Gusto Capabilities
Naftiko 0.5 capability definitions for Gusto - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Access Review Pipeline
▼
security access-management okta compliance
Reviews access at Gusto via Okta, IAM, and Jira.
naftiko: "0.5"
info:
label: "Access Review Pipeline"
description: "Reviews access at Gusto via Okta, IAM, and Jira."
tags:
- security
- access-management
- okta
- compliance
capability:
exposes:
- type: mcp
namespace: access-rev
port: 8080
tools:
- name: review
description: "Review access at Gusto."
inputParameters:
- name: dept
in: body
type: string
description: "Department."
steps:
- name: ent
type: call
call: "okta.get-users"
with:
dept: "{{dept}}"
- name: compare
type: call
call: "iam.compare"
with:
data: "{{ent.data}}"
- name: flag
type: call
call: "iam.flag"
with:
violations: "{{compare.violations}}"
- name: fix
type: call
call: "jira.create-issue"
with:
project: "IAM"
summary: "Violations in {{dept}}"
consumes:
- type: http
namespace: okta
baseUri: "https://gusto.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: get-users
method: GET
- type: http
namespace: iam
baseUri: "https://iam.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.iam_token"
resources:
- name: reviews
path: "/compare"
operations:
- name: compare
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Amazon Redshift Analytics Query
▼
data-analytics amazon-redshift
Executes a SQL query against Gusto's Amazon Redshift cluster for historical payroll analytics and large-scale data processing.
naftiko: "0.5"
info:
label: "Amazon Redshift Analytics Query"
description: "Executes a SQL query against Gusto's Amazon Redshift cluster for historical payroll analytics and large-scale data processing."
tags:
- data-analytics
- amazon-redshift
capability:
exposes:
- type: mcp
namespace: redshift-analytics
port: 8080
tools:
- name: run-redshift-query
description: "Execute a SQL query against Amazon Redshift."
inputParameters:
- name: sql_statement
in: body
type: string
description: "The SQL query."
- name: database
in: body
type: string
description: "The Redshift database name."
call: "redshift.execute-statement"
with:
sql: "{{sql_statement}}"
database: "{{database}}"
consumes:
- type: http
namespace: redshift
baseUri: "https://redshift-data.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_redshift_token"
resources:
- name: statements
path: "/"
operations:
- name: execute-statement
method: POST
API Deprecation Pipeline
▼
api-management communications governance
Manages API deprecation at Gusto via consumer identification, notices, and tracking.
naftiko: "0.5"
info:
label: "API Deprecation Pipeline"
description: "Manages API deprecation at Gusto via consumer identification, notices, and tracking."
tags:
- api-management
- communications
- governance
capability:
exposes:
- type: mcp
namespace: api-sunset
port: 8080
tools:
- name: notify-sunset
description: "Manage API sunset at Gusto."
inputParameters:
- name: api
in: body
type: string
description: "API name."
- name: date
in: body
type: string
description: "Sunset date."
steps:
- name: consumers
type: call
call: "api-gw.consumers"
with:
api: "{{api}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{consumers.emails}}"
subject: "{{api}} sunset: {{date}}"
- name: track
type: call
call: "analytics.usage"
with:
api: "{{api}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "API"
summary: "Sunset {{api}} by {{date}}"
consumes:
- type: http
namespace: api-gw
baseUri: "https://api-gw.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.api_gw_token"
resources:
- name: consumers
path: "/apis/{{api}}/consumers"
inputParameters:
- name: api
in: path
operations:
- name: consumers
method: GET
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: usage
path: "/api-usage"
operations:
- name: usage
method: GET
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
ArgoCD Sync Status
▼
devops argocd gitops
Checks ArgoCD sync at Gusto.
naftiko: "0.5"
info:
label: "ArgoCD Sync Status"
description: "Checks ArgoCD sync at Gusto."
tags:
- devops
- argocd
- gitops
capability:
exposes:
- type: mcp
namespace: argocd
port: 8080
tools:
- name: check-sync
description: "Check ArgoCD at Gusto."
inputParameters:
- name: app
in: body
type: string
description: "App name."
call: "argocd.get-app"
with:
name: "{{app}}"
outputParameters:
- name: sync
type: string
mapping: "$.status.sync.status"
consumes:
- type: http
namespace: argocd
baseUri: "https://argocd.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.argocd_token"
resources:
- name: apps
path: "/applications/{{name}}"
inputParameters:
- name: name
in: path
operations:
- name: get-app
method: GET
Asana Project Status
▼
project-management asana
Retrieves an Asana project's current status including task counts, completion percentage, and milestone dates for cross-functional project tracking.
naftiko: "0.5"
info:
label: "Asana Project Status"
description: "Retrieves an Asana project's current status including task counts, completion percentage, and milestone dates for cross-functional project tracking."
tags:
- project-management
- asana
capability:
exposes:
- type: mcp
namespace: project-mgmt
port: 8080
tools:
- name: get-project-status
description: "Look up an Asana project by ID. Returns task counts, completion rate, and due date."
inputParameters:
- name: project_id
in: body
type: string
description: "The Asana project ID."
call: "asana.get-project"
with:
project_id: "{{project_id}}"
consumes:
- type: http
namespace: asana
baseUri: "https://app.asana.com/api/1.0"
authentication:
type: bearer
token: "$secrets.asana_token"
resources:
- name: projects
path: "/projects/{{project_id}}"
inputParameters:
- name: project_id
in: path
operations:
- name: get-project
method: GET
AWS Cost Summary
▼
infrastructure cloud amazon-web-services
Retrieves AWS cost and usage summary for Gusto's cloud infrastructure by service and time period.
naftiko: "0.5"
info:
label: "AWS Cost Summary"
description: "Retrieves AWS cost and usage summary for Gusto's cloud infrastructure by service and time period."
tags:
- infrastructure
- cloud
- amazon-web-services
capability:
exposes:
- type: mcp
namespace: cloud-cost
port: 8080
tools:
- name: get-aws-cost
description: "Retrieve AWS cost summary for a date range."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
call: "aws.get-cost-and-usage"
with:
start: "{{start_date}}"
end: "{{end_date}}"
consumes:
- type: http
namespace: aws
baseUri: "https://ce.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_ce_token"
resources:
- name: cost
path: "/"
operations:
- name: get-cost-and-usage
method: POST
S3 Bucket Stats
▼
storage aws s3
Checks S3 bucket at Gusto.
naftiko: "0.5"
info:
label: "S3 Bucket Stats"
description: "Checks S3 bucket at Gusto."
tags:
- storage
- aws
- s3
capability:
exposes:
- type: mcp
namespace: s3-stats
port: 8080
tools:
- name: get-bucket
description: "Get bucket stats at Gusto."
inputParameters:
- name: bucket
in: body
type: string
description: "Bucket."
call: "s3.get-stats"
with:
bucket: "{{bucket}}"
outputParameters:
- name: objects
type: number
mapping: "$.NumberOfObjects"
consumes:
- type: http
namespace: s3
baseUri: "https://s3.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: buckets
path: "/{{bucket}}?metrics"
inputParameters:
- name: bucket
in: path
operations:
- name: get-stats
method: GET
Azure DevOps Build Check
▼
devops azure-devops ci-cd
Checks build at Gusto.
naftiko: "0.5"
info:
label: "Azure DevOps Build Check"
description: "Checks build at Gusto."
tags:
- devops
- azure-devops
- ci-cd
capability:
exposes:
- type: mcp
namespace: azdo-build
port: 8080
tools:
- name: check-build
description: "Check build at Gusto."
inputParameters:
- name: project
in: body
type: string
description: "Project."
- name: build_id
in: body
type: string
description: "Build ID."
call: "azdo.get-build"
with:
project: "{{project}}"
build_id: "{{build_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/gusto.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: builds
path: "/{{project}}/_apis/build/builds/{{build_id}}"
inputParameters:
- name: project
in: path
- name: build_id
in: path
operations:
- name: get-build
method: GET
Azure Resource Health
▼
cloud azure infrastructure
Checks Azure resource at Gusto.
naftiko: "0.5"
info:
label: "Azure Resource Health"
description: "Checks Azure resource at Gusto."
tags:
- cloud
- azure
- infrastructure
capability:
exposes:
- type: mcp
namespace: az-health
port: 8080
tools:
- name: check-resource
description: "Check resource at Gusto."
inputParameters:
- name: resource_id
in: body
type: string
description: "Resource ID."
call: "azure.get-health"
with:
id: "{{resource_id}}"
outputParameters:
- name: state
type: string
mapping: "$.properties.availabilityState"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: health
path: "/{{id}}/providers/Microsoft.ResourceHealth/availabilityStatuses/current"
inputParameters:
- name: id
in: path
operations:
- name: get-health
method: GET
Backup Verification Pipeline
▼
database backup operations
Verifies backups at Gusto.
naftiko: "0.5"
info:
label: "Backup Verification Pipeline"
description: "Verifies backups at Gusto."
tags:
- database
- backup
- operations
capability:
exposes:
- type: mcp
namespace: backup-verify
port: 8080
tools:
- name: verify-backups
description: "Verify backups at Gusto."
inputParameters:
- name: db
in: body
type: string
description: "Database."
- name: date
in: body
type: string
description: "Backup date."
steps:
- name: status
type: call
call: "backup.get-status"
with:
db: "{{db}}"
date: "{{date}}"
- name: verify
type: call
call: "backup.verify"
with:
id: "{{status.backup_id}}"
- name: log
type: call
call: "snowflake.query"
with:
query: "INSERT INTO backup_log VALUES ('{{db}}','{{date}}','{{verify.status}}')"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#dba"
text: "Backup {{db}}: {{verify.status}}"
consumes:
- type: http
namespace: backup
baseUri: "https://backup.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.backup_token"
resources:
- name: backups
path: "/databases/{{db}}/status"
inputParameters:
- name: db
in: path
operations:
- name: get-status
method: GET
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Benefits Enrollment Status
▼
benefits salesforce
Retrieves an employee's benefits enrollment status from Salesforce, returning active plans, coverage levels, dependents, and enrollment period.
naftiko: "0.5"
info:
label: "Benefits Enrollment Status"
description: "Retrieves an employee's benefits enrollment status from Salesforce, returning active plans, coverage levels, dependents, and enrollment period."
tags:
- benefits
- salesforce
capability:
exposes:
- type: mcp
namespace: benefits
port: 8080
tools:
- name: get-enrollment-status
description: "Look up an employee's benefits enrollment. Returns active plans, coverage, and dependents."
inputParameters:
- name: employee_id
in: body
type: string
description: "The employee identifier."
call: "salesforce.get-enrollment"
with:
employee_id: "{{employee_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: enrollments
path: "/query?q=SELECT+Id,Plan__c,CoverageLevel__c,Dependents__c,Status__c+FROM+BenefitsEnrollment__c+WHERE+EmployeeId__c='{{employee_id}}'"
inputParameters:
- name: employee_id
in: query
operations:
- name: get-enrollment
method: GET
Budget Variance Pipeline
▼
finance budget oracle workday
Analyzes budget variance at Gusto via Oracle, Workday, and Slack.
naftiko: "0.5"
info:
label: "Budget Variance Pipeline"
description: "Analyzes budget variance at Gusto via Oracle, Workday, and Slack."
tags:
- finance
- budget
- oracle
- workday
capability:
exposes:
- type: mcp
namespace: budget-var
port: 8080
tools:
- name: analyze-variance
description: "Check budget variance at Gusto."
inputParameters:
- name: cc
in: body
type: string
description: "Cost center."
- name: period
in: body
type: string
description: "Period."
steps:
- name: actuals
type: call
call: "oracle.get-actuals"
with:
cc: "{{cc}}"
period: "{{period}}"
- name: budget
type: call
call: "workday.get-budget"
with:
cc: "{{cc}}"
- name: compute
type: call
call: "analytics.variance"
with:
a: "{{actuals.total}}"
b: "{{budget.total}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Variance {{cc}}: ${{compute.variance}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/actuals"
operations:
- name: get-actuals
method: GET
- type: http
namespace: workday
baseUri: "https://wd5.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: budgets
path: "/budgets"
operations:
- name: get-budget
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: var
path: "/compute"
operations:
- name: variance
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Capacity Planning Pipeline
▼
infrastructure capacity-planning forecasting
Plans capacity at Gusto by collecting utilization and forecasting.
naftiko: "0.5"
info:
label: "Capacity Planning Pipeline"
description: "Plans capacity at Gusto by collecting utilization and forecasting."
tags:
- infrastructure
- capacity-planning
- forecasting
capability:
exposes:
- type: mcp
namespace: capacity
port: 8080
tools:
- name: plan-capacity
description: "Plan capacity at Gusto."
inputParameters:
- name: resource
in: body
type: string
description: "Resource type."
- name: months
in: body
type: number
description: "Forecast months."
steps:
- name: util
type: call
call: "monitoring.get-util"
with:
resource: "{{resource}}"
- name: forecast
type: call
call: "analytics.forecast"
with:
current: "{{util.pct}}"
months: "{{months}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "capacity"
resource: "{{resource}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "capacity"
consumes:
- type: http
namespace: monitoring
baseUri: "https://monitoring.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: util
path: "/resources/{{resource}}/util"
inputParameters:
- name: resource
in: path
operations:
- name: get-util
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: forecast
path: "/demand"
operations:
- name: forecast
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Certificate Expiry Pipeline
▼
security certificates monitoring
Monitors cert expiry at Gusto.
naftiko: "0.5"
info:
label: "Certificate Expiry Pipeline"
description: "Monitors cert expiry at Gusto."
tags:
- security
- certificates
- monitoring
capability:
exposes:
- type: mcp
namespace: cert-monitor
port: 8080
tools:
- name: check-certs
description: "Monitor certs at Gusto."
inputParameters:
- name: domains
in: body
type: string
description: "Domains to check."
steps:
- name: scan
type: call
call: "cert-scanner.scan"
with:
domains: "{{domains}}"
- name: filter
type: call
call: "analytics.filter-expiring"
with:
certs: "{{scan.results}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "{{filter.count}} certs expiring"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Cert alert: {{filter.count}} expiring"
consumes:
- type: http
namespace: cert-scanner
baseUri: "https://certs.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.cert_token"
resources:
- name: scans
path: "/scan"
operations:
- name: scan
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Change Management Pipeline
▼
change-management servicenow itil
Routes changes at Gusto through ServiceNow and CAB approval.
naftiko: "0.5"
info:
label: "Change Management Pipeline"
description: "Routes changes at Gusto through ServiceNow and CAB approval."
tags:
- change-management
- servicenow
- itil
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: process-change
description: "Process changes at Gusto."
inputParameters:
- name: change_id
in: body
type: string
description: "Change ID."
