Intel Capabilities
Naftiko 0.5 capability definitions for Intel - 101 capabilities showing integration workflows and service orchestrations.
Sort
Expand
ADP Payroll Discrepancy
▼
hr finance adp workday servicenow
Creates task.
naftiko: "0.5"
info:
label: "ADP Payroll Discrepancy"
description: "Creates task."
tags:
- hr
- finance
- adp
- workday
- servicenow
capability:
exposes:
- type: mcp
namespace: adp
port: 8080
tools:
- name: adp-payroll-discrepancy-task
description: "Creates task."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "adp.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "ADP Payroll Discrepancy"
consumes:
- type: http
namespace: adp
baseUri: "https://adp.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
ADP Payroll Run Validation
▼
hr finance workday servicenow payroll
Before each payroll run, compares ADP headcount totals against Workday HCM employee counts and creates a ServiceNow task if discrepancies are found.
naftiko: "0.5"
info:
label: "ADP Payroll Run Validation"
description: "Before each payroll run, compares ADP headcount totals against Workday HCM employee counts and creates a ServiceNow task if discrepancies are found."
tags:
- hr
- finance
- workday
- servicenow
- payroll
capability:
exposes:
- type: mcp
namespace: payroll-validation
port: 8080
tools:
- name: validate-payroll-headcount
description: "Given a payroll period code, compare ADP active employee count against Workday HCM for the same period and raise a ServiceNow task for any headcount mismatch."
inputParameters:
- name: payroll_period
in: body
type: string
description: "ADP payroll period code, e.g. 2025-W14."
steps:
- name: get-adp-count
type: call
call: "adp.get-worker-count"
with:
period: "{{payroll_period}}"
- name: get-wd-count
type: call
call: "workday-payroll.get-worker-count"
with:
asOfDate: "{{payroll_period}}"
- name: create-mismatch-task
type: call
call: "servicenow-payroll.create-task"
with:
short_description: "Payroll headcount mismatch: ADP={{get-adp-count.count}} vs Workday={{get-wd-count.count}}"
category: "payroll"
assignment_group: "HR_Payroll"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: worker-count
path: "/hr/v2/workers"
inputParameters:
- name: period
in: query
operations:
- name: get-worker-count
method: GET
- type: http
namespace: workday-payroll
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers"
inputParameters:
- name: asOfDate
in: query
operations:
- name: get-worker-count
method: GET
- type: http
namespace: servicenow-payroll
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
AWS CloudWatch Alarm to ServiceNow
▼
cloud itsm aws servicenow slack
When a CloudWatch alarm fires, creates a ServiceNow incident and notifies infrastructure team.
naftiko: "0.5"
info:
label: "AWS CloudWatch Alarm to ServiceNow"
description: "When a CloudWatch alarm fires, creates a ServiceNow incident and notifies infrastructure team."
tags:
- cloud
- itsm
- aws
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: cloud-ops
port: 8080
tools:
- name: handle-alarm
description: "Given a CloudWatch alarm name, create a ServiceNow incident."
inputParameters:
- name: alarm_name
in: body
type: string
description: "CloudWatch alarm name."
steps:
- name: get-alarm
type: call
call: "cloudwatch.describe-alarm"
with:
alarm_name: "{{alarm_name}}"
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "CloudWatch: {{alarm_name}} — {{get-alarm.StateReason}}"
urgency: "2"
assignment_group: "Cloud_Infrastructure"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#infra-alerts"
text: "ServiceNow {{create-incident.number}} for CloudWatch alarm {{alarm_name}}"
consumes:
- type: http
namespace: cloudwatch
baseUri: "https://monitoring.us-west-2.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sigv4_token"
placement: header
resources:
- name: alarms
path: "/?Action=DescribeAlarms&AlarmNames.member.1={{alarm_name}}"
inputParameters:
- name: alarm_name
in: query
operations:
- name: describe-alarm
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
AWS EC2 Instance Lookup
▼
cloud infrastructure aws
Retrieves the running state, type, and availability zone of an AWS EC2 instance.
naftiko: "0.5"
info:
label: "AWS EC2 Instance Lookup"
description: "Retrieves the running state, type, and availability zone of an AWS EC2 instance."
tags:
- cloud
- infrastructure
- aws
capability:
exposes:
- type: mcp
namespace: cloud-infra
port: 8080
tools:
- name: get-ec2-status
description: "Given an EC2 instance ID, return its running state and type."
inputParameters:
- name: instance_id
in: body
type: string
description: "EC2 instance ID."
call: aws.describe-instance
with:
instance_id: "{{instance_id}}"
consumes:
- type: http
namespace: aws
baseUri: "https://ec2.us-west-2.amazonaws.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.aws_sigv4_token"
placement: header
resources:
- name: instances
path: "/?Action=DescribeInstances&InstanceId.1={{instance_id}}"
inputParameters:
- name: instance_id
in: query
operations:
- name: describe-instance
method: GET
S3 Compliance Scan
▼
security compliance aws servicenow slack
Creates tasks.
naftiko: "0.5"
info:
label: "S3 Compliance Scan"
description: "Creates tasks."
tags:
- security
- compliance
- aws
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: aws
port: 8080
tools:
- name: aws-s3-compliance-to-servicenow-task
description: "Creates tasks."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "aws.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "S3 Compliance Scan"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "S3 Compliance Scan"
consumes:
- type: http
namespace: aws
baseUri: "https://aws.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.aws_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Azure Cost Anomaly to Jira
▼
cloud finops azure jira slack
Creates FinOps ticket.
