account record by ID.
naftiko: "0.5"
info:
label: "Salesforce Account Lookup"
description: "Retrieves a Salesforce account record by ID."
tags:
- sales
- crm
- salesforce
capability:
exposes:
- type: mcp
namespace: crm-accounts
port: 8080
tools:
- name: get-account
description: "Given account ID, return name, type, and revenue. Use when commercial needs account data."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
call: salesforce.get-account
with:
id: "{{account_id}}"
outputParameters:
- name: name
type: string
mapping: "$.Name"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-account
method: GET
Salesforce Lead Enrichment and Qualification
▼
sales crm salesforce zoominfo lead-enrichment
When a new Salesforce lead is created, enriches it with company data from ZoomInfo and updates the lead record with enriched fields.
naftiko: "0.5"
info:
label: "Salesforce Lead Enrichment and Qualification"
description: "When a new Salesforce lead is created, enriches it with company data from ZoomInfo and updates the lead record with enriched fields."
tags:
- sales
- crm
- salesforce
- zoominfo
- lead-enrichment
capability:
exposes:
- type: mcp
namespace: crm-sales
port: 8080
tools:
- name: enrich-lead
description: "Given a Salesforce lead ID and company name, fetch company intelligence from ZoomInfo and update the Salesforce lead record with enriched data."
inputParameters:
- name: lead_id
in: body
type: string
description: "The Salesforce lead record ID to enrich."
- name: company_name
in: body
type: string
description: "The company name to look up in ZoomInfo."
steps:
- name: get-company-data
type: call
call: zoominfo.search-company
with:
company_name: "{{company_name}}"
- name: update-lead
type: call
call: salesforce.update-lead
with:
lead_id: "{{lead_id}}"
annual_revenue: "{{get-company-data.revenue}}"
number_of_employees: "{{get-company-data.employee_count}}"
industry: "{{get-company-data.industry}}"
consumes:
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/company"
operations:
- name: search-company
method: POST
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead/{{lead_id}}"
inputParameters:
- name: lead_id
in: path
operations:
- name: update-lead
method: PATCH
Salesforce Opportunity Stage Sync to Jira
▼
sales crm salesforce jira onboarding
When a Salesforce opportunity advances to Closed-Won, creates a Jira project epic for the customer onboarding workstream.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Stage Sync to Jira"
description: "When a Salesforce opportunity advances to Closed-Won, creates a Jira project epic for the customer onboarding workstream."
tags:
- sales
- crm
- salesforce
- jira
- onboarding
capability:
exposes:
- type: mcp
namespace: sales-ops
port: 8080
tools:
- name: sync-opportunity-to-jira
description: "Given a Salesforce opportunity ID that has reached Closed-Won, create a Jira epic for the customer onboarding workstream and link back the epic key to the Salesforce opportunity."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce Opportunity record ID to sync."
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opportunity_id: "{{opportunity_id}}"
- name: create-epic
type: call
call: jira.create-epic
with:
project_key: "CS"
summary: "Customer Onboarding: {{get-opportunity.account_name}}"
description: "Salesforce Opp: {{opportunity_id}} | Value: {{get-opportunity.amount}}"
- name: update-opportunity
type: call
call: salesforce-update.patch-opportunity
with:
opportunity_id: "{{opportunity_id}}"
jira_epic_key: "{{create-epic.key}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-epic
method: POST
- type: http
namespace: salesforce-update
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: patch-opportunity
method: PATCH
SAP Ariba Contract Renewal Orchestration
▼
procurement sap-ariba servicenow microsoft-teams
Manages contract renewals by checking expiring contracts, creating tasks, and notifying procurement.
naftiko: "0.5"
info:
label: "SAP Ariba Contract Renewal Orchestration"
description: "Manages contract renewals by checking expiring contracts, creating tasks, and notifying procurement."
tags:
- procurement
- sap-ariba
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contract-renewal
port: 8080
tools:
- name: process-renewal
description: "Given contract ID, check terms, create task, and notify. Use for contract renewals."
inputParameters:
- name: contract_id
in: body
type: string
description: "Contract ID."
steps:
- name: get-contract
type: call
call: ariba.get-contract
with:
id: "{{contract_id}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Renew: {{get-contract.title}}"
due_date: "{{get-contract.expiry_date}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "procurement"
text: "Contract {{contract_id}} expiring {{get-contract.expiry_date}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/contract-management/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: contracts
path: "/contracts/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-contract
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
SAP Ariba Sourcing Event Creation
▼
procurement sap-ariba
Creates a sourcing event in SAP Ariba for competitive bidding.
naftiko: "0.5"
info:
label: "SAP Ariba Sourcing Event Creation"
description: "Creates a sourcing event in SAP Ariba for competitive bidding."
tags:
- procurement
- sap-ariba
capability:
exposes:
- type: mcp
namespace: strategic-sourcing
port: 8080
tools:
- name: create-sourcing-event
description: "Given category and description, create sourcing event. Use for competitive bidding."
inputParameters:
- name: category
in: body
type: string
description: "Sourcing category."
- name: description
in: body
type: string
description: "Description."
call: ariba.create-event
with:
category: "{{category}}"
description: "{{description}}"
outputParameters:
- name: event_id
type: string
mapping: "$.data.eventId"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/sourcing-projects/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
SAP Ariba Supplier Onboarding
▼
procurement sap-ariba servicenow microsoft-teams supplier-management
Initiates a new supplier onboarding workflow in SAP Ariba, creates a ServiceNow vendor request ticket, and notifies the procurement team in Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP Ariba Supplier Onboarding"
description: "Initiates a new supplier onboarding workflow in SAP Ariba, creates a ServiceNow vendor request ticket, and notifies the procurement team in Microsoft Teams."
tags:
- procurement
- sap-ariba
- servicenow
- microsoft-teams
- supplier-management
capability:
exposes:
- type: mcp
namespace: procurement-ops
port: 8080
tools:
- name: onboard-supplier
description: "Given a supplier name and contact email, register the supplier in SAP Ariba, create a ServiceNow vendor onboarding ticket, and notify procurement in Teams."
inputParameters:
- name: supplier_name
in: body
type: string
description: "The legal name of the supplier to onboard."