- name: date
in: body
type: string
description: "Date."
steps:
- name: get
type: call
call: "servicenow.get-change"
with:
id: "{{change_id}}"
- name: conflicts
type: call
call: "servicenow.check-conflicts"
with:
date: "{{date}}"
- name: submit
type: call
call: "servicenow.update"
with:
id: "{{change_id}}"
state: "approval"
- name: notify
type: call
call: "email.send"
with:
to: "cab@co.com"
subject: "CAB: {{change_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-change
method: GET
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Cloud Cost Optimization Pipeline
▼
cloud cost-management finops
Optimizes cloud costs at Gusto via Azure, FinOps, Jira, and Power BI.
naftiko: "0.5"
info:
label: "Cloud Cost Optimization Pipeline"
description: "Optimizes cloud costs at Gusto via Azure, FinOps, Jira, and Power BI."
tags:
- cloud
- cost-management
- finops
capability:
exposes:
- type: mcp
namespace: cloud-opt
port: 8080
tools:
- name: optimize
description: "Optimize cloud costs at Gusto."
inputParameters:
- name: provider
in: body
type: string
description: "Provider."
- name: range
in: body
type: string
description: "Range."
steps:
- name: spend
type: call
call: "cloud.get-costs"
with:
provider: "{{provider}}"
range: "{{range}}"
- name: savings
type: call
call: "finops.analyze"
with:
data: "{{spend.data}}"
- name: action
type: call
call: "jira.create-issue"
with:
project: "FINOPS"
summary: "Save ${{savings.potential}}"
- name: report
type: call
call: "power-bi.refresh"
with:
dataset: "cloud"
consumes:
- type: http
namespace: cloud
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: costs
path: "/providers/Microsoft.CostManagement/query"
operations:
- name: get-costs
method: POST
- type: http
namespace: finops
baseUri: "https://finops.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.finops_token"
resources:
- name: analysis
path: "/savings"
operations:
- name: analyze
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
CloudWatch Alarm Check
▼
monitoring aws cloudwatch
Checks CloudWatch alarm at Gusto.
naftiko: "0.5"
info:
label: "CloudWatch Alarm Check"
description: "Checks CloudWatch alarm at Gusto."
tags:
- monitoring
- aws
- cloudwatch
capability:
exposes:
- type: mcp
namespace: cw-alarm
port: 8080
tools:
- name: check-alarm
description: "Check alarm at Gusto."
inputParameters:
- name: alarm
in: body
type: string
description: "Alarm name."
call: "cw.describe-alarm"
with:
alarm: "{{alarm}}"
outputParameters:
- name: state
type: string
mapping: "$.MetricAlarms[0].StateValue"
consumes:
- type: http
namespace: cw
baseUri: "https://monitoring.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: alarms
path: "/"
operations:
- name: describe-alarm
method: GET
Compliance Regulatory Update Pipeline
▼
compliance regulatory confluence jira gmail slack
When a new payroll regulation is published, documents the change in Confluence, creates an implementation task in Jira, sends an advisory to affected customers via Gmail, and notifies the compliance team in Slack.
naftiko: "0.5"
info:
label: "Compliance Regulatory Update Pipeline"
description: "When a new payroll regulation is published, documents the change in Confluence, creates an implementation task in Jira, sends an advisory to affected customers via Gmail, and notifies the compliance team in Slack."
tags:
- compliance
- regulatory
- confluence
- jira
- gmail
- slack
capability:
exposes:
- type: mcp
namespace: regulatory-updates
port: 8080
tools:
- name: process-regulatory-update
description: "Given regulatory change details, document in Confluence, create Jira task, notify customers, and alert compliance."
inputParameters:
- name: regulation_title
in: body
type: string
description: "Title of the regulatory change."
- name: affected_states
in: body
type: string
description: "Comma-separated list of affected states."
- name: effective_date
in: body
type: string
description: "Effective date of the change."
- name: summary
in: body
type: string
description: "Summary of the regulatory change."
steps:
- name: document-change
type: call
call: "confluence.create-page"
with:
space_key: "COMPLY"
title: "Regulatory Update: {{regulation_title}}"
body: "Title: {{regulation_title}}. States: {{affected_states}}. Effective: {{effective_date}}. Summary: {{summary}}."
- name: create-implementation-task
type: call
call: "jira.create-issue"
with:
project: "COMPLY"
summary: "Implement: {{regulation_title}}"
description: "Regulatory change: {{regulation_title}}. Affected states: {{affected_states}}. Effective date: {{effective_date}}. Confluence: {{document-change.url}}."
issue_type: "Task"
due_date: "{{effective_date}}"
- name: notify-customers
type: call
call: "gmail.send-email"
with:
to: "compliance-advisories@gusto.com"
subject: "Payroll Compliance Update: {{regulation_title}}"
body: "A new regulatory change affecting {{affected_states}} takes effect {{effective_date}}. {{summary}}. No action needed — Gusto will update your payroll automatically."
- name: alert-compliance
type: call
call: "slack.post-message"
with:
channel: "compliance-team"
text: "New regulation: {{regulation_title}}. States: {{affected_states}}. Effective: {{effective_date}}. Jira: {{create-implementation-task.key}}. Docs: {{document-change.url}}."
consumes:
- type: http
namespace: confluence
baseUri: "https://gusto.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: gmail
baseUri: "https://gmail.googleapis.com/gmail/v1"
authentication:
type: bearer
token: "$secrets.gmail_token"
resources:
- name: messages
path: "/users/me/messages/send"
operations:
- name: send-email
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Confluence Article Search
▼
knowledge-management confluence documentation
Searches Confluence at Gusto.
naftiko: "0.5"
info:
label: "Confluence Article Search"
description: "Searches Confluence at Gusto."
tags:
- knowledge-management
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: confluence-search
port: 8080
tools:
- name: search-articles
description: "Search Confluence at Gusto."
inputParameters:
- name: query
in: body
type: string
description: "Query."
call: "confluence.search"
with:
query: "{{query}}"
outputParameters:
- name: title
type: string
mapping: "$.results[0].title"
consumes:
- type: http
namespace: confluence
baseUri: "https://gusto.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search
method: GET
Confluence Knowledge Base Search
▼
knowledge-management confluence
Searches Gusto's Confluence knowledge base by keyword, returning matching pages for engineering docs, compliance guides, and product specs.
naftiko: "0.5"
info:
label: "Confluence Knowledge Base Search"
description: "Searches Gusto's Confluence knowledge base by keyword, returning matching pages for engineering docs, compliance guides, and product specs."
tags:
- knowledge-management
- confluence
capability:
exposes:
- type: mcp
namespace: knowledge-base
port: 8080
tools:
- name: search-kb
description: "Search Confluence by keyword."
inputParameters:
- name: query
in: body
type: string
description: "Search keyword."
call: "confluence.search"
with:
cql: "text~\"{{query}}\""
consumes:
- type: http
namespace: confluence
baseUri: "https://gusto.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: search
path: "/search"
operations:
- name: search
method: GET
Contract Renewal Pipeline
▼
procurement contracts salesforce jira
Tracks contract renewals at Gusto via contracts system, email, Jira, and Salesforce.
naftiko: "0.5"
info:
label: "Contract Renewal Pipeline"
description: "Tracks contract renewals at Gusto via contracts system, email, Jira, and Salesforce."
tags:
- procurement
- contracts
- salesforce
- jira
capability:
exposes:
- type: mcp
namespace: contract-renew
port: 8080
tools:
- name: track
description: "Track renewals at Gusto."
inputParameters:
- name: contract_id
in: body
type: string
description: "Contract ID."
- name: owner
in: body
type: string
description: "Owner email."
steps:
- name: get
type: call
call: "contracts.get"
with:
id: "{{contract_id}}"
- name: remind
type: call
call: "email.send"
with:
to: "{{owner}}"
subject: "Renewal: {{contract_id}}"
- name: task
type: call
call: "jira.create-issue"
with:
project: "PROC"
summary: "Renew {{contract_id}}"
- name: crm
type: call
call: "salesforce.update"
with:
id: "{{contract_id}}"
stage: "Renewal"
consumes:
- type: http
namespace: contracts
baseUri: "https://contracts.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.contracts_token"
resources:
- name: contracts
path: "/contracts/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: salesforce
baseUri: "https://gusto.com.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opps
path: "/sobjects/Opportunity"
operations:
- name: update
method: PATCH
Cost Reallocation Pipeline
▼
finance cost-allocation oracle
Reallocates costs at Gusto.
naftiko: "0.5"
info:
label: "Cost Reallocation Pipeline"
description: "Reallocates costs at Gusto."
tags:
- finance
- cost-allocation
- oracle
capability:
exposes:
- type: mcp
namespace: cost-realloc
port: 8080
tools:
- name: reallocate
description: "Reallocate costs at Gusto."
inputParameters:
- name: source
in: body
type: string
description: "Source CC."
- name: target
in: body
type: string
description: "Target CC."
- name: amount
in: body
type: number
description: "Amount."
steps:
- name: current
type: call
call: "oracle.get-alloc"
with:
cc: "{{source}}"
- name: compute
type: call
call: "analytics.realloc"
with:
source: "{{source}}"
target: "{{target}}"
amount: "{{amount}}"
- name: post
type: call
call: "oracle.post-journal"
with:
entries: "{{compute.entries}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Reallocated ${{amount}} from {{source}} to {{target}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: allocations
path: "/cost-centers/{{cc}}/allocations"
inputParameters:
- name: cc
in: path
operations:
- name: get-alloc
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: realloc
path: "/compute"
operations:
- name: realloc
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Customer Churn Risk Alert Pipeline
▼
customer-success churn snowflake salesforce hubspot gainsight slack
When Snowflake analytics flags a customer at churn risk, retrieves their account from Salesforce, creates a retention campaign in HubSpot, assigns a Gainsight health check, and alerts the customer success team in Slack.
naftiko: "0.5"
info:
label: "Customer Churn Risk Alert Pipeline"
description: "When Snowflake analytics flags a customer at churn risk, retrieves their account from Salesforce, creates a retention campaign in HubSpot, assigns a Gainsight health check, and alerts the customer success team in Slack."
tags:
- customer-success
- churn
- snowflake
- salesforce
- hubspot
- gainsight
- slack
capability:
exposes:
- type: mcp
namespace: churn-prevention
port: 8080
tools:
- name: process-churn-alert
description: "Given a customer account ID and risk score, retrieve account, create retention campaign, assign health check, and alert CSM."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID."
- name: risk_score
in: body
type: number
description: "The churn risk score (0-100)."
- name: risk_factors
in: body
type: string
description: "Comma-separated risk factors identified."
steps:
- name: get-account
type: call
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
- name: create-retention-campaign
type: call
call: "hubspot.create-campaign"
with:
name: "Retention: {{get-account.Name}}"
contact_email: "{{get-account.PrimaryEmail}}"
- name: assign-health-check
type: call
call: "gainsight.create-cta"
with:
account_id: "{{account_id}}"
reason: "Churn risk score: {{risk_score}}. Factors: {{risk_factors}}"
type: "Risk"
- name: alert-csm
type: call
call: "slack.post-message"
with:
channel: "customer-success"
text: "CHURN RISK: {{get-account.Name}} (score: {{risk_score}}). Factors: {{risk_factors}}. Retention campaign: {{create-retention-campaign.id}}. Gainsight CTA created."
consumes:
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: campaigns
path: "/marketing/v3/campaigns"
operations:
- name: create-campaign
method: POST
- type: http
namespace: gainsight
baseUri: "https://gusto.gainsightcloud.com/v1"
authentication:
type: bearer
token: "$secrets.gainsight_token"
resources:
- name: ctas
path: "/cta"
operations:
- name: create-cta
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Customer Onboarding Journey Orchestrator
▼
customer-success onboarding salesforce gainsight hubspot zendesk slack
When a new SMB customer signs up, creates the account in Salesforce, sets up the Gainsight health score, sends the onboarding email series via HubSpot, creates a Zendesk welcome ticket, and notifies customer success in Slack.
naftiko: "0.5"
info:
label: "Customer Onboarding Journey Orchestrator"
description: "When a new SMB customer signs up, creates the account in Salesforce, sets up the Gainsight health score, sends the onboarding email series via HubSpot, creates a Zendesk welcome ticket, and notifies customer success in Slack."
tags:
- customer-success
- onboarding
- salesforce
- gainsight
- hubspot
- zendesk
- slack
capability:
exposes:
- type: mcp
namespace: customer-onboarding
port: 8080
tools:
- name: onboard-customer
description: "Given company details, create SF account, Gainsight record, HubSpot enrollment, Zendesk ticket, and notify CS."
inputParameters:
- name: company_name
in: body
type: string
description: "The SMB company name."
- name: admin_email
in: body
type: string
description: "The company admin email."
- name: employee_count
in: body
type: number
description: "Number of employees."