naftiko: "0.5"
info:
label: "Azure Cost Anomaly to Jira"
description: "Creates FinOps ticket."
tags:
- cloud
- finops
- azure
- jira
- slack
capability:
exposes:
- type: mcp
namespace: azure
port: 8080
tools:
- name: azure-cost-anomaly-to-jira-ticket
description: "Creates FinOps ticket."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "azure.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Azure Cost Anomaly to Jira"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Azure Cost Anomaly to Jira"
consumes:
- type: http
namespace: azure
baseUri: "https://azure.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Azure Data Factory Pipeline Failure Alert
▼
data cloud azure-data-factory jira new-relic monitoring
Monitors Azure Data Factory pipeline run status and creates a Jira bug and a New Relic alert when a pipeline fails in the production data workspace.
naftiko: "0.5"
info:
label: "Azure Data Factory Pipeline Failure Alert"
description: "Monitors Azure Data Factory pipeline run status and creates a Jira bug and a New Relic alert when a pipeline fails in the production data workspace."
tags:
- data
- cloud
- azure-data-factory
- jira
- new-relic
- monitoring
capability:
exposes:
- type: mcp
namespace: adf-monitoring
port: 8080
tools:
- name: handle-adf-failure
description: "Given an Azure subscription ID, resource group, data factory name, and pipeline run ID, retrieve failure details and create a Jira bug and New Relic alert event."
inputParameters:
- name: subscription_id
in: body
type: string
description: "Azure subscription ID."
- name: resource_group
in: body
type: string
description: "Azure resource group name."
- name: factory_name
in: body
type: string
description: "Azure Data Factory name."
- name: pipeline_run_id
in: body
type: string
description: "Azure Data Factory pipeline run ID."
steps:
- name: get-pipeline-run
type: call
call: "azure-adf.get-pipeline-run"
with:
subscriptionId: "{{subscription_id}}"
resourceGroupName: "{{resource_group}}"
factoryName: "{{factory_name}}"
runId: "{{pipeline_run_id}}"
- name: create-jira-bug
type: call
call: "jira-adf.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "ADF Pipeline Failure: {{get-pipeline-run.pipelineName}} in {{factory_name}}"
description: "Run ID: {{pipeline_run_id}} | Error: {{get-pipeline-run.message}}"
- name: post-nr-event
type: call
call: "newrelic-adf.post-event"
with:
eventType: "AdfPipelineFailure"
pipelineName: "{{get-pipeline-run.pipelineName}}"
factoryName: "{{factory_name}}"
jiraKey: "{{create-jira-bug.key}}"
consumes:
- type: http
namespace: azure-adf
baseUri: "https://management.azure.com/subscriptions/{{subscriptionId}}/resourceGroups/{{resourceGroupName}}/providers/Microsoft.DataFactory/factories/{{factoryName}}"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: pipeline-runs
path: "/pipelineruns/{{runId}}"
inputParameters:
- name: subscriptionId
in: path
- name: resourceGroupName
in: path
- name: factoryName
in: path
- name: runId
in: path
operations:
- name: get-pipeline-run
method: GET
- type: http
namespace: jira-adf
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: newrelic-adf
baseUri: "https://insights-collector.newrelic.com/v1"
authentication:
type: apikey
key: "X-Insert-Key"
value: "$secrets.newrelic_insert_key"
placement: header
resources:
- name: events
path: "/accounts/{{account_id}}/events"
inputParameters:
- name: account_id
in: path
operations:
- name: post-event
method: POST
Azure Databricks Failure to Jira
▼
data devops azure-databricks jira slack
Creates Jira for Databricks failures.
naftiko: "0.5"
info:
label: "Azure Databricks Failure to Jira"
description: "Creates Jira for Databricks failures."
tags:
- data
- devops
- azure-databricks
- jira
- slack
capability:
exposes:
- type: mcp
namespace: azure
port: 8080
tools:
- name: azure-databricks-failure-to-jira-task
description: "Creates Jira for Databricks failures."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "data.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Azure Databricks Failure to Jira"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Azure Databricks Failure to Jira"
consumes:
- type: http
namespace: data
baseUri: "https://data.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Azure Databricks ML Pipeline Monitoring
▼
ai data azure-databricks jira datadog monitoring
Checks Azure Databricks job run status for ML training pipelines and creates a Jira ticket and Datadog alert when a run fails or exceeds duration thresholds.
naftiko: "0.5"
info:
label: "Azure Databricks ML Pipeline Monitoring"
description: "Checks Azure Databricks job run status for ML training pipelines and creates a Jira ticket and Datadog alert when a run fails or exceeds duration thresholds."
tags:
- ai
- data
- azure-databricks
- jira
- datadog
- monitoring
capability:
exposes:
- type: mcp
namespace: ml-pipeline-ops
port: 8080
tools:
- name: monitor-databricks-job
description: "Given an Azure Databricks workspace URL and job ID, check the latest run status and alert via Jira and Datadog if the run has failed or exceeded the allowed duration."
inputParameters:
- name: workspace_url
in: body
type: string
description: "Azure Databricks workspace URL, e.g. https://adb-1234.azuredatabricks.net."
- name: job_id
in: body
type: string
description: "Databricks job ID."