- name: supplier_email
in: body
type: string
description: "Primary contact email for the new supplier."
- name: spend_category
in: body
type: string
description: "The SAP Ariba spend category for this supplier, e.g. IT Services, Lab Supplies."
steps:
- name: register-supplier
type: call
call: ariba.create-supplier
with:
name: "{{supplier_name}}"
email: "{{supplier_email}}"
category: "{{spend_category}}"
- name: create-vendor-ticket
type: call
call: servicenow.create-vendor-request
with:
short_description: "New supplier onboarding: {{supplier_name}}"
supplier_id: "{{register-supplier.supplier_id}}"
- name: notify-procurement
type: call
call: msteams.notify-procurement
with:
channel: "procurement-ops"
text: "New supplier {{supplier_name}} registered in Ariba ({{register-supplier.supplier_id}}). SN ticket: {{create-vendor-ticket.number}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/supplier/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: suppliers
path: "/suppliers"
operations:
- name: create-supplier
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: vendor-requests
path: "/table/u_vendor_request"
operations:
- name: create-vendor-request
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/procurement/channels/general/messages"
operations:
- name: notify-procurement
method: POST
SAP Concur Travel Request Approval
▼
finance travel sap-concur servicenow approval
Retrieves a pending SAP Concur travel request, validates it against travel policy via Anthropic, and routes it for approval in ServiceNow.
naftiko: "0.5"
info:
label: "SAP Concur Travel Request Approval"
description: "Retrieves a pending SAP Concur travel request, validates it against travel policy via Anthropic, and routes it for approval in ServiceNow."
tags:
- finance
- travel
- sap-concur
- servicenow
- approval
capability:
exposes:
- type: mcp
namespace: travel-ops
port: 8080
tools:
- name: route-travel-approval
description: "Given a SAP Concur travel request ID, validate the request against policy using Anthropic and create a ServiceNow approval task for the finance team."
inputParameters:
- name: request_id
in: body
type: string
description: "The SAP Concur travel request ID to review and route."
steps:
- name: get-travel-request
type: call
call: concur.get-travel-request
with:
request_id: "{{request_id}}"
- name: validate-policy
type: call
call: anthropic.validate-travel
with:
model: claude-opus-4-5
prompt: "Review this travel request for policy compliance: {{get-travel-request.details}}"
- name: create-approval
type: call
call: servicenow.create-travel-approval
with:
short_description: "Travel approval: {{get-travel-request.traveler_name}} — {{get-travel-request.destination}}"
policy_notes: "{{validate-policy.compliance_notes}}"
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: travel-requests
path: "/travelrequest/requests/{{request_id}}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-travel-request
method: GET
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: validate-travel
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: approvals
path: "/table/sysapproval_approver"
operations:
- name: create-travel-approval
method: POST
SAP Concur Travel Request Lookup
▼
finance travel sap-concur
Retrieves a travel request from SAP Concur.
naftiko: "0.5"
info:
label: "SAP Concur Travel Request Lookup"
description: "Retrieves a travel request from SAP Concur."
tags:
- finance
- travel
- sap-concur
capability:
exposes:
- type: mcp
namespace: travel
port: 8080
tools:
- name: get-travel-request
description: "Given request ID, return destination and approval status. Use for travel visibility."
inputParameters:
- name: request_id
in: body
type: string
description: "Concur request ID."
call: concur.get-request
with:
id: "{{request_id}}"
outputParameters:
- name: destination
type: string
mapping: "$.MainDestination"
- name: status
type: string
mapping: "$.ApprovalStatusName"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: requests
path: "/travelrequest/requests/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-request
method: GET
SAP Cost Center Budget Lookup
▼
finance erp sap
Retrieves budget vs actual for an SAP cost center.
naftiko: "0.5"
info:
label: "SAP Cost Center Budget Lookup"
description: "Retrieves budget vs actual for an SAP cost center."
tags:
- finance
- erp
- sap
capability:
exposes:
- type: mcp
namespace: cost-center-budget
port: 8080
tools:
- name: get-budget
description: "Given cost center and period, return planned and actual spend. Use for budget visibility."
inputParameters:
- name: cost_center
in: body
type: string
description: "SAP cost center."
- name: fiscal_period
in: body
type: string
description: "Fiscal period."
call: sap-erp.get-budget
with:
cost_center: "{{cost_center}}"
period: "{{fiscal_period}}"
outputParameters:
- name: planned_budget
type: number
mapping: "$.d.PlannedAmount"
- name: actual_spend
type: number
mapping: "$.d.ActualAmount"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/FI_CO_BUDGET_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: budgets
path: "/A_CostCenterBudget(CostCenter='{{cost_center}}',Period='{{period}}')"
inputParameters:
- name: cost_center
in: path
- name: period
in: path
operations:
- name: get-budget
method: GET
SAP Goods Receipt Posting
▼
supply-chain sap
Posts a goods receipt in SAP for inbound API or excipient deliveries.
naftiko: "0.5"
info:
label: "SAP Goods Receipt Posting"
description: "Posts a goods receipt in SAP for inbound API or excipient deliveries."