- name: plan_tier
in: body
type: string
description: "The Gusto plan tier."
steps:
- name: create-account
type: call
call: "salesforce.create-account"
with:
name: "{{company_name}}"
admin_email: "{{admin_email}}"
employee_count: "{{employee_count}}"
plan: "{{plan_tier}}"
- name: setup-health-score
type: call
call: "gainsight.create-company"
with:
account_id: "{{create-account.id}}"
name: "{{company_name}}"
plan: "{{plan_tier}}"
- name: enroll-email-series
type: call
call: "hubspot.enroll-workflow"
with:
email: "{{admin_email}}"
workflow_id: "onboarding-series"
- name: create-welcome-ticket
type: call
call: "zendesk.create-ticket"
with:
subject: "Welcome to Gusto — {{company_name}}"
description: "New customer: {{company_name}}. Admin: {{admin_email}}. Employees: {{employee_count}}. Plan: {{plan_tier}}."
type: "task"
- name: notify-cs
type: call
call: "slack.post-message"
with:
channel: "customer-success"
text: "New customer: {{company_name}} ({{employee_count}} employees, {{plan_tier}}). SF: {{create-account.id}}. Onboarding email enrolled. Zendesk: {{create-welcome-ticket.id}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account"
operations:
- name: create-account
method: POST
- type: http
namespace: gainsight
baseUri: "https://gusto.gainsightcloud.com/v1"
authentication:
type: bearer
token: "$secrets.gainsight_token"
resources:
- name: companies
path: "/companies"
operations:
- name: create-company
method: POST
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: workflows
path: "/automation/v4/flows/{{workflow_id}}/enrollments"
inputParameters:
- name: workflow_id
in: path
operations:
- name: enroll-workflow
method: POST
- type: http
namespace: zendesk
baseUri: "https://gusto.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets"
operations:
- name: create-ticket
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Customer Support Escalation Pipeline
▼
customer-service escalation zendesk salesforce jira slack
When a Zendesk ticket is escalated, retrieves customer and ticket details, creates a Salesforce case for the account team, logs the escalation in Jira, and alerts the support lead in Slack.
naftiko: "0.5"
info:
label: "Customer Support Escalation Pipeline"
description: "When a Zendesk ticket is escalated, retrieves customer and ticket details, creates a Salesforce case for the account team, logs the escalation in Jira, and alerts the support lead in Slack."
tags:
- customer-service
- escalation
- zendesk
- salesforce
- jira
- slack
capability:
exposes:
- type: mcp
namespace: support-escalation
port: 8080
tools:
- name: escalate-ticket
description: "Given a Zendesk ticket ID, pull details, create Salesforce case, Jira issue, and notify via Slack."
inputParameters:
- name: ticket_id
in: body
type: string
description: "The Zendesk ticket ID."
steps:
- name: get-ticket
type: call
call: "zendesk.get-ticket"
with:
ticket_id: "{{ticket_id}}"
- name: create-sf-case
type: call
call: "salesforce.create-case"
with:
subject: "Escalated: {{get-ticket.subject}}"
description: "Zendesk ticket #{{ticket_id}}. Customer: {{get-ticket.requester_name}}. Priority: {{get-ticket.priority}}. Description: {{get-ticket.description}}"
priority: "High"
- name: create-jira-issue
type: call
call: "jira.create-issue"
with:
project: "SUPPORT"
summary: "Escalation: Zendesk #{{ticket_id}} — {{get-ticket.subject}}"
description: "Zendesk: #{{ticket_id}}. Salesforce case: {{create-sf-case.CaseNumber}}. Customer: {{get-ticket.requester_name}}."
issue_type: "Bug"
- name: alert-lead
type: call
call: "slack.post-message"
with:
channel: "support-escalations"
text: "ESCALATION: Zendesk #{{ticket_id}} — {{get-ticket.subject}}. Customer: {{get-ticket.requester_name}}. SF Case: {{create-sf-case.CaseNumber}}. Jira: {{create-jira-issue.key}}."
consumes:
- type: http
namespace: zendesk
baseUri: "https://gusto.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{ticket_id}}"
inputParameters:
- name: ticket_id
in: path
operations:
- name: get-ticket
method: GET
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Data Pipeline Monitor Pipeline
▼
data-engineering databricks monitoring slack
Monitors data pipelines at Gusto via Databricks, Snowflake, Slack, and ServiceNow.
naftiko: "0.5"
info:
label: "Data Pipeline Monitor Pipeline"
description: "Monitors data pipelines at Gusto via Databricks, Snowflake, Slack, and ServiceNow."
tags:
- data-engineering
- databricks
- monitoring
- slack
capability:
exposes:
- type: mcp
namespace: pipeline-mon
port: 8080
tools:
- name: monitor
description: "Monitor pipelines at Gusto."
inputParameters:
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
steps:
- name: status
type: call
call: "databricks.get-run"
with:
id: "{{pipeline_id}}"
- name: quality
type: call
call: "snowflake.query"
with:
query: "SELECT COUNT(*) FROM out WHERE p='{{pipeline_id}}'"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#data"
text: "Pipeline {{pipeline_id}}: {{status.state}}"
- name: incident
type: call
call: "servicenow.create-incident"
with:
desc: "Pipeline {{pipeline_id}} issue"
consumes:
- type: http
namespace: databricks
baseUri: "https://gusto.com.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/runs/get"
operations:
- name: get-run
method: GET
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Data Retention Pipeline
▼
data-governance compliance retention
Manages data retention at Gusto.
naftiko: "0.5"
info:
label: "Data Retention Pipeline"
description: "Manages data retention at Gusto."
tags:
- data-governance
- compliance
- retention
capability:
exposes:
- type: mcp
namespace: retention
port: 8080
tools:
- name: cleanup
description: "Manage retention at Gusto."
inputParameters:
- name: policy
in: body
type: string
description: "Policy ID."
steps:
- name: find
type: call
call: "catalog.find-expired"
with:
policy: "{{policy}}"
- name: archive
type: call
call: "storage.archive"
with:
records: "{{find.ids}}"
- name: delete
type: call
call: "db.delete"
with:
ids: "{{find.ids}}"
- name: log
type: call
call: "snowflake.query"
with:
query: "INSERT INTO retention_log VALUES ('{{policy}}',{{find.count}})"
consumes:
- type: http
namespace: catalog
baseUri: "https://catalog.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.catalog_token"
resources:
- name: policies
path: "/expired"
operations:
- name: find-expired
method: GET
- type: http
namespace: storage
baseUri: "https://storage.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.storage_token"
resources:
- name: archives
path: "/archive"
operations:
- name: archive
method: POST
- type: http
namespace: db
baseUri: "https://db.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.db_token"
resources:
- name: records
path: "/delete"
operations:
- name: delete
method: POST
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
Datadog Application Performance
▼
infrastructure monitoring datadog
Queries Datadog for application performance metrics including latency, error rate, and throughput for Gusto's core services.
naftiko: "0.5"
info:
label: "Datadog Application Performance"
description: "Queries Datadog for application performance metrics including latency, error rate, and throughput for Gusto's core services."
tags:
- infrastructure
- monitoring
- datadog
capability:
exposes:
- type: mcp
namespace: apm
port: 8080
tools:
- name: get-service-health
description: "Retrieve service health from Datadog by service name."
inputParameters:
- name: service_name
in: body
type: string
description: "The Datadog service name."
call: "datadog.get-service-summary"
with:
service: "{{service_name}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: services
path: "/service_dependencies"
operations:
- name: get-service-summary
method: GET
Datadog Monitor Check
▼
monitoring datadog observability
Checks Datadog monitor at Gusto.
naftiko: "0.5"
info:
label: "Datadog Monitor Check"
description: "Checks Datadog monitor at Gusto."
tags:
- monitoring
- datadog
- observability
capability:
exposes:
- type: mcp
namespace: dd-monitor
port: 8080
tools:
- name: check-monitor
description: "Check monitor at Gusto."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Monitor ID."
call: "datadog.get-monitor"
with:
monitor_id: "{{monitor_id}}"
outputParameters:
- name: status
type: string
mapping: "$.overall_state"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
Docker Container Check
▼
containers docker infrastructure
Checks container at Gusto.
naftiko: "0.5"
info:
label: "Docker Container Check"
description: "Checks container at Gusto."
tags:
- containers
- docker
- infrastructure
capability:
exposes:
- type: mcp
namespace: docker
port: 8080
tools:
- name: check-container
description: "Check container at Gusto."
inputParameters:
- name: id
in: body
type: string
description: "Container ID."
call: "docker.get-container"
with:
id: "{{id}}"
outputParameters:
- name: status
type: string
mapping: "$.State.Status"
consumes:
- type: http
namespace: docker
baseUri: "https://docker.gusto.com/v1.41"
authentication:
type: bearer
token: "$secrets.docker_token"
resources:
- name: containers
path: "/containers/{{id}}/json"
inputParameters:
- name: id
in: path
operations:
- name: get-container
method: GET
DR Test Pipeline
▼
disaster-recovery business-continuity testing
Tests disaster recovery at Gusto via failover, health checks, and reporting.
naftiko: "0.5"
info:
label: "DR Test Pipeline"
description: "Tests disaster recovery at Gusto via failover, health checks, and reporting."
tags:
- disaster-recovery
- business-continuity
- testing
capability:
exposes:
- type: mcp
namespace: dr-test
port: 8080
tools:
- name: test-dr
description: "Test DR at Gusto."
inputParameters:
- name: plan_id
in: body
type: string
description: "Plan ID."
- name: type
in: body
type: string
description: "Test type."
steps:
- name: failover
type: call
call: "dr.failover"
with:
plan: "{{plan_id}}"
type: "{{type}}"
- name: validate
type: call
call: "monitoring.check"
with:
scope: "critical"
- name: measure
type: call
call: "dr.metrics"
with:
id: "{{failover.id}}"
- name: report
type: call
call: "confluence.create-page"
with:
title: "DR - {{plan_id}}"
body: "RTO:{{measure.rto}}m RPO:{{measure.rpo}}m"
consumes:
- type: http
namespace: dr
baseUri: "https://dr.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.dr_token"
resources:
- name: failovers
path: "/failovers"
operations:
- name: failover
method: POST
- type: http
namespace: monitoring
baseUri: "https://monitoring.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: health
path: "/checks"
operations:
- name: check
method: POST
- type: http
namespace: confluence
baseUri: "https://gusto.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Drift Detection Pipeline
▼
infrastructure terraform drift-detection devops
Detects infrastructure drift at Gusto via Terraform, Slack, and Jira.
naftiko: "0.5"
info:
label: "Drift Detection Pipeline"
description: "Detects infrastructure drift at Gusto via Terraform, Slack, and Jira."
tags:
- infrastructure
- terraform
- drift-detection
- devops
capability:
exposes:
- type: mcp
namespace: drift-det
port: 8080
tools:
- name: detect
description: "Detect drift at Gusto."
inputParameters:
- name: ws_id
in: body
type: string
description: "Workspace ID."
- name: env
in: body
type: string
description: "Environment."
steps:
- name: plan
type: call
call: "terraform.run"
with:
ws: "{{ws_id}}"
- name: check
type: call
call: "terraform.get-plan"
with:
run: "{{plan.id}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#infra"
text: "Drift {{env}}: {{check.changes}} changes"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "INFRA"
summary: "Drift in {{env}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: run
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Dynatrace Host Status
▼
monitoring dynatrace infrastructure
Checks Dynatrace host at Gusto.
naftiko: "0.5"
info:
label: "Dynatrace Host Status"
description: "Checks Dynatrace host at Gusto."
tags:
- monitoring
- dynatrace
- infrastructure
capability:
exposes:
- type: mcp
namespace: dt
port: 8080
tools:
- name: check-host
description: "Check host at Gusto."
inputParameters:
- name: host_id
in: body
type: string
description: "Host ID."
call: "dt.get-host"
with:
id: "{{host_id}}"
outputParameters:
- name: availability
type: string
mapping: "$.availabilityState"
consumes:
- type: http
namespace: dt
baseUri: "https://gusto.com.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: entities
path: "/entities/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-host
method: GET
ES Index Health
▼
search elasticsearch infrastructure
Checks ES index at Gusto.
naftiko: "0.5"
info:
label: "ES Index Health"
description: "Checks ES index at Gusto."
tags:
- search
- elasticsearch
- infrastructure
capability:
exposes:
- type: mcp
namespace: es-health
port: 8080
tools:
- name: check-index
description: "Check ES index at Gusto."
inputParameters:
- name: index
in: body
type: string
description: "Index name."
call: "es.get-health"
with:
index: "{{index}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: docs
type: number
mapping: "$.docs.count"
consumes:
- type: http
namespace: es
baseUri: "https://es.gusto.com:9200"
authentication:
type: bearer
token: "$secrets.es_token"
resources:
- name: indices
path: "/{{index}}/_stats"
inputParameters:
- name: index
in: path
operations:
- name: get-health
method: GET
Employee Offboarding Pipeline
▼
hr offboarding okta servicenow
Offboards employees at Gusto via Okta, Slack, ServiceNow, and storage.
naftiko: "0.5"
info:
label: "Employee Offboarding Pipeline"
description: "Offboards employees at Gusto via Okta, Slack, ServiceNow, and storage."
tags:
- hr
- offboarding
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: offboarding
port: 8080
tools:
- name: offboard
description: "Offboard employees at Gusto."
inputParameters:
- name: emp_id
in: body
type: string
description: "Employee ID."