- name: max_duration_minutes
in: body
type: integer
description: "Maximum allowed job run duration in minutes."
steps:
- name: get-job-run
type: call
call: "databricks.get-latest-run"
with:
job_id: "{{job_id}}"
- name: create-jira-ticket
type: call
call: "jira-ml.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Databricks ML job failure: {{job_id}}"
description: "Run ID: {{get-job-run.run_id}} | State: {{get-job-run.state.result_state}} | Duration: {{get-job-run.execution_duration}}ms"
- name: post-dd-alert
type: call
call: "datadog-db.post-event"
with:
title: "Databricks Job Failed: {{job_id}}"
text: "Jira: {{create-jira-ticket.key}} | Run: {{get-job-run.run_id}}"
alert_type: "error"
consumes:
- type: http
namespace: databricks
baseUri: "https://adb-{{workspace_id}}.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: runs
path: "/jobs/runs/get-latest-by-name"
inputParameters:
- name: job_id
in: query
operations:
- name: get-latest-run
method: GET
- type: http
namespace: jira-ml
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog-db
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: post-event
method: POST
Azure DevOps to Jira
▼
devops ci-cd azure-devops jira
Creates bug.
naftiko: "0.5"
info:
label: "Azure DevOps to Jira"
description: "Creates bug."
tags:
- devops
- ci-cd
- azure-devops
- jira
capability:
exposes:
- type: mcp
namespace: azure
port: 8080
tools:
- name: azure-devops-pipeline-to-jira-bug
description: "Creates bug."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "azure-devops.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Azure DevOps to Jira"
consumes:
- type: http
namespace: azure-devops
baseUri: "https://azure-devops.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.azure_devops_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Azure Resource Cost Lookup
▼
cloud finops azure
Queries Azure Cost Management for current month spend of a resource group.
naftiko: "0.5"
info:
label: "Azure Resource Cost Lookup"
description: "Queries Azure Cost Management for current month spend of a resource group."
tags:
- cloud
- finops
- azure
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: get-resource-cost
description: "Given an Azure subscription and resource group, return the current month cost."
inputParameters:
- name: subscription_id
in: body
type: string
description: "Azure subscription ID."
- name: resource_group
in: body
type: string
description: "Resource group name."
call: azure-cost.get-cost
with:
subscription_id: "{{subscription_id}}"
resource_group: "{{resource_group}}"
consumes:
- type: http
namespace: azure-cost
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: cost
path: "/subscriptions/{{subscription_id}}/resourceGroups/{{resource_group}}/providers/Microsoft.CostManagement/query"
inputParameters:
- name: subscription_id
in: path
- name: resource_group
in: path
operations:
- name: get-cost
method: POST
Cloudflare DNS Lookup
▼
networking dns cloudflare
Lists DNS records for a Cloudflare zone, returning record types, values, and TTL.
naftiko: "0.5"
info:
label: "Cloudflare DNS Lookup"
description: "Lists DNS records for a Cloudflare zone, returning record types, values, and TTL."
tags:
- networking
- dns
- cloudflare
capability:
exposes:
- type: mcp
namespace: dns
port: 8080
tools:
- name: list-dns-records
description: "Given a Cloudflare zone ID, return all DNS records."
inputParameters:
- name: zone_id
in: body
type: string
description: "Cloudflare zone ID."
call: cloudflare.list-records
with:
zone_id: "{{zone_id}}"
consumes:
- type: http
namespace: cloudflare
baseUri: "https://api.cloudflare.com/client/v4"
authentication:
type: bearer
token: "$secrets.cloudflare_token"
resources:
- name: dns-records
path: "/zones/{{zone_id}}/dns_records"
inputParameters:
- name: zone_id
in: path
operations:
- name: list-records
method: GET
Cloudflare WAF to PagerDuty
▼
security networking cloudflare pagerduty
Blocks and alerts.
naftiko: "0.5"
info:
label: "Cloudflare WAF to PagerDuty"
description: "Blocks and alerts."
tags:
- security
- networking
- cloudflare
- pagerduty
capability:
exposes:
- type: mcp
namespace: cloudflare
port: 8080
tools:
- name: cloudflare-waf-block-to-pagerduty-alert
description: "Blocks and alerts."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "cloudflare.get-data"
with:
id: "{{input_id}}"
- name: create-incident
type: call
call: "pagerduty.create-incident"
with:
title: "Cloudflare WAF to PagerDuty"
consumes:
- type: http
namespace: cloudflare
baseUri: "https://cloudflare.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.cloudflare_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "Token token=$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
CMDB Drift Detection
▼
itsm infrastructure servicenow terraform governance
Creates tasks.
naftiko: "0.5"
info:
label: "CMDB Drift Detection"
description: "Creates tasks."
tags:
- itsm
- infrastructure
- servicenow
- terraform
- governance
capability:
exposes:
- type: mcp
namespace: cmdb
port: 8080
tools:
- name: cmdb-drift-detection-task
description: "Creates tasks."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "infrastructure.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "CMDB Drift Detection"
consumes:
- type: http
namespace: infrastructure
baseUri: "https://infrastructure.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.infrastructure_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
Confluence Knowledge Base Article Quality Gate
▼
devops knowledge-management jira governance
Scans newly published Confluence pages in a designated space for completeness criteria and creates a Jira task when pages fail the quality check.
naftiko: "0.5"
info:
label: "Confluence Knowledge Base Article Quality Gate"
description: "Scans newly published Confluence pages in a designated space for completeness criteria and creates a Jira task when pages fail the quality check."
tags:
- devops
- knowledge-management
- jira
- governance
capability:
exposes:
- type: mcp
namespace: kb-quality
port: 8080
tools:
- name: gate-confluence-article
description: "Given a Confluence space key and page ID, validate the page against completeness criteria and create a Jira improvement task if any criteria fail."
inputParameters:
- name: space_key
in: body
type: string
description: "Confluence space key, e.g. ENGDOCS."