tags:
- supply-chain
- sap
capability:
exposes:
- type: mcp
namespace: goods-receipt
port: 8080
tools:
- name: post-goods-receipt
description: "Given delivery number, post goods receipt. Use when warehouse confirms material receipt."
inputParameters:
- name: delivery_number
in: body
type: string
description: "SAP delivery number."
call: sap-erp.post-gr
with:
delivery: "{{delivery_number}}"
outputParameters:
- name: material_document
type: string
mapping: "$.d.MaterialDocument"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_GR_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: goods-receipts
path: "/A_GoodsReceipt"
operations:
- name: post-gr
method: POST
SAP Inventory Level Check
▼
supply-chain manufacturing sap
Queries SAP for current inventory levels of an API or drug product material.
naftiko: "0.5"
info:
label: "SAP Inventory Level Check"
description: "Queries SAP for current inventory levels of an API or drug product material."
tags:
- supply-chain
- manufacturing
- sap
capability:
exposes:
- type: mcp
namespace: inventory-management
port: 8080
tools:
- name: get-inventory-level
description: "Given material number and plant code, return unrestricted stock and reserved quantity. Use when supply chain checks stock."
inputParameters:
- name: material_number
in: body
type: string
description: "SAP material number."
- name: plant_code
in: body
type: string
description: "SAP plant code."
call: sap-erp.get-material-stock
with:
material: "{{material_number}}"
plant: "{{plant_code}}"
outputParameters:
- name: unrestricted_stock
type: number
mapping: "$.d.UnrestrictedStock"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_STOCK_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: material-stock
path: "/A_MaterialStock(Material='{{material}}',Plant='{{plant}}')"
inputParameters:
- name: material
in: path
- name: plant
in: path
operations:
- name: get-material-stock
method: GET
SAP Maintenance Order Creation
▼
manufacturing maintenance sap
Creates a preventive maintenance order in SAP for pharma manufacturing equipment.
naftiko: "0.5"
info:
label: "SAP Maintenance Order Creation"
description: "Creates a preventive maintenance order in SAP for pharma manufacturing equipment."
tags:
- manufacturing
- maintenance
- sap
capability:
exposes:
- type: mcp
namespace: plant-maintenance
port: 8080
tools:
- name: create-pm-order
description: "Given equipment ID and type, create PM order. Use for equipment servicing."
inputParameters:
- name: equipment_id
in: body
type: string
description: "Equipment ID."
- name: maintenance_type
in: body
type: string
description: "Maintenance type."
call: sap-erp.create-pm-order
with:
equipment: "{{equipment_id}}"
order_type: "{{maintenance_type}}"
outputParameters:
- name: order_number
type: string
mapping: "$.d.MaintenanceOrder"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PM_ORDER_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: orders
path: "/A_MaintenanceOrder"
operations:
- name: create-pm-order
method: POST
SAP Material Master Lookup
▼
supply-chain erp sap
Retrieves material master data from SAP.
naftiko: "0.5"
info:
label: "SAP Material Master Lookup"
description: "Retrieves material master data from SAP."
tags:
- supply-chain
- erp
- sap
capability:
exposes:
- type: mcp
namespace: material-master
port: 8080
tools:
- name: get-material-master
description: "Given material number, return description and UoM. Use for material details."
inputParameters:
- name: material_number
in: body
type: string
description: "SAP material number."
call: sap-erp.get-material
with:
material: "{{material_number}}"
outputParameters:
- name: description
type: string
mapping: "$.d.MaterialDescription"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: materials
path: "/A_Material('{{material}}')"
inputParameters:
- name: material
in: path
operations:
- name: get-material
method: GET
SAP Production Order Status Lookup
▼
manufacturing erp sap
Retrieves a production order from SAP with status, quantities, and schedule.
naftiko: "0.5"
info:
label: "SAP Production Order Status Lookup"
description: "Retrieves a production order from SAP with status, quantities, and schedule."
tags:
- manufacturing
- erp
- sap
capability:
exposes:
- type: mcp
namespace: production-orders
port: 8080
tools:
- name: get-production-order
description: "Given an order number, return status and quantities. Use when manufacturing checks orders."
inputParameters:
- name: order_number
in: body
type: string
description: "SAP production order."
call: sap-erp.get-prod-order
with:
order: "{{order_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OrderStatus"
- name: planned_quantity
type: number
mapping: "$.d.PlannedQuantity"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/PP_PROD_ORDER_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: production-orders
path: "/A_ProductionOrder('{{order}}')"
inputParameters:
- name: order
in: path
operations:
- name: get-prod-order
method: GET
SAP Purchase Order Lookup
▼
finance procurement sap erp
Looks up a SAP S/4HANA purchase order by PO number and returns header status, vendor, and total value.
naftiko: "0.5"
info:
label: "SAP Purchase Order Lookup"
description: "Looks up a SAP S/4HANA purchase order by PO number and returns header status, vendor, and total value."
tags:
- finance
- procurement
- sap
- erp
capability:
exposes:
- type: mcp
namespace: erp-finance
port: 8080
tools:
- name: get-purchase-order
description: "Given a SAP purchase order number, return the header status, vendor name, total amount, and currency from SAP S/4HANA. Use for procurement status checks."
inputParameters:
- name: po_number
in: body
type: string
description: "The SAP purchase order number, e.g. 4500001234."
call: sap.get-po
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OverallStatus"
- name: vendor
type: string
mapping: "$.d.Supplier.CompanyName"
- name: total_value
type: string
mapping: "$.d.TotalAmount"
- name: currency
type: string
mapping: "$.d.TransactionCurrency"
consumes:
- type: http
namespace: sap
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
SAP Quality Inspection Lot Lookup
▼
quality manufacturing sap
Retrieves quality inspection lot details from SAP.