- name: last_day
in: body
type: string
description: "Last day."
steps:
- name: disable
type: call
call: "okta.deactivate"
with:
user: "{{emp_id}}"
- name: revoke
type: call
call: "slack.remove"
with:
user: "{{emp_id}}"
- name: return
type: call
call: "servicenow.create-request"
with:
type: "return"
emp: "{{emp_id}}"
- name: archive
type: call
call: "storage.archive"
with:
user: "{{emp_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://gusto.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{user}}/lifecycle/deactivate"
inputParameters:
- name: user
in: path
operations:
- name: deactivate
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.remove"
operations:
- name: remove
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: storage
baseUri: "https://storage.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.storage_token"
resources:
- name: archives
path: "/archive"
operations:
- name: archive
method: POST
Employee Payroll Record Lookup
▼
payroll oracle-financials
Retrieves an employee's payroll record from Oracle Financials by employee ID, returning salary, pay frequency, tax withholdings, and last pay date.
naftiko: "0.5"
info:
label: "Employee Payroll Record Lookup"
description: "Retrieves an employee's payroll record from Oracle Financials by employee ID, returning salary, pay frequency, tax withholdings, and last pay date."
tags:
- payroll
- oracle-financials
capability:
exposes:
- type: mcp
namespace: payroll
port: 8080
tools:
- name: get-payroll-record
description: "Look up an employee's payroll details. Returns salary, pay frequency, withholdings, and last pay date."
inputParameters:
- name: employee_id
in: body
type: string
description: "The employee identifier."
call: "oracle-financials.get-payroll"
with:
employee_id: "{{employee_id}}"
consumes:
- type: http
namespace: oracle-financials
baseUri: "https://gusto.oraclecloud.com/hcmRestApi/resources/v1"
authentication:
type: bearer
token: "$secrets.oracle_financials_token"
resources:
- name: payroll
path: "/payrollRelationships?q=PersonNumber={{employee_id}}"
inputParameters:
- name: employee_id
in: query
operations:
- name: get-payroll
method: GET
ESG Report Pipeline
▼
sustainability esg reporting
Generates ESG reports at Gusto.
naftiko: "0.5"
info:
label: "ESG Report Pipeline"
description: "Generates ESG reports at Gusto."
tags:
- sustainability
- esg
- reporting
capability:
exposes:
- type: mcp
namespace: esg
port: 8080
tools:
- name: gen-report
description: "Generate ESG report at Gusto."
inputParameters:
- name: year
in: body
type: string
description: "Year."
steps:
- name: data
type: call
call: "platform.get-environmental"
with:
year: "{{year}}"
- name: compute
type: call
call: "analytics.compute-esg"
with:
data: "{{data.metrics}}"
- name: generate
type: call
call: "docs.create-report"
with:
template: "esg"
- name: publish
type: call
call: "sharepoint.upload"
with:
path: "/ESG/{{year}}/report.pdf"
consumes:
- type: http
namespace: platform
baseUri: "https://data.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_token"
resources:
- name: environmental
path: "/metrics"
operations:
- name: get-environmental
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: esg
path: "/compute"
operations:
- name: compute-esg
method: POST
- type: http
namespace: docs
baseUri: "https://docs.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.docs_token"
resources:
- name: reports
path: "/create"
operations:
- name: create-report
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: files
path: "/sites/root/drive/root:/{{path}}:/content"
operations:
- name: upload
method: PUT
Expense Audit Pipeline
▼
finance travel sap-concur compliance
Audits expenses at Gusto via Concur, compliance checks, and email.
naftiko: "0.5"
info:
label: "Expense Audit Pipeline"
description: "Audits expenses at Gusto via Concur, compliance checks, and email."
tags:
- finance
- travel
- sap-concur
- compliance
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit
description: "Audit expenses at Gusto."
inputParameters:
- name: report_id
in: body
type: string
description: "Report ID."
steps:
- name: get
type: call
call: "concur.get-report"
with:
id: "{{report_id}}"
- name: check
type: call
call: "compliance.check"
with:
expenses: "{{get.entries}}"
- name: flag
type: call
call: "workflow.flag"
with:
id: "{{report_id}}"
violations: "{{check.violations}}"
- name: notify
type: call
call: "email.send"
with:
to: "{{get.approver}}"
subject: "Expense {{report_id}} violations"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-report
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: policies
path: "/check"
operations:
- name: check
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: reviews
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Facebook Ads Campaign Metrics
▼
marketing advertising facebook-ads
Fetches Facebook Ads campaign performance including reach, impressions, link clicks, and conversions for Gusto's SMB acquisition campaigns.
naftiko: "0.5"
info:
label: "Facebook Ads Campaign Metrics"
description: "Fetches Facebook Ads campaign performance including reach, impressions, link clicks, and conversions for Gusto's SMB acquisition campaigns."
tags:
- marketing
- advertising
- facebook-ads
capability:
exposes:
- type: mcp
namespace: social-ads
port: 8080
tools:
- name: get-fb-campaign
description: "Retrieve Facebook Ads campaign insights by campaign ID."
inputParameters:
- name: campaign_id
in: body
type: string
description: "The Facebook Ads campaign ID."
call: "facebook-ads.get-insights"
with:
campaign_id: "{{campaign_id}}"
consumes:
- type: http
namespace: facebook-ads
baseUri: "https://graph.facebook.com/v18.0"
authentication:
type: bearer
token: "$secrets.facebook_ads_token"
resources:
- name: insights
path: "/{{campaign_id}}/insights"
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-insights
method: GET
Customer Feedback Pipeline
▼
customer-experience analytics sentiment-analysis
Analyzes feedback at Gusto via surveys, AI sentiment, and Power BI.
naftiko: "0.5"
info:
label: "Customer Feedback Pipeline"
description: "Analyzes feedback at Gusto via surveys, AI sentiment, and Power BI."
tags:
- customer-experience
- analytics
- sentiment-analysis
capability:
exposes:
- type: mcp
namespace: feedback
port: 8080
tools:
- name: analyze
description: "Analyze feedback at Gusto."
inputParameters:
- name: survey_id
in: body
type: string
description: "Survey ID."
steps:
- name: collect
type: call
call: "survey.get"
with:
id: "{{survey_id}}"
- name: sentiment
type: call
call: "ai.analyze"
with:
text: "{{collect.responses}}"
- name: themes
type: call
call: "ai.themes"
with:
data: "{{collect.responses}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "cx"
consumes:
- type: http
namespace: survey
baseUri: "https://surveys.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.survey_token"
resources:
- name: responses
path: "/surveys/{{id}}/responses"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: ai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: analyze
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Figma Design File Status
▼
design figma
Retrieves a Figma design file's metadata including last modified date, number of pages, and collaborator count for design team tracking.
naftiko: "0.5"
info:
label: "Figma Design File Status"
description: "Retrieves a Figma design file's metadata including last modified date, number of pages, and collaborator count for design team tracking."
tags:
- design
- figma
capability:
exposes:
- type: mcp
namespace: design
port: 8080
tools:
- name: get-design-file
description: "Look up a Figma file by key. Returns name, last modified, and page count."
inputParameters:
- name: file_key
in: body
type: string
description: "The Figma file key."
call: "figma.get-file"
with:
file_key: "{{file_key}}"
consumes:
- type: http
namespace: figma
baseUri: "https://api.figma.com/v1"
authentication:
type: bearer
token: "$secrets.figma_token"
resources:
- name: files
path: "/files/{{file_key}}"
inputParameters:
- name: file_key
in: path
operations:
- name: get-file
method: GET
GitHub Repo Check
▼
devops github version-control
Checks GitHub repo at Gusto.
naftiko: "0.5"
info:
label: "GitHub Repo Check"
description: "Checks GitHub repo at Gusto."
tags:
- devops
- github
- version-control
capability:
exposes:
- type: mcp
namespace: gh-repo
port: 8080
tools:
- name: get-branch
description: "Check branch at Gusto."
inputParameters:
- name: repo
in: body
type: string
description: "Repo."
- name: branch
in: body
type: string
description: "Branch."
call: "github.get-branch"
with:
repo: "{{repo}}"
branch: "{{branch}}"
outputParameters:
- name: sha
type: string
mapping: "$.commit.sha"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branches
path: "/repos/org/{{repo}}/branches/{{branch}}"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch
method: GET
GitHub Repository Status
▼
engineering github
Retrieves GitHub repository details including last commit, open PRs, branch protection status, and CI health for Gusto engineering.
naftiko: "0.5"
info:
label: "GitHub Repository Status"
description: "Retrieves GitHub repository details including last commit, open PRs, branch protection status, and CI health for Gusto engineering."
tags:
- engineering
- github
capability:
exposes:
- type: mcp
namespace: source-control
port: 8080
tools:
- name: get-repo-status
description: "Look up a GitHub repository. Returns last commit, open PR count, and default branch."
inputParameters:
- name: repo_name
in: body
type: string
description: "The repository name (owner/repo)."
call: "github.get-repo"
with:
repo: "{{repo_name}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{repo}}"
inputParameters:
- name: repo
in: path
operations:
- name: get-repo
method: GET
Google Ads Campaign Performance
▼
marketing advertising google-ads
Retrieves Google Ads campaign metrics including impressions, clicks, conversions, and cost-per-acquisition for Gusto's growth marketing.
naftiko: "0.5"
info:
label: "Google Ads Campaign Performance"
description: "Retrieves Google Ads campaign metrics including impressions, clicks, conversions, and cost-per-acquisition for Gusto's growth marketing."
tags:
- marketing
- advertising
- google-ads
capability:
exposes:
- type: mcp
namespace: paid-marketing
port: 8080
tools:
- name: get-ads-performance
description: "Retrieve Google Ads campaign performance for a date range."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
call: "google-ads.get-report"
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
consumes:
- type: http
namespace: google-ads
baseUri: "https://googleads.googleapis.com/v14"
authentication:
type: bearer
token: "$secrets.google_ads_token"
resources:
- name: reports
path: "/customers/{{customer_id}}/googleAds:searchStream"
inputParameters:
- name: customer_id
in: path
operations:
- name: get-report
method: POST
Google Analytics Web Traffic
▼
marketing analytics google-analytics
Pulls daily web traffic metrics from Google Analytics for gusto.com including sessions, signup conversion rate, and top landing pages.
naftiko: "0.5"
info:
label: "Google Analytics Web Traffic"
description: "Pulls daily web traffic metrics from Google Analytics for gusto.com including sessions, signup conversion rate, and top landing pages."
tags:
- marketing
- analytics
- google-analytics
capability:
exposes:
- type: mcp
namespace: web-analytics
port: 8080
tools:
- name: get-web-traffic
description: "Retrieve daily web traffic from Google Analytics for a date range."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
call: "google-analytics.run-report"
with:
start_date: "{{start_date}}"
end_date: "{{end_date}}"
consumes:
- type: http
namespace: google-analytics
baseUri: "https://analyticsdata.googleapis.com/v1beta"
authentication:
type: bearer
token: "$secrets.google_analytics_token"
resources:
- name: reports
path: "/properties/{{property_id}}:runReport"
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
Google Workspace User Check
▼
identity google-workspace directory
Checks Google user at Gusto.
naftiko: "0.5"
info:
label: "Google Workspace User Check"
description: "Checks Google user at Gusto."
tags:
- identity
- google-workspace
- directory
capability:
exposes:
- type: mcp
namespace: gws
port: 8080
tools:
- name: check-user
description: "Check user at Gusto."
inputParameters:
- name: email
in: body
type: string
description: "Email."
call: "google.get-user"
with:
email: "{{email}}"
outputParameters:
- name: suspended
type: boolean
mapping: "$.suspended"
consumes:
- type: http
namespace: google
baseUri: "https://admin.googleapis.com/admin/directory/v1"
authentication:
type: bearer
token: "$secrets.google_admin_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
Grafana Dashboard Status
▼
monitoring grafana dashboards
Checks Grafana dashboard at Gusto.
naftiko: "0.5"
info:
label: "Grafana Dashboard Status"
description: "Checks Grafana dashboard at Gusto."
tags:
- monitoring
- grafana
- dashboards
capability:
exposes:
- type: mcp
namespace: grafana
port: 8080
tools:
- name: check-dash
description: "Check dashboard at Gusto."
inputParameters:
- name: uid
in: body
type: string
description: "Dashboard UID."
call: "grafana.get-dash"
with:
uid: "{{uid}}"
outputParameters:
- name: title
type: string
mapping: "$.dashboard.title"
consumes:
- type: http
namespace: grafana
baseUri: "https://grafana.gusto.com/api"
authentication:
type: bearer
token: "$secrets.grafana_token"
resources:
- name: dashboards
path: "/dashboards/uid/{{uid}}"
inputParameters:
- name: uid
in: path
operations:
- name: get-dash
method: GET
Helpdesk Auto-Routing Pipeline
▼
support helpdesk ai automation
Auto-routes tickets at Gusto.
naftiko: "0.5"
info:
label: "Helpdesk Auto-Routing Pipeline"
description: "Auto-routes tickets at Gusto."
tags:
- support
- helpdesk
- ai
- automation
capability:
exposes:
- type: mcp
namespace: ticket-route
port: 8080
tools:
- name: route-ticket
description: "Auto-route tickets at Gusto."
inputParameters:
- name: ticket_id
in: body
type: string
description: "Ticket ID."
steps:
- name: get
type: call
call: "helpdesk.get-ticket"
with:
id: "{{ticket_id}}"
- name: classify
type: call
call: "ai.classify"
with:
subject: "{{get.subject}}"
body: "{{get.body}}"
- name: assign
type: call
call: "helpdesk.assign"
with:
id: "{{ticket_id}}"
team: "{{classify.team}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#{{classify.team}}"
text: "New: {{get.subject}} ({{classify.priority}})"
consumes:
- type: http
namespace: helpdesk
baseUri: "https://helpdesk.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.helpdesk_token"
resources:
- name: tickets
path: "/tickets/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-ticket
method: GET
- type: http
namespace: ai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: classify
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Hiring Pipeline Orchestrator
▼
hiring salesforce gmail snowflake slack
When a new hire is confirmed, creates the employee record in Salesforce, sends the offer letter via Gmail, logs the hire in the Snowflake analytics table, and notifies the hiring manager in Slack.
naftiko: "0.5"
info:
label: "Hiring Pipeline Orchestrator"
description: "When a new hire is confirmed, creates the employee record in Salesforce, sends the offer letter via Gmail, logs the hire in the Snowflake analytics table, and notifies the hiring manager in Slack."
tags:
- hiring
- salesforce
- gmail
- snowflake
- slack
capability:
exposes:
- type: mcp
namespace: hiring
port: 8080
tools:
- name: process-new-hire
description: "Given new hire details, create SF record, send offer, log analytics, and notify manager."
inputParameters:
- name: candidate_name
in: body
type: string
description: "The candidate's full name."
- name: candidate_email
in: body
type: string
description: "The candidate's email."
- name: position
in: body
type: string
description: "The job title."
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: hiring_manager_slack
in: body
type: string
description: "The hiring manager's Slack user ID."
steps:
- name: create-employee-record
type: call
call: "salesforce.create-contact"
with:
name: "{{candidate_name}}"
email: "{{candidate_email}}"
title: "{{position}}"
start_date: "{{start_date}}"
- name: send-offer
type: call
call: "gmail.send-email"
with:
to: "{{candidate_email}}"
subject: "Welcome to the Team — Your Offer from Gusto"
body: "Dear {{candidate_name}}, we're thrilled to offer you the position of {{position}} starting {{start_date}}. Please review and sign your offer letter."