- name: page_id
in: body
type: string
description: "Confluence page ID to validate."
steps:
- name: get-page
type: call
call: "confluence.get-page"
with:
pageId: "{{page_id}}"
- name: create-jira-task
type: call
call: "jira-kb.create-issue"
with:
project_key: "DOCS"
issuetype: "Task"
summary: "KB quality gate fail: {{get-page.title}} ({{page_id}})"
description: "Page: {{get-page.title}} in space {{space_key}} failed completeness criteria. Author: {{get-page.version.by.displayName}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://intel.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_token"
resources:
- name: pages
path: "/content/{{pageId}}"
inputParameters:
- name: pageId
in: path
operations:
- name: get-page
method: GET
- type: http
namespace: jira-kb
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Confluence Page Lookup
▼
knowledge confluence documentation
Retrieves a Confluence page by title and space key, returning content body and last modified date.
naftiko: "0.5"
info:
label: "Confluence Page Lookup"
description: "Retrieves a Confluence page by title and space key, returning content body and last modified date."
tags:
- knowledge
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: knowledge
port: 8080
tools:
- name: get-page
description: "Given a space key and page title, return the Confluence page content."
inputParameters:
- name: space_key
in: body
type: string
description: "Confluence space key."
- name: page_title
in: body
type: string
description: "Page title."
call: confluence.get-page
with:
spaceKey: "{{space_key}}"
title: "{{page_title}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://intel-wiki.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: get-page
method: GET
Runbook from PagerDuty
▼
operations documentation pagerduty confluence slack
Posts runbook.
naftiko: "0.5"
info:
label: "Runbook from PagerDuty"
description: "Posts runbook."
tags:
- operations
- documentation
- pagerduty
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: confluence
port: 8080
tools:
- name: confluence-runbook-from-pagerduty-inc
description: "Posts runbook."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "pagerduty.get-data"
with:
id: "{{input_id}}"
- name: create-incident
type: call
call: "pagerduty.create-incident"
with:
title: "Runbook from PagerDuty"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Runbook from PagerDuty"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://pagerduty.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "Token token=$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Alert to PagerDuty and Slack
▼
observability incident-response datadog pagerduty slack
When a Datadog monitor triggers critical, creates a PagerDuty incident and posts a summary to Slack.
naftiko: "0.5"
info:
label: "Datadog Alert to PagerDuty and Slack"
description: "When a Datadog monitor triggers critical, creates a PagerDuty incident and posts a summary to Slack."
tags:
- observability
- incident-response
- datadog
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: incident-ops
port: 8080
tools:
- name: escalate-alert
description: "Given a Datadog monitor ID, create a PagerDuty incident and notify Slack."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID."
- name: service_id
in: body
type: string
description: "PagerDuty service ID."
steps:
- name: get-monitor
type: call
call: "datadog.get-monitor"
with:
monitor_id: "{{monitor_id}}"
- name: create-incident
type: call
call: "pagerduty.create-incident"
with:
service_id: "{{service_id}}"
title: "Datadog Critical: {{get-monitor.name}}"
urgency: "high"
- name: notify-slack
type: call
call: "slack.post-message"
with:
channel: "#oncall-alerts"
text: "PagerDuty incident {{create-incident.incident.id}} created for {{get-monitor.name}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "Token token=$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Infrastructure Alert to ServiceNow Incident
▼
observability itsm datadog servicenow microsoft-teams incident-response
When a Datadog monitor transitions to alert state for a production host, creates a P1 ServiceNow incident and notifies the on-call team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Alert to ServiceNow Incident"
description: "When a Datadog monitor transitions to alert state for a production host, creates a P1 ServiceNow incident and notifies the on-call team via Microsoft Teams."
tags:
- observability
- itsm
- datadog
- servicenow
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: infra-incident
port: 8080
tools:
- name: handle-infra-alert
description: "Given a Datadog monitor ID and host name, retrieve alert details, open a P1 ServiceNow incident, and post an alert notification to the Intel NOC Teams channel."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID that triggered the alert."
- name: host_name
in: body
type: string
description: "Affected host name."
steps:
- name: get-monitor
type: call
call: "datadog-monitor.get-monitor"
with:
monitor_id: "{{monitor_id}}"
- name: create-incident
type: call
call: "servicenow-inc.create-incident"
with:
short_description: "Infra alert: {{host_name}} — {{get-monitor.name}}"
urgency: "1"
impact: "1"
category: "infrastructure"
- name: notify-teams
type: call
call: "msteams-noc.post-message"
with:
channel_id: "$secrets.noc_teams_channel_id"
message: "P1 INCIDENT: {{get-monitor.name}} on {{host_name}} | SN: {{create-incident.number}}"
consumes:
- type: http
namespace: datadog-monitor
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow-inc
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-noc
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Latency Spike to Jira
▼
observability devops datadog jira slack
Creates ticket.