naftiko: "0.5"
info:
label: "SAP Quality Inspection Lot Lookup"
description: "Retrieves quality inspection lot details from SAP."
tags:
- quality
- manufacturing
- sap
capability:
exposes:
- type: mcp
namespace: quality-inspection
port: 8080
tools:
- name: get-inspection-lot
description: "Given inspection lot number, return status and usage decision. Use for QC review."
inputParameters:
- name: inspection_lot
in: body
type: string
description: "Inspection lot number."
call: sap-erp.get-inspection
with:
lot: "{{inspection_lot}}"
outputParameters:
- name: status
type: string
mapping: "$.d.InspectionLotStatus"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/QM_INSPECTION_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: lots
path: "/A_InspectionLot('{{lot}}')"
inputParameters:
- name: lot
in: path
operations:
- name: get-inspection
method: GET
SAP Vendor Payment Status Lookup
▼
finance procurement sap
Queries SAP for vendor payment status by invoice number.
naftiko: "0.5"
info:
label: "SAP Vendor Payment Status Lookup"
description: "Queries SAP for vendor payment status by invoice number."
tags:
- finance
- procurement
- sap
capability:
exposes:
- type: mcp
namespace: vendor-payments
port: 8080
tools:
- name: get-payment-status
description: "Given invoice number, return payment status and date. Use when AP verifies payments."
inputParameters:
- name: invoice_number
in: body
type: string
description: "SAP invoice number."
call: sap-erp.get-invoice-payment
with:
invoice: "{{invoice_number}}"
outputParameters:
- name: payment_status
type: string
mapping: "$.d.PaymentStatus"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/FI_AP_INVOICE_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: invoices
path: "/A_Invoice('{{invoice}}')/payments"
inputParameters:
- name: invoice
in: path
operations:
- name: get-invoice-payment
method: GET
Security Incident Response Orchestration
▼
security it crowdstrike servicenow microsoft-teams
Creates a security incident, isolates affected endpoint, and notifies SOC when a critical threat is confirmed.
naftiko: "0.5"
info:
label: "Security Incident Response Orchestration"
description: "Creates a security incident, isolates affected endpoint, and notifies SOC when a critical threat is confirmed."
tags:
- security
- it
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-response
port: 8080
tools:
- name: respond-to-security-incident
description: "Given detection ID and hostname, create incident, isolate endpoint, and notify SOC. Use when SOC confirms a threat."
inputParameters:
- name: detection_id
in: body
type: string
description: "CrowdStrike detection ID."
- name: hostname
in: body
type: string
description: "Affected hostname."
steps:
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: "Security: threat on {{hostname}}"
category: "security"
priority: "1"
- name: isolate
type: call
call: crowdstrike.contain-host
with:
hostname: "{{hostname}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "security-ops"
text: "CRITICAL: {{create-incident.number}} - Host {{hostname}} isolated. Detection: {{detection_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: hosts
path: "/devices/entities/host-actions/v2"
operations:
- name: contain-host
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
ServiceNow Change Management Approval
▼
itsm change-management servicenow microsoft-teams approval
Submits a change request in ServiceNow for infrastructure changes, routes to the CAB for approval, and notifies stakeholders in Microsoft Teams.
naftiko: "0.5"
info:
label: "ServiceNow Change Management Approval"
description: "Submits a change request in ServiceNow for infrastructure changes, routes to the CAB for approval, and notifies stakeholders in Microsoft Teams."
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: submit-change-request
description: "Given change details, create a ServiceNow change request, assign it to the CAB group, and notify approvers in Microsoft Teams."
inputParameters:
- name: short_description
in: body
type: string
description: "A brief description of the infrastructure change being requested."
- name: change_type
in: body
type: string
description: "The ServiceNow change type: normal, standard, or emergency."
- name: risk_level
in: body
type: string
description: "Risk level of the change: low, medium, high."
- name: approver_email
in: body
type: string
description: "Email of the primary change approver to notify in Teams."
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: "{{short_description}}"
type: "{{change_type}}"
risk: "{{risk_level}}"
assignment_group: "CAB"
- name: notify-approver
type: call
call: msteams.notify-approver
with:
recipient: "{{approver_email}}"
text: "Change request {{create-change.number}} requires your approval: {{short_description}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient}}/sendMail"
inputParameters:
- name: recipient
in: path
operations:
- name: notify-approver
method: POST
ServiceNow Incident Status Lookup
▼
it servicenow
Retrieves status and assignment for a ServiceNow incident.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Lookup"
description: "Retrieves status and assignment for a ServiceNow incident."
tags:
- it
- servicenow
capability:
exposes:
- type: mcp
namespace: it-incidents
port: 8080
tools:
- name: get-incident-status
description: "Given an incident number, return state, priority, and assigned group. Use when IT checks ticket status."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: servicenow.get-incident
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident?sysparm_query=number={{number}}"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
SharePoint Document Search
▼
documentation collaboration sharepoint
Searches Gilead SharePoint document libraries by keyword.
naftiko: "0.5"
info:
label: "SharePoint Document Search"
description: "Searches Gilead SharePoint document libraries by keyword."
tags:
- documentation
- collaboration
- sharepoint
capability:
exposes:
- type: mcp
namespace: doc-search
port: 8080
tools:
- name: search-docs
description: "Given search query, return matching documents. Use for document search."
inputParameters:
- name: query
in: body
type: string
description: "Search keywords."