- name: log-analytics
type: call
call: "snowflake.execute-statement"
with:
statement: "INSERT INTO hiring_analytics (name, email, position, start_date, created_at) VALUES ('{{candidate_name}}', '{{candidate_email}}', '{{position}}', '{{start_date}}', CURRENT_TIMESTAMP)"
warehouse: "HR_WH"
- name: notify-manager
type: call
call: "slack.post-message"
with:
channel: "{{hiring_manager_slack}}"
text: "New hire confirmed: {{candidate_name}} as {{position}}, starting {{start_date}}. Offer sent. SF record: {{create-employee-record.id}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/sobjects/Contact"
operations:
- name: create-contact
method: POST
- type: http
namespace: gmail
baseUri: "https://gmail.googleapis.com/gmail/v1"
authentication:
type: bearer
token: "$secrets.gmail_token"
resources:
- name: messages
path: "/users/me/messages/send"
operations:
- name: send-email
method: POST
- type: http
namespace: snowflake
baseUri: "https://gusto.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
HubSpot Lead Status
▼
sales lead-management hubspot
Retrieves a lead record from HubSpot by email, returning lifecycle stage, lead score, company size, and last activity date for the sales team.
naftiko: "0.5"
info:
label: "HubSpot Lead Status"
description: "Retrieves a lead record from HubSpot by email, returning lifecycle stage, lead score, company size, and last activity date for the sales team."
tags:
- sales
- lead-management
- hubspot
capability:
exposes:
- type: mcp
namespace: sales
port: 8080
tools:
- name: get-lead
description: "Look up a lead in HubSpot by email. Returns lifecycle stage, score, and company details."
inputParameters:
- name: email
in: body
type: string
description: "The lead email address."
call: "hubspot.get-contact"
with:
email: "{{email}}"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: contacts
path: "/crm/v3/objects/contacts/search"
operations:
- name: get-contact
method: POST
IT Incident Escalation Pipeline
▼
incident-management servicenow pagerduty slack
Escalates IT incidents at Gusto via ServiceNow, PagerDuty, and Slack.
naftiko: "0.5"
info:
label: "IT Incident Escalation Pipeline"
description: "Escalates IT incidents at Gusto via ServiceNow, PagerDuty, and Slack."
tags:
- incident-management
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-incident
description: "Escalate incidents at Gusto."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
- name: severity
in: body
type: string
description: "Severity."
steps:
- name: get-incident
type: call
call: "servicenow.get-incident"
with:
incident_id: "{{incident_id}}"
- name: page
type: call
call: "pagerduty.create-incident"
with:
title: "{{get-incident.description}}"
urgency: "{{severity}}"
- name: channel
type: call
call: "slack.create-channel"
with:
name: "inc-{{incident_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#inc-{{incident_id}}"
text: "P{{severity}}: {{get-incident.description}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: channels
path: "/conversations.create"
operations:
- name: create-channel
method: POST
Jira Sprint Progress Lookup
▼
project-management jira agile
Retrieves sprint progress at Gusto.
naftiko: "0.5"
info:
label: "Jira Sprint Progress Lookup"
description: "Retrieves sprint progress at Gusto."
tags:
- project-management
- jira
- agile
capability:
exposes:
- type: mcp
namespace: jira-sprint
port: 8080
tools:
- name: get-sprint
description: "Look up sprint at Gusto."
inputParameters:
- name: project_key
in: body
type: string
description: "Project key."
call: "jira.get-sprints"
with:
project: "{{project_key}}"
outputParameters:
- name: name
type: string
mapping: "$.values[0].name"
- name: state
type: string
mapping: "$.values[0].state"
consumes:
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/agile/1.0"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: sprints
path: "/board/1/sprint"
operations:
- name: get-sprints
method: GET
Jira Task Status
▼
engineering project-management jira
Retrieves a Jira task by issue key, returning summary, status, assignee, and priority for engineering sprint tracking.
naftiko: "0.5"
info:
label: "Jira Task Status"
description: "Retrieves a Jira task by issue key, returning summary, status, assignee, and priority for engineering sprint tracking."
tags:
- engineering
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: eng-tasks
port: 8080
tools:
- name: get-task
description: "Look up a Jira issue by key."
inputParameters:
- name: issue_key
in: body
type: string
description: "The Jira issue key."
call: "jira.get-issue"
with:
issue_key: "{{issue_key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://gusto.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
Knowledge Base Maintenance Pipeline
▼
knowledge-management confluence maintenance
Maintains KB at Gusto by finding stale articles and notifying owners.
naftiko: "0.5"
info:
label: "Knowledge Base Maintenance Pipeline"
description: "Maintains KB at Gusto by finding stale articles and notifying owners."
tags:
- knowledge-management
- confluence
- maintenance
capability:
exposes:
- type: mcp
namespace: kb-maint
port: 8080
tools:
- name: maintain-kb
description: "Maintain KB at Gusto."
inputParameters:
- name: space
in: body
type: string
description: "Confluence space."
- name: stale_days
in: body
type: number
description: "Days threshold."
steps:
- name: find
type: call
call: "confluence.search-stale"
with:
space: "{{space}}"
days: "{{stale_days}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{find.owners}}"
subject: "KB review needed"
- name: flag
type: call
call: "confluence.add-label"
with:
pages: "{{find.ids}}"
label: "needs-review"
- name: report
type: call
call: "slack.post-message"
with:
channel: "#kb"
text: "KB: {{find.count}} stale articles"
consumes:
- type: http
namespace: confluence
baseUri: "https://gusto.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search-stale
method: GET
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Weekly KPI Digest Pipeline
▼
reporting kpi snowflake executive
Generates KPI digest at Gusto from Snowflake, Oracle, Power BI, and email.
naftiko: "0.5"
info:
label: "Weekly KPI Digest Pipeline"
description: "Generates KPI digest at Gusto from Snowflake, Oracle, Power BI, and email."
tags:
- reporting
- kpi
- snowflake
- executive
capability:
exposes:
- type: mcp
namespace: kpi-digest
port: 8080
tools:
- name: gen-digest
description: "Generate KPI digest at Gusto."
inputParameters:
- name: week
in: body
type: string
description: "Week ending."
- name: dist
in: body
type: string
description: "Distribution list."
steps:
- name: ops
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM kpis WHERE w='{{week}}'"
- name: fin
type: call
call: "oracle.get-summary"
with:
period: "{{week}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "exec_kpis"
- name: send
type: call
call: "email.send"
with:
to: "{{dist}}"
subject: "KPIs - {{week}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/summary"
operations:
- name: get-summary
method: GET
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
K8s Pod Health
▼
containers kubernetes infrastructure
Checks K8s pod health at Gusto.
naftiko: "0.5"
info:
label: "K8s Pod Health"
description: "Checks K8s pod health at Gusto."
tags:
- containers
- kubernetes
- infrastructure
capability:
exposes:
- type: mcp
namespace: k8s-pod
port: 8080
tools:
- name: check-pod
description: "Check pod at Gusto."
inputParameters:
- name: namespace
in: body
type: string
description: "Namespace."
- name: pod
in: body
type: string
description: "Pod name."
call: "k8s.get-pod"
with:
namespace: "{{namespace}}"
pod: "{{pod}}"
outputParameters:
- name: phase
type: string
mapping: "$.status.phase"
consumes:
- type: http
namespace: k8s
baseUri: "https://k8s.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.k8s_token"
resources:
- name: pods
path: "/namespaces/{{namespace}}/pods/{{pod}}"
inputParameters:
- name: namespace
in: path
- name: pod
in: path
operations:
- name: get-pod
method: GET
Lambda Function Check
▼
serverless aws lambda
Checks Lambda at Gusto.
naftiko: "0.5"
info:
label: "Lambda Function Check"
description: "Checks Lambda at Gusto."
tags:
- serverless
- aws
- lambda
capability:
exposes:
- type: mcp
namespace: lambda
port: 8080
tools:
- name: check-fn
description: "Check Lambda at Gusto."
inputParameters:
- name: fn
in: body
type: string
description: "Function name."
call: "lambda.get-fn"
with:
name: "{{fn}}"
outputParameters:
- name: state
type: string
mapping: "$.Configuration.State"
consumes:
- type: http
namespace: lambda
baseUri: "https://lambda.us-east-1.amazonaws.com/2015-03-31"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: functions
path: "/functions/{{name}}"
inputParameters:
- name: name
in: path
operations:
- name: get-fn
method: GET
License Compliance Pipeline
▼
compliance licensing procurement
Checks license compliance at Gusto via scanning, entitlements, and procurement.
naftiko: "0.5"
info:
label: "License Compliance Pipeline"
description: "Checks license compliance at Gusto via scanning, entitlements, and procurement."
tags:
- compliance
- licensing
- procurement
capability:
exposes:
- type: mcp
namespace: license-comp
port: 8080
tools:
- name: check-licenses
description: "Check license compliance at Gusto."
inputParameters:
- name: software
in: body
type: string
description: "Software."
- name: vendor
in: body
type: string
description: "Vendor."
steps:
- name: scan
type: call
call: "assets.installations"
with:
sw: "{{software}}"
- name: entitlements
type: call
call: "licenses.get"
with:
sw: "{{software}}"
- name: flag
type: call
call: "compliance.flag"
with:
installed: "{{scan.count}}"
entitled: "{{entitlements.count}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "license"
sw: "{{software}}"
consumes:
- type: http
namespace: assets
baseUri: "https://assets.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.asset_token"
resources:
- name: installations
path: "/installations"
operations:
- name: installations
method: GET
- type: http
namespace: licenses
baseUri: "https://licenses.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.license_token"
resources:
- name: ent
path: "/entitlements"
operations:
- name: get
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: overages
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
Marketing Campaign Pipeline
▼
marketing google-ads analytics
Tracks marketing campaigns at Gusto.
naftiko: "0.5"
info:
label: "Marketing Campaign Pipeline"
description: "Tracks marketing campaigns at Gusto."
tags:
- marketing
- google-ads
- analytics
capability:
exposes:
- type: mcp
namespace: marketing
port: 8080
tools:
- name: track-campaign
description: "Track campaigns at Gusto."
inputParameters:
- name: campaign
in: body
type: string
description: "Campaign ID."
steps:
- name: ads
type: call
call: "google-ads.get"
with:
id: "{{campaign}}"
- name: social
type: call
call: "social.get-metrics"
with:
campaign: "{{campaign}}"
- name: compile
type: call
call: "analytics.compile"
with:
ads: "{{ads.data}}"
social: "{{social.data}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "marketing"
consumes:
- type: http
namespace: google-ads
baseUri: "https://googleads.googleapis.com/v14"
authentication:
type: bearer
token: "$secrets.google_ads_token"
resources:
- name: campaigns
path: "/campaigns/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: social
baseUri: "https://social.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.social_token"
resources:
- name: metrics
path: "/campaigns/{{campaign}}"
inputParameters:
- name: campaign
in: path
operations:
- name: get-metrics
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: marketing
path: "/compile"
operations:
- name: compile
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
MongoDB Stats Check
▼
database mongodb operations
Checks MongoDB at Gusto.
naftiko: "0.5"
info:
label: "MongoDB Stats Check"
description: "Checks MongoDB at Gusto."
tags:
- database
- mongodb
- operations
capability:
exposes:
- type: mcp
namespace: mongo
port: 8080
tools:
- name: get-stats
description: "Check MongoDB at Gusto."
inputParameters:
- name: db
in: body
type: string
description: "Database."
- name: collection
in: body
type: string
description: "Collection."
call: "mongo.get-stats"
with:
db: "{{db}}"
collection: "{{collection}}"
outputParameters:
- name: count
type: number
mapping: "$.count"
consumes:
- type: http
namespace: mongo
baseUri: "https://mongo.gusto.com/api/atlas/v1.0"
authentication:
type: bearer
token: "$secrets.mongo_token"
resources:
- name: collections
path: "/collStats"
operations:
- name: get-stats
method: GET
Monthly Security Report Pipeline
▼
security reporting splunk compliance
Generates monthly security reports at Gusto from Splunk and Qualys.
naftiko: "0.5"
info:
label: "Monthly Security Report Pipeline"
description: "Generates monthly security reports at Gusto from Splunk and Qualys."
tags:
- security
- reporting
- splunk
- compliance
capability:
exposes:
- type: mcp
namespace: sec-report
port: 8080
tools:
- name: gen-sec-report
description: "Generate security report at Gusto."
inputParameters:
- name: month
in: body
type: string
description: "Month."
steps:
- name: splunk
type: call
call: "splunk.search"
with:
query: "index=security earliest=-30d"
- name: scans
type: call
call: "qualys.results"
with:
month: "{{month}}"
- name: compile
type: call
call: "analytics.compile-security"
with:
events: "{{splunk.count}}"
vulns: "{{scans.critical}}"
- name: send
type: call
call: "email.send"
with:
to: "ciso@co.com"
subject: "Security - {{month}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.gusto.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: results
path: "/fo/scan/results"
operations:
- name: results
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: security
path: "/compile"
operations:
- name: compile-security
method: POST
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
MuleSoft Integration Health
▼
infrastructure integration mulesoft
Checks MuleSoft API gateway health for Gusto's integration layer, returning active API count, error rate, and throughput.
naftiko: "0.5"
info:
label: "MuleSoft Integration Health"
description: "Checks MuleSoft API gateway health for Gusto's integration layer, returning active API count, error rate, and throughput."
tags:
- infrastructure
- integration
- mulesoft
capability:
exposes:
- type: mcp
namespace: integration-health
port: 8080
tools:
- name: get-integration-status
description: "Retrieve MuleSoft API health for an environment."
inputParameters:
- name: environment_id
in: body
type: string
description: "The MuleSoft environment ID."
call: "mulesoft.get-api-stats"
with:
environment_id: "{{environment_id}}"
consumes:
- type: http
namespace: mulesoft
baseUri: "https://anypoint.mulesoft.com/analytics/1.0"
authentication:
type: bearer
token: "$secrets.mulesoft_token"
resources:
- name: api-stats
path: "/{{org_id}}/environments/{{environment_id}}/apis"
inputParameters:
- name: environment_id
in: path
operations:
- name: get-api-stats
method: GET
New Employee IT Onboarding Pipeline
▼
hr onboarding okta servicenow slack
Onboards employees at Gusto with Okta, ServiceNow, Slack, and calendar.
naftiko: "0.5"
info:
label: "New Employee IT Onboarding Pipeline"
description: "Onboards employees at Gusto with Okta, ServiceNow, Slack, and calendar."
tags:
- hr
- onboarding
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: it-onboarding
port: 8080
tools:
- name: onboard-employee
description: "Onboard employees at Gusto."
inputParameters:
- name: name
in: body
type: string
description: "Name."