naftiko: "0.5"
info:
label: "Latency Spike to Jira"
description: "Creates ticket."
tags:
- observability
- devops
- datadog
- jira
- slack
capability:
exposes:
- type: mcp
namespace: datadog
port: 8080
tools:
- name: datadog-latency-spike-to-jira-ticket
description: "Creates ticket."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "observability.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Latency Spike to Jira"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Latency Spike to Jira"
consumes:
- type: http
namespace: observability
baseUri: "https://observability.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.observability_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Monitor Status Lookup
▼
observability datadog monitoring
Retrieves the current status and details of a Datadog monitor by ID for observability queries.
naftiko: "0.5"
info:
label: "Datadog Monitor Status Lookup"
description: "Retrieves the current status and details of a Datadog monitor by ID for observability queries."
tags:
- observability
- datadog
- monitoring
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: get-monitor-status
description: "Given a Datadog monitor ID, return the current status and trigger details."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID."
call: datadog.get-monitor
with:
monitor_id: "{{monitor_id}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
Dynatrace Problem Detection to Jira Bug
▼
observability itsm dynatrace jira servicenow incident-response
When Dynatrace detects a performance problem affecting a production service, creates a Jira bug with full problem context and links it to the ServiceNow incident.
naftiko: "0.5"
info:
label: "Dynatrace Problem Detection to Jira Bug"
description: "When Dynatrace detects a performance problem affecting a production service, creates a Jira bug with full problem context and links it to the ServiceNow incident."
tags:
- observability
- itsm
- dynatrace
- jira
- servicenow
- incident-response
capability:
exposes:
- type: mcp
namespace: dynatrace-ops
port: 8080
tools:
- name: handle-dynatrace-problem
description: "Given a Dynatrace problem ID, retrieve problem details, create a Jira bug for root-cause analysis, and open a ServiceNow incident linked to the Jira ticket."
inputParameters:
- name: problem_id
in: body
type: string
description: "Dynatrace problem ID, e.g. P-12345."
steps:
- name: get-problem
type: call
call: "dynatrace.get-problem"
with:
problemId: "{{problem_id}}"
- name: create-jira-bug
type: call
call: "jira-bug.create-issue"
with:
project_key: "OPS"
issuetype: "Bug"
summary: "Dynatrace: {{get-problem.title}} ({{problem_id}})"
description: "Impact: {{get-problem.impactedEntities}} | Root cause: {{get-problem.rootCauseEntity}}"
- name: create-sn-incident
type: call
call: "servicenow-dt.create-incident"
with:
short_description: "Dynatrace problem: {{get-problem.title}}"
category: "performance"
urgency: "2"
description: "Jira: {{create-jira-bug.key}} | Problem: {{problem_id}}"
consumes:
- type: http
namespace: dynatrace
baseUri: "https://intel.live.dynatrace.com/api/v2"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.dynatrace_token"
placement: header
resources:
- name: problems
path: "/problems/{{problemId}}"
inputParameters:
- name: problemId
in: path
operations:
- name: get-problem
method: GET
- type: http
namespace: jira-bug
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: servicenow-dt
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Dynatrace Problem to ServiceNow
▼
observability itsm dynatrace servicenow slack
When Dynatrace detects an application problem, creates a ServiceNow incident with root cause details and notifies Slack.
naftiko: "0.5"
info:
label: "Dynatrace Problem to ServiceNow"
description: "When Dynatrace detects an application problem, creates a ServiceNow incident with root cause details and notifies Slack."
tags:
- observability
- itsm
- dynatrace
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: apm-ops
port: 8080
tools:
- name: handle-problem
description: "Given a Dynatrace problem ID, create a ServiceNow incident and notify."
inputParameters:
- name: problem_id
in: body
type: string
description: "Dynatrace problem ID."
steps:
- name: get-problem
type: call
call: "dynatrace.get-problem"
with:
problem_id: "{{problem_id}}"
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "Dynatrace: {{get-problem.title}}"
description: "Root cause: {{get-problem.rootCauseEntity.name}}"
urgency: "1"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#oncall"
text: "Dynatrace problem — ServiceNow {{create-incident.number}}"
consumes:
- type: http
namespace: dynatrace
baseUri: "https://intel.live.dynatrace.com/api/v2"
authentication:
type: apikey
key: "Authorization"
value: "Api-Token $secrets.dynatrace_token"
placement: header
resources:
- name: problems
path: "/problems/{{problem_id}}"
inputParameters:
- name: problem_id
in: path
operations:
- name: get-problem
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Entra Risk to Okta
▼
security identity azure okta servicenow
Suspends user.
naftiko: "0.5"
info:
label: "Entra Risk to Okta"
description: "Suspends user."
tags:
- security
- identity
- azure
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: entra
port: 8080
tools:
- name: entra-risky-login-to-okta-suspend
description: "Suspends user."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "identity.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Entra Risk to Okta"
consumes:
- type: http
namespace: identity
baseUri: "https://identity.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.identity_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
GitHub Actions Deployment to Kubernetes Rollout
▼
devops cicd github kubernetes datadog deployment
After a successful GitHub Actions release workflow, triggers a Kubernetes rolling update via kubectl API and monitors the rollout status in Datadog.
naftiko: "0.5"
info:
label: "GitHub Actions Deployment to Kubernetes Rollout"
description: "After a successful GitHub Actions release workflow, triggers a Kubernetes rolling update via kubectl API and monitors the rollout status in Datadog."
tags:
- devops
- cicd
- github
- kubernetes
- datadog
- deployment
capability:
exposes:
- type: mcp
namespace: k8s-deploy
port: 8080
tools:
- name: trigger-k8s-rollout
description: "Given a GitHub Actions run ID, deployment namespace, and application name, trigger a Kubernetes rolling deployment update and post a Datadog deployment event."
inputParameters:
- name: run_id
in: body
type: string
description: "GitHub Actions workflow run ID for the completed release build."