call: sharepoint.search
with:
querytext: "{{query}}"
outputParameters:
- name: result_count
type: integer
mapping: "$.PrimaryQueryResult.RelevantResults.TotalRows"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://gilead.sharepoint.com/_api"
authentication:
type: bearer
token: "$secrets.sharepoint_token"
resources:
- name: search
path: "/search/query?querytext='{{querytext}}'"
inputParameters:
- name: querytext
in: query
operations:
- name: search
method: GET
Snowflake Clinical Data Quality Check
▼
data-analytics clinical-trials snowflake microsoft-teams data-quality
Runs a data quality validation query on Snowflake clinical trial data and posts the results to the data engineering team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Snowflake Clinical Data Quality Check"
description: "Runs a data quality validation query on Snowflake clinical trial data and posts the results to the data engineering team in Microsoft Teams."
tags:
- data-analytics
- clinical-trials
- snowflake
- microsoft-teams
- data-quality
capability:
exposes:
- type: mcp
namespace: clinical-data-ops
port: 8080
tools:
- name: run-clinical-data-quality
description: "Given a Snowflake database and table name containing clinical trial data, execute a data quality check and post the completeness and anomaly report to Teams."
inputParameters:
- name: database
in: body
type: string
description: "The Snowflake database name containing clinical trial data."
- name: table_name
in: body
type: string
description: "The Snowflake table to run quality checks against."
steps:
- name: run-quality-query
type: call
call: snowflake.execute-statement
with:
database: "{{database}}"
statement: "SELECT COUNT(*) as total, COUNT_IF(patient_id IS NULL) as missing_ids FROM {{table_name}}"
- name: post-results
type: call
call: msteams.post-quality-report
with:
channel: "clinical-data-eng"
text: "Data quality check on {{table_name}}: Total={{run-quality-query.total}}, Missing IDs={{run-quality-query.missing_ids}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/data-engineering/channels/clinical/messages"
operations:
- name: post-quality-report
method: POST
Snowflake Data Pipeline Health Monitor
▼
data-analytics snowflake datadog jira monitoring
Checks Snowflake query performance and pipeline task status, raises a Datadog alert for any failing tasks, and creates a Jira incident ticket.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Health Monitor"
description: "Checks Snowflake query performance and pipeline task status, raises a Datadog alert for any failing tasks, and creates a Jira incident ticket."
tags:
- data-analytics
- snowflake
- datadog
- jira
- monitoring
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: monitor-pipeline-health
description: "Given a Snowflake account and task name, retrieve the task execution history, raise a Datadog alert for failures, and create a Jira incident for any failed runs."
inputParameters:
- name: task_name
in: body
type: string
description: "The Snowflake task name to check execution history for."
- name: account_identifier
in: body
type: string
description: "The Snowflake account identifier, e.g. gilead.us-east-1."
steps:
- name: get-task-history
type: call
call: snowflake.get-task-history
with:
task_name: "{{task_name}}"
- name: raise-dd-alert
type: call
call: datadog.create-event
with:
title: "Snowflake task failure: {{task_name}}"
text: "Task {{task_name}} failed. Last run: {{get-task-history.last_run_state}}"
alert_type: "error"
- name: open-jira-incident
type: call
call: jira.create-data-incident
with:
project_key: "DATA"
summary: "Snowflake task failure: {{task_name}}"
description: "Account: {{account_identifier}}\nTask: {{task_name}}\nState: {{get-task-history.last_run_state}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/GILEAD_DB/schemas/PIPELINES/tasks/{{task_name}}/executeHistory"
inputParameters:
- name: task_name
in: path
operations:
- name: get-task-history
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-data-incident
method: POST
Stability Study Monitoring Orchestration
▼
quality rd snowflake microsoft-teams
Monitors drug product stability studies by checking timepoint results and notifying the stability team.
naftiko: "0.5"
info:
label: "Stability Study Monitoring Orchestration"
description: "Monitors drug product stability studies by checking timepoint results and notifying the stability team."
tags:
- quality
- rd
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: stability-monitoring
port: 8080
tools:
- name: check-stability
description: "Given protocol ID and timepoint, check results and notify. Use for stability timepoint reviews."
inputParameters:
- name: protocol_id
in: body
type: string
description: "Stability protocol ID."
- name: timepoint
in: body
type: string
description: "Timepoint in months."
steps:
- name: get-results
type: call
call: snowflake.execute-query
with:
query_name: "stability_results"
params: "{{protocol_id}},{{timepoint}}"
- name: check-trends
type: call
call: snowflake.execute-query
with:
query_name: "stability_trends"
params: "{{protocol_id}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "stability"
text: "Stability {{protocol_id}} T={{timepoint}}mo: All pass: {{get-results.all_pass}}. Trend: {{check-trends.trend_flag}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Supplier Quality Scorecard Generation
▼
quality procurement sap servicenow snowflake
Generates a supplier quality scorecard pulling rejection rates, audit findings, and delivery performance.
naftiko: "0.5"
info:
label: "Supplier Quality Scorecard Generation"
description: "Generates a supplier quality scorecard pulling rejection rates, audit findings, and delivery performance."
tags:
- quality
- procurement
- sap
- servicenow
- snowflake
capability:
exposes:
- type: mcp
namespace: supplier-quality
port: 8080
tools:
- name: generate-supplier-scorecard
description: "Given a supplier ID, gather quality data and calculate scorecard. Use when procurement evaluates suppliers."
inputParameters:
- name: supplier_id
in: body
type: string
description: "SAP vendor number."