- name: dept
in: body
type: string
description: "Department."
- name: start
in: body
type: string
description: "Start date."
steps:
- name: okta
type: call
call: "okta.create-user"
with:
name: "{{name}}"
department: "{{dept}}"
- name: equip
type: call
call: "servicenow.create-request"
with:
type: "new_hire"
for: "{{name}}"
- name: slack
type: call
call: "slack.invite"
with:
email: "{{okta.email}}"
- name: orient
type: call
call: "calendar.create-event"
with:
title: "Orientation - {{name}}"
date: "{{start}}"
consumes:
- type: http
namespace: okta
baseUri: "https://gusto.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.invite"
operations:
- name: invite
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/hr/events"
operations:
- name: create-event
method: POST
New Employee Payroll Setup Orchestrator
▼
payroll onboarding oracle-financials salesforce gmail slack
When a new hire is added, creates their payroll record in Oracle Financials, enrolls them in default benefits in Salesforce, sends a welcome email via Gmail, and notifies the HR team in Slack.
naftiko: "0.5"
info:
label: "New Employee Payroll Setup Orchestrator"
description: "When a new hire is added, creates their payroll record in Oracle Financials, enrolls them in default benefits in Salesforce, sends a welcome email via Gmail, and notifies the HR team in Slack."
tags:
- payroll
- onboarding
- oracle-financials
- salesforce
- gmail
- slack
capability:
exposes:
- type: mcp
namespace: payroll-onboarding
port: 8080
tools:
- name: setup-new-employee-payroll
description: "Given employee details, create payroll record, enroll in benefits, send welcome email, and notify HR."
inputParameters:
- name: employee_name
in: body
type: string
description: "The new employee's full name."
- name: employee_email
in: body
type: string
description: "The new employee's email."
- name: salary
in: body
type: number
description: "Annual salary."
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: company_id
in: body
type: string
description: "The Gusto customer company ID."
steps:
- name: create-payroll
type: call
call: "oracle-financials.create-payroll-record"
with:
employee_name: "{{employee_name}}"
email: "{{employee_email}}"
salary: "{{salary}}"
start_date: "{{start_date}}"
company_id: "{{company_id}}"
- name: enroll-benefits
type: call
call: "salesforce.create-enrollment"
with:
employee_id: "{{create-payroll.employee_id}}"
plan_type: "default"
effective_date: "{{start_date}}"
- name: send-welcome
type: call
call: "gmail.send-email"
with:
to: "{{employee_email}}"
subject: "Welcome to {{company_id}} — Your Gusto Account is Ready"
body: "Hi {{employee_name}}, your payroll has been set up. Your first payday is based on your start date {{start_date}}. Benefits enrollment: {{enroll-benefits.enrollment_id}}."
- name: notify-hr
type: call
call: "slack.post-message"
with:
channel: "hr-onboarding"
text: "New employee payroll setup: {{employee_name}} at {{company_id}}. Salary: ${{salary}}. Start: {{start_date}}. Benefits enrolled. Payroll ID: {{create-payroll.employee_id}}."
consumes:
- type: http
namespace: oracle-financials
baseUri: "https://gusto.oraclecloud.com/hcmRestApi/resources/v1"
authentication:
type: bearer
token: "$secrets.oracle_financials_token"
resources:
- name: payroll-records
path: "/payrollRelationships"
operations:
- name: create-payroll-record
method: POST
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: enrollments
path: "/sobjects/BenefitsEnrollment__c"
operations:
- name: create-enrollment
method: POST
- type: http
namespace: gmail
baseUri: "https://gmail.googleapis.com/gmail/v1"
authentication:
type: bearer
token: "$secrets.gmail_token"
resources:
- name: messages
path: "/users/me/messages/send"
operations:
- name: send-email
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
New Relic APM Check
▼
monitoring new-relic apm
Checks New Relic APM at Gusto.
naftiko: "0.5"
info:
label: "New Relic APM Check"
description: "Checks New Relic APM at Gusto."
tags:
- monitoring
- new-relic
- apm
capability:
exposes:
- type: mcp
namespace: nr-apm
port: 8080
tools:
- name: check-apm
description: "Check APM at Gusto."
inputParameters:
- name: app_id
in: body
type: string
description: "App ID."
call: "newrelic.get-app"
with:
app_id: "{{app_id}}"
outputParameters:
- name: health
type: string
mapping: "$.application.health_status"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: bearer
token: "$secrets.new_relic_api_key"
resources:
- name: applications
path: "/applications/{{app_id}}.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-app
method: GET
Notion Product Spec Lookup
▼
product-management documentation notion
Retrieves a Notion page by ID for product specifications, design docs, or RFC documents used by Gusto product and engineering teams.
naftiko: "0.5"
info:
label: "Notion Product Spec Lookup"
description: "Retrieves a Notion page by ID for product specifications, design docs, or RFC documents used by Gusto product and engineering teams."
tags:
- product-management
- documentation
- notion
capability:
exposes:
- type: mcp
namespace: product-docs
port: 8080
tools:
- name: get-page
description: "Retrieve a Notion page by ID. Returns title, content blocks, and last edited info."
inputParameters:
- name: page_id
in: body
type: string
description: "The Notion page ID."
call: "notion.get-page"
with:
page_id: "{{page_id}}"
consumes:
- type: http
namespace: notion
baseUri: "https://api.notion.com/v1"
authentication:
type: bearer
token: "$secrets.notion_token"
resources:
- name: pages
path: "/pages/{{page_id}}"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
Okta User Check
▼
identity okta access-management
Checks Okta user at Gusto.
naftiko: "0.5"
info:
label: "Okta User Check"
description: "Checks Okta user at Gusto."
tags:
- identity
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: okta-user
port: 8080
tools:
- name: check-user
description: "Check user at Gusto."
inputParameters:
- name: email
in: body
type: string
description: "Email."
call: "okta.get-user"
with:
email: "{{email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: okta
baseUri: "https://gusto.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
Open Enrollment Orchestrator
▼
benefits open-enrollment gmail salesforce confluence slack
When open enrollment period begins, sends notification emails via Gmail to all eligible employees, creates enrollment tracking tasks in Salesforce, updates the Confluence enrollment guide, and notifies HR in Slack.
naftiko: "0.5"
info:
label: "Open Enrollment Orchestrator"
description: "When open enrollment period begins, sends notification emails via Gmail to all eligible employees, creates enrollment tracking tasks in Salesforce, updates the Confluence enrollment guide, and notifies HR in Slack."
tags:
- benefits
- open-enrollment
- gmail
- salesforce
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: open-enrollment
port: 8080
tools:
- name: launch-open-enrollment
description: "Given a company ID and enrollment window dates, send notifications, create tasks, update docs, and alert HR."
inputParameters:
- name: company_id
in: body
type: string
description: "The Gusto customer company ID."
- name: enrollment_start
in: body
type: string
description: "Enrollment start date in YYYY-MM-DD format."
- name: enrollment_end
in: body
type: string
description: "Enrollment end date in YYYY-MM-DD format."
steps:
- name: send-notifications
type: call
call: "gmail.send-email"
with:
to: "all-employees@{{company_id}}.gusto.com"
subject: "Open Enrollment Now Open — Action Required by {{enrollment_end}}"
body: "Open enrollment for your benefits is now available from {{enrollment_start}} to {{enrollment_end}}. Log in to Gusto to review and update your elections."
- name: create-tracking
type: call
call: "salesforce.create-campaign"
with:
name: "Open Enrollment {{company_id}} — {{enrollment_start}}"
type: "Benefits Enrollment"
start_date: "{{enrollment_start}}"
end_date: "{{enrollment_end}}"
- name: update-guide
type: call
call: "confluence.update-page"
with:
page_id: "open-enrollment-guide"
body: "Open enrollment window: {{enrollment_start}} to {{enrollment_end}}. Company: {{company_id}}."
- name: notify-hr
type: call
call: "slack.post-message"
with:
channel: "hr-benefits"
text: "Open enrollment launched for {{company_id}}: {{enrollment_start}} to {{enrollment_end}}. Notifications sent. Salesforce campaign: {{create-tracking.id}}."
consumes:
- type: http
namespace: gmail
baseUri: "https://gmail.googleapis.com/gmail/v1"
authentication:
type: bearer
token: "$secrets.gmail_token"
resources:
- name: messages
path: "/users/me/messages/send"
operations:
- name: send-email
method: POST
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: campaigns
path: "/sobjects/Campaign"
operations:
- name: create-campaign
method: POST
- type: http
namespace: confluence
baseUri: "https://gusto.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content/{{page_id}}"
inputParameters:
- name: page_id
in: path
operations:
- name: update-page
method: PUT
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
PagerDuty On-Call Check
▼
incident-management pagerduty on-call
Checks on-call at Gusto.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Check"
description: "Checks on-call at Gusto."
tags:
- incident-management
- pagerduty
- on-call
capability:
exposes:
- type: mcp
namespace: pd-oncall
port: 8080
tools:
- name: get-oncall
description: "Check on-call at Gusto."
inputParameters:
- name: schedule_id
in: body
type: string
description: "Schedule ID."
call: "pagerduty.get-oncall"
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user
type: string
mapping: "$.oncalls[0].user.summary"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
Payroll Tax Filing Orchestrator
▼
payroll compliance tax-filing snowflake google-sheets jira slack
Processes quarterly payroll tax filings by aggregating data from Snowflake, generating the filing report in Google Sheets, creating a compliance task in Jira, and notifying the compliance team in Slack.
naftiko: "0.5"
info:
label: "Payroll Tax Filing Orchestrator"
description: "Processes quarterly payroll tax filings by aggregating data from Snowflake, generating the filing report in Google Sheets, creating a compliance task in Jira, and notifying the compliance team in Slack."
tags:
- payroll
- compliance
- tax-filing
- snowflake
- google-sheets
- jira
- slack
capability:
exposes:
- type: mcp
namespace: tax-filing
port: 8080
tools:
- name: process-quarterly-filing
description: "Given a quarter and year, aggregate tax data, generate report, create compliance task, and notify the team."
inputParameters:
- name: quarter
in: body
type: string
description: "The quarter (Q1, Q2, Q3, Q4)."
- name: year
in: body
type: string
description: "The tax year."
steps:
- name: aggregate-tax-data
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT state, SUM(tax_withheld) as total_withheld, COUNT(DISTINCT employee_id) as employee_count FROM payroll_tax WHERE quarter='{{quarter}}' AND year='{{year}}' GROUP BY state"
warehouse: "PAYROLL_WH"
- name: generate-report
type: call
call: "google-sheets.create-spreadsheet"
with:
title: "Tax Filing Report — {{quarter}} {{year}}"
data: "{{aggregate-tax-data.results}}"
- name: create-compliance-task
type: call
call: "jira.create-issue"
with:
project: "COMPLY"
summary: "Quarterly tax filing: {{quarter}} {{year}}"
description: "Tax data aggregated. States: {{aggregate-tax-data.state_count}}. Report: {{generate-report.url}}."
issue_type: "Task"
- name: notify-team
type: call
call: "slack.post-message"
with:
channel: "compliance"
text: "Quarterly tax filing ready: {{quarter}} {{year}}. States: {{aggregate-tax-data.state_count}}. Report: {{generate-report.url}}. Jira: {{create-compliance-task.key}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: google-sheets
baseUri: "https://sheets.googleapis.com/v4"
authentication:
type: bearer
token: "$secrets.google_sheets_token"
resources:
- name: spreadsheets
path: "/spreadsheets"
operations:
- name: create-spreadsheet
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Postman API Health Check
▼
engineering api-testing postman
Runs a Postman monitor collection to health-check Gusto's public APIs and returns pass/fail results with response times.
naftiko: "0.5"
info:
label: "Postman API Health Check"
description: "Runs a Postman monitor collection to health-check Gusto's public APIs and returns pass/fail results with response times."
tags:
- engineering
- api-testing
- postman
capability:
exposes:
- type: mcp
namespace: api-health
port: 8080
tools:
- name: run-api-health-check
description: "Trigger a Postman monitor run by monitor ID. Returns pass/fail and response times."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Postman monitor ID."
call: "postman.run-monitor"
with:
monitor_id: "{{monitor_id}}"
consumes:
- type: http
namespace: postman
baseUri: "https://api.getpostman.com"
authentication:
type: apiKey
name: "X-Api-Key"
in: header
value: "$secrets.postman_api_key"
resources:
- name: monitors
path: "/monitors/{{monitor_id}}/run"
inputParameters:
- name: monitor_id
in: path
operations:
- name: run-monitor
method: POST
Incident Postmortem Pipeline
▼
incident-management postmortem pagerduty confluence
Creates postmortems at Gusto.
naftiko: "0.5"
info:
label: "Incident Postmortem Pipeline"
description: "Creates postmortems at Gusto."
tags:
- incident-management
- postmortem
- pagerduty
- confluence
capability:
exposes:
- type: mcp
namespace: postmortem
port: 8080
tools:
- name: create-postmortem
description: "Create postmortem at Gusto."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
steps:
- name: timeline
type: call
call: "pagerduty.get-log"
with:
id: "{{incident_id}}"
- name: metrics
type: call
call: "datadog.get-metrics"
with:
incident: "{{incident_id}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Postmortem: {{timeline.title}}"
body: "Impact: {{metrics.impact}}"
- name: review
type: call
call: "calendar.create-event"
with:
title: "Review: {{timeline.title}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents/{{id}}/log_entries"
inputParameters:
- name: id
in: path
operations:
- name: get-log
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: incidents
path: "/incidents"
operations:
- name: get-metrics
method: GET
- type: http
namespace: confluence
baseUri: "https://gusto.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/sre/events"
operations:
- name: create-event
method: POST
Power BI Refresh Check
▼
analytics power-bi dashboards
Checks Power BI refresh at Gusto.
naftiko: "0.5"
info:
label: "Power BI Refresh Check"
description: "Checks Power BI refresh at Gusto."
tags:
- analytics
- power-bi
- dashboards
capability:
exposes:
- type: mcp
namespace: pbi-refresh
port: 8080
tools:
- name: check-refresh
description: "Check refresh at Gusto."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Dataset ID."
call: "power-bi.get-refresh"
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].status"
consumes:
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh
method: GET
Product Feature Release Pipeline
▼
engineering release github confluence zendesk slack
Coordinates a feature release by checking GitHub CI status, updating the Confluence release notes, creating a Zendesk article for customer support, and announcing in Slack.
naftiko: "0.5"
info:
label: "Product Feature Release Pipeline"
description: "Coordinates a feature release by checking GitHub CI status, updating the Confluence release notes, creating a Zendesk article for customer support, and announcing in Slack."
tags:
- engineering
- release
- github
- confluence
- zendesk
- slack
capability:
exposes:
- type: mcp
namespace: release-mgmt
port: 8080
tools:
- name: release-feature
description: "Given a feature name and version, check CI, update docs, create support article, and announce."
inputParameters:
- name: feature_name
in: body
type: string
description: "The feature name."