- name: namespace
in: body
type: string
description: "Kubernetes namespace to deploy to."
- name: app_name
in: body
type: string
description: "Kubernetes deployment name."
- name: image_tag
in: body
type: string
description: "Docker image tag to deploy."
steps:
- name: get-run
type: call
call: "github-deploy.get-run"
with:
run_id: "{{run_id}}"
- name: patch-deployment
type: call
call: "kubernetes.patch-deployment"
with:
namespace: "{{namespace}}"
name: "{{app_name}}"
image: "{{app_name}}:{{image_tag}}"
- name: post-dd-deployment
type: call
call: "datadog-deploy.create-deployment"
with:
service: "{{app_name}}"
version: "{{image_tag}}"
env: "production"
consumes:
- type: http
namespace: github-deploy
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: runs
path: "/repos/intel/{{repo}}/actions/runs/{{run_id}}"
inputParameters:
- name: run_id
in: path
operations:
- name: get-run
method: GET
- type: http
namespace: kubernetes
baseUri: "https://k8s-api.intel.internal"
authentication:
type: bearer
token: "$secrets.k8s_token"
resources:
- name: deployments
path: "/apis/apps/v1/namespaces/{{namespace}}/deployments/{{name}}"
inputParameters:
- name: namespace
in: path
- name: name
in: path
operations:
- name: patch-deployment
method: PATCH
- type: http
namespace: datadog-deploy
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: deployments
path: "/events"
operations:
- name: create-deployment
method: POST
GitHub Actions to Slack
▼
devops ci-cd github slack
Posts failure to Slack.
naftiko: "0.5"
info:
label: "GitHub Actions to Slack"
description: "Posts failure to Slack."
tags:
- devops
- ci-cd
- github
- slack
capability:
exposes:
- type: mcp
namespace: github
port: 8080
tools:
- name: github-actions-failure-to-slack-notify
description: "Posts failure to Slack."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "github.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "GitHub Actions to Slack"
consumes:
- type: http
namespace: github
baseUri: "https://github.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub Copilot Usage Report to Power BI
▼
devops analytics github power-bi ai developer-experience
Retrieves GitHub Copilot seat utilization and acceptance rate metrics for the Intel organization and refreshes a Power BI productivity dashboard.
naftiko: "0.5"
info:
label: "GitHub Copilot Usage Report to Power BI"
description: "Retrieves GitHub Copilot seat utilization and acceptance rate metrics for the Intel organization and refreshes a Power BI productivity dashboard."
tags:
- devops
- analytics
- github
- power-bi
- ai
- developer-experience
capability:
exposes:
- type: mcp
namespace: copilot-reporting
port: 8080
tools:
- name: refresh-copilot-report
description: "Retrieve GitHub Copilot seat usage and suggestion acceptance rates for the Intel GitHub organization and push the metrics to a Power BI dataset for engineering leadership."
inputParameters:
- name: powerbi_dataset_id
in: body
type: string
description: "Power BI dataset ID to refresh with Copilot usage data."
steps:
- name: get-copilot-usage
type: call
call: "github-copilot.get-usage"
with:
org: "intel"
- name: refresh-pbi-dataset
type: call
call: "powerbi-copilot.refresh-dataset"
with:
datasetId: "{{powerbi_dataset_id}}"
consumes:
- type: http
namespace: github-copilot
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: copilot-usage
path: "/orgs/{{org}}/copilot/usage"
inputParameters:
- name: org
in: path
operations:
- name: get-usage
method: GET
- type: http
namespace: powerbi-copilot
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
GitHub Dependabot to Jira Security
▼
security devops github jira slack
When Dependabot finds a critical vulnerability, creates a Jira security task and notifies AppSec.
naftiko: "0.5"
info:
label: "GitHub Dependabot to Jira Security"
description: "When Dependabot finds a critical vulnerability, creates a Jira security task and notifies AppSec."
tags:
- security
- devops
- github
- jira
- slack
capability:
exposes:
- type: mcp
namespace: appsec
port: 8080
tools:
- name: handle-vuln
description: "Given a repo and alert number, create a Jira security task."
inputParameters:
- name: repo
in: body
type: string
description: "GitHub repository."
- name: alert_number
in: body
type: string
description: "Alert number."
steps:
- name: get-alert
type: call
call: "github.get-dependabot-alert"
with:
repo: "{{repo}}"
alert_number: "{{alert_number}}"
- name: create-task
type: call
call: "jira.create-issue"
with:
project: "SEC"
issuetype: "Task"
summary: "Dependabot: {{get-alert.security_advisory.summary}}"
priority: "Critical"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#appsec"
text: "Critical vuln in {{repo}} — Jira: {{create-task.key}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: alerts
path: "/repos/{{repo}}/dependabot/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub PR Merge to ServiceNow Change
▼
devops itsm github servicenow slack
When a GitHub PR merges to main, updates the associated ServiceNow change request and posts to Slack.
naftiko: "0.5"
info:
label: "GitHub PR Merge to ServiceNow Change"
description: "When a GitHub PR merges to main, updates the associated ServiceNow change request and posts to Slack."
tags:
- devops
- itsm
- github
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: deploy-tracking
port: 8080
tools:
- name: track-pr-merge
description: "Given a merged PR and change number, close the change and notify Slack."
inputParameters:
- name: repo
in: body
type: string
description: "GitHub repository."