steps:
- name: get-rejections
type: call
call: sap-erp.get-supplier-rejections
with:
vendor_id: "{{supplier_id}}"
- name: get-audits
type: call
call: servicenow.query-supplier-audits
with:
supplier_id: "{{supplier_id}}"
- name: calculate
type: call
call: snowflake.execute-query
with:
query_name: "supplier_scorecard"
params: "{{supplier_id}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_VENDOR_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: rejections
path: "/A_VendorRejection(Vendor='{{vendor_id}}')"
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-supplier-rejections
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: audits
path: "/table/u_supplier_audit"
operations:
- name: query-supplier-audits
method: GET
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Supply Chain Disruption Response Orchestration
▼
supply-chain procurement sap servicenow microsoft-teams
Identifies impacted POs, creates sourcing tasks, and notifies procurement when a supply disruption occurs.
naftiko: "0.5"
info:
label: "Supply Chain Disruption Response Orchestration"
description: "Identifies impacted POs, creates sourcing tasks, and notifies procurement when a supply disruption occurs."
tags:
- supply-chain
- procurement
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: supply-disruption
port: 8080
tools:
- name: respond-to-disruption
description: "Given supplier ID and disruption type, identify impacted POs, create tasks, and alert. Use for supply disruptions."
inputParameters:
- name: supplier_id
in: body
type: string
description: "SAP vendor number."
- name: disruption_type
in: body
type: string
description: "Disruption type."
steps:
- name: get-pos
type: call
call: sap-erp.query-open-pos
with:
vendor_id: "{{supplier_id}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Alt sourcing: {{disruption_type}} from {{supplier_id}}"
priority: "1"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "supply-chain"
text: "DISRUPTION: Vendor {{supplier_id}}. POs: {{get-pos.count}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: pos
path: "/A_PurchaseOrder"
operations:
- name: query-open-pos
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Tableau Quality Dashboard Refresh
▼
quality analytics tableau
Triggers a Tableau quality metrics dashboard refresh.
naftiko: "0.5"
info:
label: "Tableau Quality Dashboard Refresh"
description: "Triggers a Tableau quality metrics dashboard refresh."
tags:
- quality
- analytics
- tableau
capability:
exposes:
- type: mcp
namespace: quality-analytics
port: 8080
tools:
- name: refresh-quality-dashboard
description: "Given workbook name, trigger refresh. Use for quality metrics."
inputParameters:
- name: workbook_name
in: body
type: string
description: "Tableau workbook."
call: tableau.trigger-refresh
with:
workbook: "{{workbook_name}}"
outputParameters:
- name: job_id
type: string
mapping: "$.job.id"
consumes:
- type: http
namespace: tableau
baseUri: "https://gilead.online.tableau.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: workbooks
path: "/sites/{{site_id}}/workbooks/{{workbook}}/refresh"
inputParameters:
- name: workbook
in: path
operations:
- name: trigger-refresh
method: POST
Terraform Environment Provisioning Orchestration
▼
devops cloud terraform datadog servicenow microsoft-teams
Provisions a cloud environment with Terraform, configures monitoring, registers CMDB, and notifies DevOps.
naftiko: "0.5"
info:
label: "Terraform Environment Provisioning Orchestration"
description: "Provisions a cloud environment with Terraform, configures monitoring, registers CMDB, and notifies DevOps."
tags:
- devops
- cloud
- terraform
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: env-provisioning
port: 8080
tools:
- name: provision-environment
description: "Given environment name and workspace, provision infrastructure and notify. Use for new environments."
inputParameters:
- name: environment_name
in: body
type: string
description: "Environment name."
- name: workspace_id
in: body
type: string
description: "Terraform workspace ID."
steps:
- name: terraform
type: call
call: terraform.create-run
with:
workspace_id: "{{workspace_id}}"
message: "Provisioning {{environment_name}}"
- name: monitoring
type: call
call: datadog.create-monitor
with:
name: "{{environment_name}} health"
- name: cmdb
type: call
call: servicenow.create-ci
with:
name: "{{environment_name}}"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "devops"
text: "Environment {{environment_name}} provisioning started. Run: {{terraform.run_id}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/workspaces/{{workspace_id}}/runs"
inputParameters:
- name: workspace_id
in: path
operations:
- name: create-run
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor"
operations:
- name: create-monitor
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: create-ci
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Veeva Quality Event to Jira Tracker
▼
quality veeva jira microsoft-teams capa
When a quality event is logged in Veeva Vault QualityDocs, creates a corresponding Jira CAPA task and notifies the quality team in Microsoft Teams.
naftiko: "0.5"
info:
label: "Veeva Quality Event to Jira Tracker"
description: "When a quality event is logged in Veeva Vault QualityDocs, creates a corresponding Jira CAPA task and notifies the quality team in Microsoft Teams."
tags:
- quality
- veeva
- jira
- microsoft-teams
- capa
capability:
exposes:
- type: mcp
namespace: quality-ops
port: 8080
tools:
- name: create-capa-from-quality-event
description: "Given a Veeva Vault quality event ID, retrieve event details, create a Jira CAPA issue, and notify the quality team in Teams."
inputParameters:
- name: quality_event_id
in: body
type: string
description: "The Veeva Vault quality event record ID."
steps:
- name: get-quality-event
type: call
call: veeva.get-quality-event
with:
event_id: "{{quality_event_id}}"
- name: create-capa
type: call
call: jira.create-capa
with:
project_key: "QA"
summary: "CAPA: {{get-quality-event.title}}"
description: "Veeva Event ID: {{quality_event_id}}\nSeverity: {{get-quality-event.severity}}\nCategory: {{get-quality-event.category}}"
- name: notify-quality-team
type: call
call: msteams.notify-quality
with:
channel: "quality-ops"
text: "New CAPA created from Veeva quality event {{quality_event_id}}: {{create-capa.key}}"
consumes:
- type: http
namespace: veeva
baseUri: "https://gilead.veevavault.com/api/v23.1"
authentication:
type: bearer
token: "$secrets.veeva_token"
resources:
- name: quality-events
path: "/objects/quality_event__v/{{event_id}}"
inputParameters:
- name: event_id
in: path
operations:
- name: get-quality-event
method: GET
- type: http
namespace: jira
baseUri: "https://gilead.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-capa
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/quality/channels/general/messages"
operations:
- name: notify-quality
method: POST
Veeva Vault Document Retrieval
▼
regulatory quality veeva-vault
Retrieves a regulatory or quality document from Veeva Vault by document number.