- name: version
in: body
type: string
description: "The release version."
- name: repo_name
in: body
type: string
description: "The GitHub repository (owner/repo)."
steps:
- name: check-ci
type: call
call: "github.get-latest-workflow"
with:
repo: "{{repo_name}}"
- name: update-release-notes
type: call
call: "confluence.create-page"
with:
space_key: "ENG"
title: "Release Notes: {{feature_name}} v{{version}}"
body: "Feature: {{feature_name}}. Version: {{version}}. CI status: {{check-ci.conclusion}}. Released: today."
- name: create-support-article
type: call
call: "zendesk.create-article"
with:
title: "New Feature: {{feature_name}}"
body: "We've released {{feature_name}} (v{{version}}). Here's what's new and how to use it."
section_id: "product-updates"
- name: announce
type: call
call: "slack.post-message"
with:
channel: "product-releases"
text: "Released: {{feature_name}} v{{version}}. CI: {{check-ci.conclusion}}. Release notes: {{update-release-notes.url}}. Support article: {{create-support-article.url}}."
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflows
path: "/repos/{{repo}}/actions/runs?per_page=1"
inputParameters:
- name: repo
in: path
operations:
- name: get-latest-workflow
method: GET
- type: http
namespace: confluence
baseUri: "https://gusto.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: zendesk
baseUri: "https://gusto.zendesk.com/api/v2/help_center"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: articles
path: "/sections/{{section_id}}/articles"
inputParameters:
- name: section_id
in: path
operations:
- name: create-article
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Prometheus Metrics Query
▼
monitoring prometheus metrics
Queries Prometheus metrics at Gusto.
naftiko: "0.5"
info:
label: "Prometheus Metrics Query"
description: "Queries Prometheus metrics at Gusto."
tags:
- monitoring
- prometheus
- metrics
capability:
exposes:
- type: mcp
namespace: prom
port: 8080
tools:
- name: query
description: "Query Prometheus at Gusto."
inputParameters:
- name: query
in: body
type: string
description: "PromQL query."
call: "prometheus.query"
with:
query: "{{query}}"
outputParameters:
- name: value
type: number
mapping: "$.data.result[0].value[1]"
consumes:
- type: http
namespace: prometheus
baseUri: "https://prometheus.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.prometheus_token"
resources:
- name: queries
path: "/query"
operations:
- name: query
method: GET
Quarterly Compliance Report Pipeline
▼
compliance reporting snowflake power-bi
Generates compliance reports at Gusto from Snowflake, Power BI, and email.
naftiko: "0.5"
info:
label: "Quarterly Compliance Report Pipeline"
description: "Generates compliance reports at Gusto from Snowflake, Power BI, and email."
tags:
- compliance
- reporting
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: compliance-rpt
port: 8080
tools:
- name: gen-report
description: "Generate compliance reports at Gusto."
inputParameters:
- name: quarter
in: body
type: string
description: "Quarter."
- name: type
in: body
type: string
description: "Type."
steps:
- name: data
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM compliance WHERE q='{{quarter}}'"
- name: metrics
type: call
call: "analytics.compute"
with:
data: "{{data.results}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "compliance"
- name: send
type: call
call: "email.send"
with:
to: "compliance@co.com"
subject: "{{type}} - {{quarter}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: metrics
path: "/compute"
operations:
- name: compute
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Redis Cache Status
▼
caching redis infrastructure
Checks Redis at Gusto.
naftiko: "0.5"
info:
label: "Redis Cache Status"
description: "Checks Redis at Gusto."
tags:
- caching
- redis
- infrastructure
capability:
exposes:
- type: mcp
namespace: redis
port: 8080
tools:
- name: check-cache
description: "Check Redis at Gusto."
inputParameters:
- name: instance
in: body
type: string
description: "Instance ID."
call: "redis.get-info"
with:
instance: "{{instance}}"
outputParameters:
- name: memory
type: string
mapping: "$.used_memory_human"
consumes:
- type: http
namespace: redis
baseUri: "https://redis.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.redis_token"
resources:
- name: instances
path: "/instances/{{instance}}/info"
inputParameters:
- name: instance
in: path
operations:
- name: get-info
method: GET
Release Readiness Pipeline
▼
release-management devops quality
Checks release readiness at Gusto.
naftiko: "0.5"
info:
label: "Release Readiness Pipeline"
description: "Checks release readiness at Gusto."
tags:
- release-management
- devops
- quality
capability:
exposes:
- type: mcp
namespace: release-ready
port: 8080
tools:
- name: check-release
description: "Check release at Gusto."
inputParameters:
- name: release_id
in: body
type: string
description: "Release ID."
- name: project
in: body
type: string
description: "Project."
steps:
- name: tests
type: call
call: "azdo.get-tests"
with:
project: "{{project}}"
release: "{{release_id}}"
- name: quality
type: call
call: "sonarqube.get-gate"
with:
project: "{{project}}"
- name: security
type: call
call: "security.get-scan"
with:
project: "{{project}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Release - {{release_id}}"
body: "Tests: {{tests.pass_rate}}% Quality: {{quality.status}}"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/gusto.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: tests
path: "/{{project}}/_apis/test/runs"
inputParameters:
- name: project
in: path
operations:
- name: get-tests
method: GET
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.gusto.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality
path: "/qualitygates/project_status"
operations:
- name: get-gate
method: GET
- type: http
namespace: security
baseUri: "https://security.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: scans
path: "/results"
operations:
- name: get-scan
method: GET
- type: http
namespace: confluence
baseUri: "https://gusto.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Salesforce Customer Account Lookup
▼
crm customer-management salesforce
Retrieves a Gusto SMB customer account from Salesforce by account ID, returning company name, plan tier, employee count, and account manager.
naftiko: "0.5"
info:
label: "Salesforce Customer Account Lookup"
description: "Retrieves a Gusto SMB customer account from Salesforce by account ID, returning company name, plan tier, employee count, and account manager."
tags:
- crm
- customer-management
- salesforce
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-customer-account
description: "Look up an SMB customer account in Salesforce. Returns company name, plan, employee count, and owner."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID."
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://gusto.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
SAP PO Check
▼
procurement sap purchase-orders
Checks SAP PO at Gusto.
naftiko: "0.5"
info:
label: "SAP PO Check"
description: "Checks SAP PO at Gusto."
tags:
- procurement
- sap
- purchase-orders
capability:
exposes:
- type: mcp
namespace: sap-po
port: 8080
tools:
- name: get-po
description: "Check PO at Gusto."
inputParameters:
- name: po_number
in: body
type: string
description: "PO number."
call: "sap.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: vendor
type: string
mapping: "$.order.vendor"
- name: status
type: string
mapping: "$.order.status"
consumes:
- type: http
namespace: sap
baseUri: "https://sap.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: purchase-orders
path: "/purchase-orders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
Security Training Pipeline
▼
security training compliance
Manages security training at Gusto.
naftiko: "0.5"
info:
label: "Security Training Pipeline"
description: "Manages security training at Gusto."
tags:
- security
- training
- compliance
capability:
exposes:
- type: mcp
namespace: sec-training
port: 8080
tools:
- name: manage-training
description: "Manage training at Gusto."
inputParameters:
- name: campaign
in: body
type: string
description: "Campaign ID."
steps:
- name: untrained
type: call
call: "lms.get-incomplete"
with:
campaign: "{{campaign}}"
- name: remind
type: call
call: "email.batch"
with:
to: "{{untrained.emails}}"
subject: "Training due"
- name: track
type: call
call: "lms.get-completion"
with:
campaign: "{{campaign}}"
- name: report
type: call
call: "power-bi.refresh"
with:
dataset: "training"
consumes:
- type: http
namespace: lms
baseUri: "https://lms.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.lms_token"
resources:
- name: campaigns
path: "/campaigns/{{campaign}}/incomplete"
inputParameters:
- name: campaign
in: path
operations:
- name: get-incomplete
method: GET
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Security Vulnerability Remediation Pipeline
▼
security vulnerability-management jira
Remediates vulnerabilities at Gusto via scanning, Jira, and Slack.
naftiko: "0.5"
info:
label: "Security Vulnerability Remediation Pipeline"
description: "Remediates vulnerabilities at Gusto via scanning, Jira, and Slack."
tags:
- security
- vulnerability-management
- jira
capability:
exposes:
- type: mcp
namespace: vuln-fix
port: 8080
tools:
- name: remediate
description: "Fix vulnerabilities at Gusto."
inputParameters:
- name: target
in: body
type: string
description: "Target."
- name: policy
in: body
type: string
description: "Policy."
steps:
- name: scan
type: call
call: "qualys.scan"
with:
target: "{{target}}"
policy: "{{policy}}"
- name: prioritize
type: call
call: "security.prioritize"
with:
scan: "{{scan.id}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "Vulns: {{prioritize.critical}} critical"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Scan: {{prioritize.critical}} critical"
consumes:
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: scans
path: "/fo/scan"
operations:
- name: scan
method: POST
- type: http
namespace: security
baseUri: "https://security.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: vulns
path: "/prioritize"
operations:
- name: prioritize
method: POST
- type: http
namespace: jira
baseUri: "https://gusto.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Sentry Error Alert Pipeline
▼
engineering error-tracking sentry-system jira slack confluence
When Sentry detects a new error spike, creates a Jira bug ticket, posts the error details to the engineering Slack channel, and logs the incident in Confluence.
naftiko: "0.5"
info:
label: "Sentry Error Alert Pipeline"
description: "When Sentry detects a new error spike, creates a Jira bug ticket, posts the error details to the engineering Slack channel, and logs the incident in Confluence."
tags:
- engineering
- error-tracking
- sentry-system
- jira
- slack
- confluence
capability:
exposes:
- type: mcp
namespace: error-response
port: 8080
tools:
- name: handle-error-spike
description: "Given a Sentry issue ID and error details, create Jira bug, notify engineering, and document."
inputParameters:
- name: sentry_issue_id
in: body
type: string
description: "The Sentry issue ID."
- name: error_title
in: body
type: string
description: "The error title."
- name: error_count
in: body
type: number
description: "Number of occurrences in the spike."
- name: affected_service
in: body
type: string
description: "The affected service name."
steps:
- name: create-bug
type: call
call: "jira.create-issue"
with:
project: "ENG"
summary: "Error spike: {{error_title}} in {{affected_service}}"
description: "Sentry issue: {{sentry_issue_id}}. Occurrences: {{error_count}}. Service: {{affected_service}}."
issue_type: "Bug"
priority: "High"
- name: notify-engineering
type: call
call: "slack.post-message"
with:
channel: "engineering-alerts"
text: "ERROR SPIKE: {{error_title}} in {{affected_service}} ({{error_count}} occurrences). Sentry: {{sentry_issue_id}}. Jira: {{create-bug.key}}."
- name: document-incident
type: call
call: "confluence.create-page"
with:
space_key: "INCIDENTS"
title: "Error Spike: {{error_title}} — {{affected_service}}"
body: "Sentry: {{sentry_issue_id}}. Error: {{error_title}}. Service: {{affected_service}}. Count: {{error_count}}. Jira: {{create-bug.key}}."
consumes:
- type: http
namespace: jira
baseUri: "https://gusto.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: confluence
baseUri: "https://gusto.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
ServiceNow Incident Detail Check
▼
it-service servicenow incident-management
Checks IT incident in ServiceNow for Gusto.
naftiko: "0.5"
info:
label: "ServiceNow Incident Detail Check"
description: "Checks IT incident in ServiceNow for Gusto."
tags:
- it-service
- servicenow
- incident-management
capability:
exposes:
- type: mcp
namespace: snow-incident
port: 8080
tools:
- name: check-incident
description: "Check incident at Gusto."
inputParameters:
- name: incident_number
in: body
type: string
description: "Incident number."
call: "servicenow.get-incident"
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
consumes:
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
SharePoint File Metadata
▼
document-management sharepoint collaboration
Retrieves SharePoint metadata at Gusto.
naftiko: "0.5"
info:
label: "SharePoint File Metadata"
description: "Retrieves SharePoint metadata at Gusto."
tags:
- document-management
- sharepoint
- collaboration
capability:
exposes:
- type: mcp
namespace: sp-docs
port: 8080
tools:
- name: get-file
description: "Look up file at Gusto."
inputParameters:
- name: site_id
in: body
type: string
description: "Site ID."
- name: file_path
in: body
type: string
description: "Path."
call: "sharepoint.get-file"
with:
site_id: "{{site_id}}"
path: "{{file_path}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
- name: size
type: number
mapping: "$.size"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: files
path: "/sites/{{site_id}}/drive/root:/{{path}}"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: get-file
method: GET
SLA Monitoring Pipeline
▼
operations sla datadog slack
Monitors SLAs at Gusto via Datadog and Slack.
naftiko: "0.5"
info:
label: "SLA Monitoring Pipeline"
description: "Monitors SLAs at Gusto via Datadog and Slack."
tags:
- operations
- sla
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: sla-monitor
port: 8080
tools:
- name: check-sla
description: "Monitor SLAs at Gusto."
inputParameters:
- name: service
in: body
type: string
description: "Service."