- name: pr_number
in: body
type: string
description: "PR number."
- name: change_number
in: body
type: string
description: "ServiceNow change number."
steps:
- name: get-pr
type: call
call: "github.get-pull-request"
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
- name: close-change
type: call
call: "servicenow-chg.update-change"
with:
number: "{{change_number}}"
state: "closed"
close_notes: "Deployed via PR #{{pr_number}}: {{get-pr.title}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#deployments"
text: "Change {{change_number}} closed — PR #{{pr_number}} merged in {{repo}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pulls
path: "/repos/{{repo}}/pulls/{{pr_number}}"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: get-pull-request
method: GET
- type: http
namespace: servicenow-chg
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: update-change
method: PATCH
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub Repository Info Lookup
▼
devops github code-management
Retrieves repository metadata including language, stars, open issues, and default branch from GitHub.
naftiko: "0.5"
info:
label: "GitHub Repository Info Lookup"
description: "Retrieves repository metadata including language, stars, open issues, and default branch from GitHub."
tags:
- devops
- github
- code-management
capability:
exposes:
- type: mcp
namespace: code-mgmt
port: 8080
tools:
- name: get-repo-info
description: "Given a GitHub repository in owner/repo format, return metadata including language and open issues."
inputParameters:
- name: repo
in: body
type: string
description: "GitHub repository in owner/repo format."
call: github.get-repo
with:
repo: "{{repo}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{repo}}"
inputParameters:
- name: repo
in: path
operations:
- name: get-repo
method: GET
Grafana to ServiceNow
▼
observability itsm grafana servicenow confluence
Creates incident.
naftiko: "0.5"
info:
label: "Grafana to ServiceNow"
description: "Creates incident."
tags:
- observability
- itsm
- grafana
- servicenow
- confluence
capability:
exposes:
- type: mcp
namespace: grafana
port: 8080
tools:
- name: grafana-alert-to-servicenow-incident
description: "Creates incident."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "observability.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Grafana to ServiceNow"
- name: create-page
type: call
call: "confluence.create-page"
with:
title: "Grafana to ServiceNow"
consumes:
- type: http
namespace: observability
baseUri: "https://observability.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.observability_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: confluence
baseUri: "https://intel-wiki.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
HubSpot Contact Search
▼
crm marketing hubspot
Searches HubSpot CRM for a contact by email, returning company, lifecycle stage, and last activity.
naftiko: "0.5"
info:
label: "HubSpot Contact Search"
description: "Searches HubSpot CRM for a contact by email, returning company, lifecycle stage, and last activity."
tags:
- crm
- marketing
- hubspot
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: search-contact
description: "Given an email address, search HubSpot CRM for the contact."
inputParameters:
- name: email
in: body
type: string
description: "Contact email."
call: hubspot.search-contacts
with:
email: "{{email}}"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: contacts
path: "/crm/v3/objects/contacts/search"
operations:
- name: search-contacts
method: POST
HubSpot Lead to Salesforce Sync
▼
crm marketing hubspot salesforce slack
Retrieves high-scoring leads from HubSpot and creates Salesforce lead records with Slack notification.
naftiko: "0.5"
info:
label: "HubSpot Lead to Salesforce Sync"
description: "Retrieves high-scoring leads from HubSpot and creates Salesforce lead records with Slack notification."
tags:
- crm
- marketing
- hubspot
- salesforce
- slack
capability:
exposes:
- type: mcp
namespace: lead-ops
port: 8080
tools:
- name: sync-leads
description: "Given a score threshold, find HubSpot leads and create Salesforce records."
inputParameters:
- name: score_threshold
in: body
type: number
description: "Minimum lead score."
steps:
- name: get-leads
type: call
call: "hubspot.search-contacts"
with:
min_score: "{{score_threshold}}"
- name: create-lead
type: call
call: "salesforce.create-lead"
with:
Email: "{{get-leads.results[0].properties.email}}"
Company: "{{get-leads.results[0].properties.company}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#sales"
text: "Lead synced to Salesforce: {{get-leads.results[0].properties.email}}"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: contacts
path: "/crm/v3/objects/contacts/search"
operations:
- name: search-contacts
method: POST
- type: http
namespace: salesforce
baseUri: "https://intel.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead"
operations:
- name: create-lead
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
HubSpot Marketing Campaign to Salesforce Campaign Sync
▼
marketing sales hubspot salesforce crm
Syncs HubSpot marketing campaign performance metrics to the corresponding Salesforce campaign record for unified CRM pipeline reporting.
naftiko: "0.5"
info:
label: "HubSpot Marketing Campaign to Salesforce Campaign Sync"
description: "Syncs HubSpot marketing campaign performance metrics to the corresponding Salesforce campaign record for unified CRM pipeline reporting."
tags:
- marketing
- sales
- hubspot
- salesforce
- crm
capability:
exposes:
- type: mcp
namespace: campaign-sync
port: 8080
tools:
- name: sync-hubspot-campaign
description: "Given a HubSpot campaign ID and Salesforce campaign ID, fetch email campaign metrics from HubSpot and update the Salesforce campaign record with sends, opens, and click rates."
inputParameters:
- name: hubspot_campaign_id
in: body
type: string
description: "HubSpot email campaign ID."