naftiko: "0.5"
info:
label: "Veeva Vault Document Retrieval"
description: "Retrieves a regulatory or quality document from Veeva Vault by document number."
tags:
- regulatory
- quality
- veeva-vault
capability:
exposes:
- type: mcp
namespace: vault-documents
port: 8080
tools:
- name: get-vault-document
description: "Given a document number, return metadata, version, and lifecycle state. Use for regulated document retrieval."
inputParameters:
- name: document_number
in: body
type: string
description: "Veeva Vault document number."
call: veeva-vault.get-document
with:
doc_number: "{{document_number}}"
outputParameters:
- name: title
type: string
mapping: "$.data.name__v"
- name: version
type: string
mapping: "$.data.major_version_number__v"
- name: lifecycle_state
type: string
mapping: "$.data.status__v"
consumes:
- type: http
namespace: veeva-vault
baseUri: "https://gilead-regulatory.veevavault.com/api/v24.1"
authentication:
type: bearer
token: "$secrets.veeva_vault_token"
resources:
- name: documents
path: "/objects/documents/{{doc_number}}"
inputParameters:
- name: doc_number
in: path
operations:
- name: get-document
method: GET
Veeva Vault Document Version Tracker
▼
regulatory compliance veeva reporting
Retrieves the latest version and audit trail of a regulatory document from Veeva Vault for compliance tracking.
naftiko: "0.5"
info:
label: "Veeva Vault Document Version Tracker"
description: "Retrieves the latest version and audit trail of a regulatory document from Veeva Vault for compliance tracking."
tags:
- regulatory
- compliance
- veeva
- reporting
capability:
exposes:
- type: mcp
namespace: veeva-docs
port: 8080
tools:
- name: get-document-version
description: "Given a Veeva Vault document ID, return the current version, status, and last-modified audit trail for compliance reporting."
inputParameters:
- name: document_id
in: body
type: string
description: "The Veeva Vault document ID to look up."
call: veeva.get-document
with:
document_id: "{{document_id}}"
outputParameters:
- name: version
type: string
mapping: "$.data[0].major_version_number__v"
- name: status
type: string
mapping: "$.data[0].status__v"
- name: modified_date
type: string
mapping: "$.data[0].modified_date__v"
- name: modified_by
type: string
mapping: "$.data[0].modified_by__v"
consumes:
- type: http
namespace: veeva
baseUri: "https://gilead.veevavault.com/api/v23.1"
authentication:
type: bearer
token: "$secrets.veeva_token"
resources:
- name: documents
path: "/objects/documents/{{document_id}}"
inputParameters:
- name: document_id
in: path
operations:
- name: get-document
method: GET
Vendor Risk Assessment Orchestration
▼
procurement compliance sap servicenow snowflake
Performs vendor risk assessment by querying financials, compliance, and calculating risk score.
naftiko: "0.5"
info:
label: "Vendor Risk Assessment Orchestration"
description: "Performs vendor risk assessment by querying financials, compliance, and calculating risk score."
tags:
- procurement
- compliance
- sap
- servicenow
- snowflake
capability:
exposes:
- type: mcp
namespace: vendor-risk
port: 8080
tools:
- name: assess-vendor-risk
description: "Given vendor ID, collect data and calculate risk. Use for vendor evaluation."
inputParameters:
- name: vendor_id
in: body
type: string
description: "SAP vendor number."
steps:
- name: get-financials
type: call
call: sap-erp.get-vendor-master
with:
vendor_id: "{{vendor_id}}"
- name: get-compliance
type: call
call: servicenow.query-vendor-compliance
with:
vendor_id: "{{vendor_id}}"
- name: score
type: call
call: snowflake.execute-query
with:
query_name: "vendor_risk_score"
params: "{{vendor_id}}"
consumes:
- type: http
namespace: sap-erp
baseUri: "https://gilead-s4.sap.com/sap/opu/odata/sap/MM_VENDOR_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: vendors
path: "/A_Vendor('{{vendor_id}}')"
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-vendor-master
method: GET
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: compliance
path: "/table/u_vendor_compliance"
operations:
- name: query-vendor-compliance
method: GET
- type: http
namespace: snowflake
baseUri: "https://gilead.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Workday Benefits Enrollment Status
▼
hr benefits workday
Retrieves employee benefits enrollment status.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Status"
description: "Retrieves employee benefits enrollment status."
tags:
- hr
- benefits
- workday
capability:
exposes:
- type: mcp
namespace: benefits
port: 8080
tools:
- name: get-benefits
description: "Given worker ID, return benefits elections. Use to check benefits."
inputParameters:
- name: worker_id
in: body
type: string
description: "Worker ID."
call: workday.get-benefits
with:
worker_id: "{{worker_id}}"
outputParameters:
- name: medical_plan
type: string
mapping: "$.data.medical_plan"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: benefits
path: "/workers/{{worker_id}}/benefits"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-benefits
method: GET
Workday Compensation Review Orchestration
▼
hr finance workday servicenow microsoft-teams
Launches compensation review by pulling performance data, generating recommendations, and notifying managers.
naftiko: "0.5"
info:
label: "Workday Compensation Review Orchestration"
description: "Launches compensation review by pulling performance data, generating recommendations, and notifying managers."
tags:
- hr
- finance
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: comp-review
port: 8080
tools:
- name: launch-comp-review
description: "Given department and cycle, pull performance, generate recs, and notify. Use for annual comp reviews."
inputParameters:
- name: department_code
in: body
type: string
description: "Department code."