- name: target
in: body
type: number
description: "SLA target %."
steps:
- name: metrics
type: call
call: "datadog.get-sla"
with:
service: "{{service}}"
- name: check
type: call
call: "analytics.check-sla"
with:
uptime: "{{metrics.uptime}}"
target: "{{target}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "SLA: {{service}} at {{metrics.uptime}}% (target: {{target}}%)"
- name: log
type: call
call: "servicenow.create-incident"
with:
desc: "SLA breach: {{service}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/metrics"
operations:
- name: get-sla
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://gusto.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Slack Channel Notification
▼
communications slack
Sends a notification message to a Slack channel for operational alerts, release announcements, or team updates.
naftiko: "0.5"
info:
label: "Slack Channel Notification"
description: "Sends a notification message to a Slack channel for operational alerts, release announcements, or team updates."
tags:
- communications
- slack
capability:
exposes:
- type: mcp
namespace: notifications
port: 8080
tools:
- name: send-slack-message
description: "Post a message to a Slack channel."
inputParameters:
- name: channel
in: body
type: string
description: "The Slack channel name or ID."
- name: message
in: body
type: string
description: "The message text."
call: "slack.post-message"
with:
channel: "{{channel}}"
text: "{{message}}"
consumes:
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Analytics Query
▼
data-analytics snowflake
Executes a SQL query against Gusto's Snowflake data warehouse for payroll analytics, compliance reporting, and product usage metrics.
naftiko: "0.5"
info:
label: "Snowflake Analytics Query"
description: "Executes a SQL query against Gusto's Snowflake data warehouse for payroll analytics, compliance reporting, and product usage metrics."
tags:
- data-analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: data-warehouse
port: 8080
tools:
- name: run-query
description: "Execute a SQL query against Snowflake."
inputParameters:
- name: sql_statement
in: body
type: string
description: "The SQL query."
- name: warehouse
in: body
type: string
description: "The Snowflake warehouse."
call: "snowflake.execute-statement"
with:
statement: "{{sql_statement}}"
warehouse: "{{warehouse}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
Snowflake Warehouse Usage
▼
data snowflake analytics
Checks Snowflake warehouse usage at Gusto.
naftiko: "0.5"
info:
label: "Snowflake Warehouse Usage"
description: "Checks Snowflake warehouse usage at Gusto."
tags:
- data
- snowflake
- analytics
capability:
exposes:
- type: mcp
namespace: sf-usage
port: 8080
tools:
- name: check-warehouse
description: "Check warehouse at Gusto."
inputParameters:
- name: warehouse
in: body
type: string
description: "Warehouse."
call: "snowflake.get-usage"
with:
warehouse: "{{warehouse}}"
outputParameters:
- name: credits
type: number
mapping: "$.data.credits_used"
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: warehouses
path: "/statements"
operations:
- name: get-usage
method: GET
SonarQube Quality Check
▼
code-quality sonarqube devops
Checks code quality at Gusto.
naftiko: "0.5"
info:
label: "SonarQube Quality Check"
description: "Checks code quality at Gusto."
tags:
- code-quality
- sonarqube
- devops
capability:
exposes:
- type: mcp
namespace: sq
port: 8080
tools:
- name: check-quality
description: "Check quality at Gusto."
inputParameters:
- name: project
in: body
type: string
description: "Project key."
call: "sonarqube.get-measures"
with:
project: "{{project}}"
outputParameters:
- name: bugs
type: number
mapping: "$.component.measures[0].value"
consumes:
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.gusto.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: measures
path: "/measures/component"
operations:
- name: get-measures
method: GET
Splunk Log Search
▼
security splunk logging
Searches Splunk at Gusto.
naftiko: "0.5"
info:
label: "Splunk Log Search"
description: "Searches Splunk at Gusto."
tags:
- security
- splunk
- logging
capability:
exposes:
- type: mcp
namespace: splunk-search
port: 8080
tools:
- name: search-logs
description: "Search logs at Gusto."
inputParameters:
- name: query
in: body
type: string
description: "SPL query."
call: "splunk.search"
with:
query: "{{query}}"
outputParameters:
- name: count
type: number
mapping: "$.results.count"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.gusto.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
Teams Channel Activity
▼
communications microsoft-teams analytics
Retrieves Teams activity at Gusto.
naftiko: "0.5"
info:
label: "Teams Channel Activity"
description: "Retrieves Teams activity at Gusto."
tags:
- communications
- microsoft-teams
- analytics
capability:
exposes:
- type: mcp
namespace: teams-activity
port: 8080
tools:
- name: get-activity
description: "Check Teams activity at Gusto."
inputParameters:
- name: team_id
in: body
type: string
description: "Team ID."
- name: channel_id
in: body
type: string
description: "Channel ID."
call: "teams.get-messages"
with:
team_id: "{{team_id}}"
channel_id: "{{channel_id}}"
outputParameters:
- name: count
type: number
mapping: "$.value.length"
consumes:
- type: http
namespace: teams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: get-messages
method: GET
Terraform Workspace Check
▼
infrastructure terraform iac
Checks Terraform workspace at Gusto.
naftiko: "0.5"
info:
label: "Terraform Workspace Check"
description: "Checks Terraform workspace at Gusto."
tags:
- infrastructure
- terraform
- iac
capability:
exposes:
- type: mcp
namespace: tf-ws
port: 8080
tools:
- name: check-ws
description: "Check workspace at Gusto."
inputParameters:
- name: workspace_id
in: body
type: string
description: "Workspace ID."
call: "terraform.get-ws"
with:
workspace_id: "{{workspace_id}}"
outputParameters:
- name: name
type: string
mapping: "$.data.attributes.name"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/workspaces/{{workspace_id}}"
inputParameters:
- name: workspace_id
in: path
operations:
- name: get-ws
method: GET
Vault Secret Metadata
▼
security vault secrets-management
Checks Vault secret at Gusto.
naftiko: "0.5"
info:
label: "Vault Secret Metadata"
description: "Checks Vault secret at Gusto."
tags:
- security
- vault
- secrets-management
capability:
exposes:
- type: mcp
namespace: vault
port: 8080
tools:
- name: check-secret
description: "Check secret at Gusto."
inputParameters:
- name: path
in: body
type: string
description: "Secret path."
call: "vault.get-metadata"
with:
path: "{{path}}"
outputParameters:
- name: version
type: number
mapping: "$.data.current_version"
consumes:
- type: http
namespace: vault
baseUri: "https://vault.gusto.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: secrets
path: "/secret/metadata/{{path}}"
inputParameters:
- name: path
in: path
operations:
- name: get-metadata
method: GET
Vendor Invoice Processing Pipeline
▼
finance accounts-payable sap oracle
Processes invoices at Gusto via OCR, SAP matching, approval, and Oracle recording.
naftiko: "0.5"
info:
label: "Vendor Invoice Processing Pipeline"
description: "Processes invoices at Gusto via OCR, SAP matching, approval, and Oracle recording."
tags:
- finance
- accounts-payable
- sap
- oracle
capability:
exposes:
- type: mcp
namespace: invoice-proc
port: 8080
tools:
- name: process-invoice
description: "Process invoices at Gusto."
inputParameters:
- name: invoice_id
in: body
type: string
description: "Invoice ID."
- name: vendor_id
in: body
type: string
description: "Vendor ID."
steps:
- name: extract
type: call
call: "ocr.extract"
with:
doc: "{{invoice_id}}"
- name: match
type: call
call: "sap.match-po"
with:
vendor: "{{vendor_id}}"
amount: "{{extract.total}}"
- name: approve
type: call
call: "workflow.submit"
with:
invoice: "{{invoice_id}}"
- name: record
type: call
call: "oracle.create-payment"
with:
invoice: "{{invoice_id}}"
consumes:
- type: http
namespace: ocr
baseUri: "https://ocr.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.ocr_token"
resources:
- name: invoices
path: "/extract"
operations:
- name: extract
method: POST
- type: http
namespace: sap
baseUri: "https://sap.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: pos
path: "/match"
operations:
- name: match-po
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: approvals
path: "/submit"
operations:
- name: submit
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: payments
path: "/payments"
operations:
- name: create-payment
method: POST
Quarterly Vendor Review Pipeline
▼
procurement vendor-management review
Reviews vendors at Gusto.
naftiko: "0.5"
info:
label: "Quarterly Vendor Review Pipeline"
description: "Reviews vendors at Gusto."
tags:
- procurement
- vendor-management
- review
capability:
exposes:
- type: mcp
namespace: vendor-review
port: 8080
tools:
- name: review-vendor
description: "Review vendors at Gusto."
inputParameters:
- name: vendor_id
in: body
type: string
description: "Vendor ID."
- name: quarter
in: body
type: string
description: "Quarter."
steps:
- name: perf
type: call
call: "procurement.get-metrics"
with:
vendor: "{{vendor_id}}"
q: "{{quarter}}"
- name: scorecard
type: call
call: "analytics.scorecard"
with:
data: "{{perf.data}}"
- name: invite
type: call
call: "email.send"
with:
to: "{{perf.contact}}"
subject: "QBR - {{quarter}}"
- name: schedule
type: call
call: "calendar.create-event"
with:
title: "QBR - {{perf.name}}"
consumes:
- type: http
namespace: procurement
baseUri: "https://procurement.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.procurement_token"
resources:
- name: vendors
path: "/vendors/{{vendor}}/metrics"
inputParameters:
- name: vendor
in: path
operations:
- name: get-metrics
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: scorecards
path: "/compute"
operations:
- name: scorecard
method: POST
- type: http
namespace: email
baseUri: "https://email.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/proc/events"
operations:
- name: create-event
method: POST
Weekly Payroll Processing Report
▼
payroll reporting snowflake google-sheets looker slack
Aggregates weekly payroll processing metrics from Snowflake, creates a summary in Google Sheets, refreshes the Looker dashboard, and posts results to Slack.
naftiko: "0.5"
info:
label: "Weekly Payroll Processing Report"
description: "Aggregates weekly payroll processing metrics from Snowflake, creates a summary in Google Sheets, refreshes the Looker dashboard, and posts results to Slack."
tags:
- payroll
- reporting
- snowflake
- google-sheets
- looker
- slack
capability:
exposes:
- type: mcp
namespace: payroll-reporting
port: 8080
tools:
- name: generate-weekly-payroll-report
description: "Given a week ending date, aggregate metrics, create spreadsheet, refresh dashboard, and notify."
inputParameters:
- name: week_ending
in: body
type: string
description: "Week ending date in YYYY-MM-DD format."
steps:
- name: get-metrics
type: call
call: "snowflake.execute-statement"
with:
statement: "SELECT COUNT(DISTINCT company_id) as companies, COUNT(DISTINCT employee_id) as employees, SUM(gross_pay) as total_gross FROM payroll_runs WHERE week_ending='{{week_ending}}'"
warehouse: "PAYROLL_WH"
- name: create-report
type: call
call: "google-sheets.create-spreadsheet"
with:
title: "Payroll Report — W/E {{week_ending}}"
data: "{{get-metrics.results}}"
- name: refresh-dashboard
type: call
call: "looker.run-look"
with:
look_id: "weekly-payroll-summary"
- name: post-summary
type: call
call: "slack.post-message"
with:
channel: "payroll-ops"
text: "Weekly Payroll Report (w/e {{week_ending}}): {{get-metrics.companies}} companies, {{get-metrics.employees}} employees, ${{get-metrics.total_gross}} gross pay processed. Report: {{create-report.url}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://gusto.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: google-sheets
baseUri: "https://sheets.googleapis.com/v4"
authentication:
type: bearer
token: "$secrets.google_sheets_token"
resources:
- name: spreadsheets
path: "/spreadsheets"
operations:
- name: create-spreadsheet
method: POST
- type: http
namespace: looker
baseUri: "https://gusto.cloud.looker.com/api/4.0"
authentication:
type: bearer
token: "$secrets.looker_token"
resources:
- name: looks
path: "/looks/{{look_id}}/run/json"
inputParameters:
- name: look_id
in: path
operations:
- name: run-look
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Workday Employee Profile Lookup
▼
hr workday employee-directory
Retrieves employee profile from Workday for Gusto.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves employee profile from Workday for Gusto."
tags:
- hr
- workday
- employee-directory
capability:
exposes:
- type: mcp
namespace: workday-profile
port: 8080
tools:
- name: get-employee-profile
description: "Look up Gusto employee in Workday."
inputParameters:
- name: employee_id
in: body
type: string
description: "Employee ID."
call: "workday.get-worker"
with:
employee_id: "{{employee_id}}"
outputParameters:
- name: name
type: string
mapping: "$.worker.name"
- name: title
type: string
mapping: "$.worker.title"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5.gusto.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{employee_id}}"
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
Zendesk Support Ticket Lookup
▼
customer-service zendesk
Retrieves a Zendesk support ticket by ID, returning subject, status, priority, assignee, and customer details.
naftiko: "0.5"
info:
label: "Zendesk Support Ticket Lookup"
description: "Retrieves a Zendesk support ticket by ID, returning subject, status, priority, assignee, and customer details."
tags:
- customer-service
- zendesk
capability:
exposes:
- type: mcp
namespace: support
port: 8080
tools:
- name: get-ticket
description: "Look up a Zendesk ticket by ID. Returns subject, status, priority, and assignee."
inputParameters:
- name: ticket_id
in: body
type: string
description: "The Zendesk ticket ID."
call: "zendesk.get-ticket"
with:
ticket_id: "{{ticket_id}}"
consumes:
- type: http
namespace: zendesk
baseUri: "https://gusto.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{ticket_id}}"
inputParameters:
- name: ticket_id
in: path
operations:
- name: get-ticket
method: GET
Zendesk Ticket Check
▼
support zendesk ticketing
Checks Zendesk ticket at Gusto.
naftiko: "0.5"
info:
label: "Zendesk Ticket Check"
description: "Checks Zendesk ticket at Gusto."
tags:
- support
- zendesk
- ticketing
capability:
exposes:
- type: mcp
namespace: zd-ticket
port: 8080
tools:
- name: check-ticket
description: "Check ticket at Gusto."
inputParameters:
- name: ticket_id
in: body
type: string
description: "Ticket ID."
call: "zendesk.get-ticket"
with:
id: "{{ticket_id}}"
outputParameters:
- name: status
type: string
mapping: "$.ticket.status"
consumes:
- type: http
namespace: zendesk
baseUri: "https://gusto.com.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{id}}.json"
inputParameters:
- name: id
in: path
operations:
- name: get-ticket
method: GET