- name: cycle_name
in: body
type: string
description: "Cycle name."
steps:
- name: get-performance
type: call
call: workday.get-performance-ratings
with:
department: "{{department_code}}"
- name: generate-recs
type: call
call: workday.create-comp-recommendations
with:
department: "{{department_code}}"
cycle: "{{cycle_name}}"
- name: create-task
type: call
call: servicenow.create-task
with:
short_description: "Comp review: {{department_code}}"
assigned_group: "HR_Compensation"
- name: notify
type: call
call: msteams.send-message
with:
channel_id: "hr-comp"
text: "Comp review '{{cycle_name}}' launched for {{department_code}}. Task: {{create-task.number}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: performance
path: "/performance/ratings"
operations:
- name: get-performance-ratings
method: GET
- name: compensation
path: "/compensation/recommendations"
operations:
- name: create-comp-recommendations
method: POST
- type: http
namespace: servicenow
baseUri: "https://gilead.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msteams_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/general/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Workday Employee Profile Lookup
▼
hr workday
Retrieves an employee profile from Workday by worker ID.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves an employee profile from Workday by worker ID."
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: hr-profile
port: 8080
tools:
- name: get-employee-profile
description: "Given a worker ID, return name, department, title, and location. Use when HR needs employee details."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
call: workday.get-worker
with:
worker_id: "{{worker_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.data.full_name"
- name: department
type: string
mapping: "$.data.department"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Workday Open Requisition Report
▼
hr recruiting workday
Retrieves open job requisitions from Workday by department.
naftiko: "0.5"
info:
label: "Workday Open Requisition Report"
description: "Retrieves open job requisitions from Workday by department."
tags:
- hr
- recruiting
- workday
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: get-open-reqs
description: "Given department, return open requisition count. Use for recruiting visibility."
inputParameters:
- name: department_code
in: body
type: string
description: "Department code."
call: workday.get-requisitions
with:
department: "{{department_code}}"
outputParameters:
- name: open_count
type: integer
mapping: "$.data.total"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: requisitions
path: "/recruiting/requisitions"
operations:
- name: get-requisitions
method: GET
Workday Performance Review Cycle Launcher
▼
hr performance-management workday microsoft-teams
Initiates the annual performance review cycle in Workday by creating review tasks for all active employees and notifying managers in Microsoft Teams.
naftiko: "0.5"
info:
label: "Workday Performance Review Cycle Launcher"
description: "Initiates the annual performance review cycle in Workday by creating review tasks for all active employees and notifying managers in Microsoft Teams."
tags:
- hr
- performance-management
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-performance
port: 8080
tools:
- name: launch-review-cycle
description: "Given a review cycle name and due date, create performance review tasks in Workday for all active employees and send manager notifications via Teams."
inputParameters:
- name: cycle_name
in: body
type: string
description: "The performance review cycle name, e.g. 2026 Annual Review."
- name: due_date
in: body
type: string
description: "Due date for review completion in YYYY-MM-DD format."
steps:
- name: create-review-cycle
type: call
call: workday.create-review-event
with:
cycle_name: "{{cycle_name}}"
due_date: "{{due_date}}"
- name: notify-managers
type: call
call: msteams.broadcast-review-launch
with:
channel: "people-managers"
text: "Performance review cycle '{{cycle_name}}' is now open. Completion due: {{due_date}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: review-events
path: "/gilead-sciences/performanceReviews"
operations:
- name: create-review-event
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/teams/hr/channels/managers/messages"
operations:
- name: broadcast-review-launch
method: POST
Workday Role Change and Access Provisioning
▼
hr identity workday okta salesforce access-management
When an employee changes role in Workday, updates their Okta group memberships and adjusts Salesforce profile permissions accordingly.
naftiko: "0.5"
info:
label: "Workday Role Change and Access Provisioning"
description: "When an employee changes role in Workday, updates their Okta group memberships and adjusts Salesforce profile permissions accordingly."
tags:
- hr
- identity
- workday
- okta
- salesforce
- access-management
capability:
exposes:
- type: mcp
namespace: hr-access
port: 8080
tools:
- name: sync-role-change
description: "Given a Workday employee ID, new job title, and new department, update Okta group memberships and Salesforce profile to match the new role."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID of the employee changing roles."
- name: okta_user_id
in: body
type: string
description: "The Okta user ID for group assignment updates."
- name: new_okta_group_id
in: body
type: string
description: "The new Okta group ID to assign based on the new role."
- name: salesforce_profile_id
in: body
type: string
description: "The Salesforce profile ID matching the new job function."
steps:
- name: assign-okta-group
type: call
call: okta.add-user-to-group
with:
user_id: "{{okta_user_id}}"
group_id: "{{new_okta_group_id}}"
- name: update-sf-profile
type: call
call: salesforce.update-user-profile
with:
workday_id: "{{workday_employee_id}}"
profile_id: "{{salesforce_profile_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://gilead.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_api_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_id}}/users/{{user_id}}"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: add-user-to-group
method: PUT
- type: http
namespace: salesforce
baseUri: "https://gilead.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/sobjects/User/{{workday_id}}"
inputParameters:
- name: workday_id
in: path
operations:
- name: update-user-profile
method: PATCH