- name: salesforce_campaign_id
in: body
type: string
description: "Salesforce campaign record ID to update."
steps:
- name: get-hs-campaign
type: call
call: "hubspot-campaign.get-campaign-stats"
with:
campaignId: "{{hubspot_campaign_id}}"
- name: update-sf-campaign
type: call
call: "salesforce-camp.update-campaign"
with:
campaign_id: "{{salesforce_campaign_id}}"
NumberSent: "{{get-hs-campaign.sent}}"
NumberOpens: "{{get-hs-campaign.opens}}"
NumberReplies: "{{get-hs-campaign.clicks}}"
consumes:
- type: http
namespace: hubspot-campaign
baseUri: "https://api.hubapi.com/marketing/v3"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: campaigns
path: "/emails/statistics/list"
inputParameters:
- name: campaignId
in: query
operations:
- name: get-campaign-stats
method: GET
- type: http
namespace: salesforce-camp
baseUri: "https://intel.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: campaigns
path: "/sobjects/Campaign/{{campaign_id}}"
inputParameters:
- name: campaign_id
in: path
operations:
- name: update-campaign
method: PATCH
Jira Bug to ServiceNow Problem
▼
devops itsm jira servicenow
When a Jira bug is marked recurring, creates a ServiceNow problem record and updates the Jira issue with the reference.
naftiko: "0.5"
info:
label: "Jira Bug to ServiceNow Problem"
description: "When a Jira bug is marked recurring, creates a ServiceNow problem record and updates the Jira issue with the reference."
tags:
- devops
- itsm
- jira
- servicenow
capability:
exposes:
- type: mcp
namespace: problem-mgmt
port: 8080
tools:
- name: escalate-to-problem
description: "Given a Jira bug key, create a ServiceNow problem and link back."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key."
steps:
- name: get-bug
type: call
call: "jira.get-issue"
with:
issue_key: "{{issue_key}}"
- name: create-problem
type: call
call: "servicenow-prob.create-problem"
with:
short_description: "Recurring: {{get-bug.fields.summary}}"
category: "software"
- name: update-jira
type: call
call: "jira.add-comment"
with:
issue_key: "{{issue_key}}"
body: "ServiceNow problem {{create-problem.number}} created."
consumes:
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
- name: comments
path: "/issue/{{issue_key}}/comment"
inputParameters:
- name: issue_key
in: path
operations:
- name: add-comment
method: POST
- type: http
namespace: servicenow-prob
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: problems
path: "/table/problem"
operations:
- name: create-problem
method: POST
Epic to Salesforce
▼
devops crm jira salesforce slack
Updates on completion.
naftiko: "0.5"
info:
label: "Epic to Salesforce"
description: "Updates on completion."
tags:
- devops
- crm
- jira
- salesforce
- slack
capability:
exposes:
- type: mcp
namespace: jira
port: 8080
tools:
- name: jira-epic-to-salesforce-update
description: "Updates on completion."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "jira.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Epic to Salesforce"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Epic to Salesforce"
consumes:
- type: http
namespace: jira
baseUri: "https://jira.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Jira Issue Lookup
▼
devops jira project-management
Retrieves the current status, assignee, and priority of a Jira issue by key for project tracking queries.
naftiko: "0.5"
info:
label: "Jira Issue Lookup"
description: "Retrieves the current status, assignee, and priority of a Jira issue by key for project tracking queries."
tags:
- devops
- jira
- project-management
capability:
exposes:
- type: mcp
namespace: project-mgmt
port: 8080
tools:
- name: get-jira-issue
description: "Given a Jira issue key, retrieve status, assignee, and priority."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key."
call: jira.get-issue
with:
issue_key: "{{issue_key}}"
consumes:
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
Jira Release to Confluence
▼
devops documentation jira confluence slack
Publishes release notes.
naftiko: "0.5"
info:
label: "Jira Release to Confluence"
description: "Publishes release notes."
tags:
- devops
- documentation
- jira
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: jira
port: 8080
tools:
- name: jira-release-notes-to-confluence-page
description: "Publishes release notes."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "jira.get-data"
with:
id: "{{input_id}}"
- name: create-issue
type: call
call: "jira.create-issue"
with:
summary: "Jira Release to Confluence"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Jira Release to Confluence"
consumes:
- type: http
namespace: jira
baseUri: "https://jira.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Jira Sprint Velocity Report to Power BI
▼
devops analytics jira power-bi reporting
Extracts completed Jira sprint velocity data for a given board and refreshes a Power BI dataset for engineering leadership reporting.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity Report to Power BI"
description: "Extracts completed Jira sprint velocity data for a given board and refreshes a Power BI dataset for engineering leadership reporting."
tags:
- devops
- analytics
- jira
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: eng-reporting
port: 8080
tools:
- name: refresh-sprint-velocity-report
description: "Given a Jira board ID and a Power BI dataset ID, extract sprint velocity metrics from Jira and push a dataset refresh to Power BI."
inputParameters:
- name: jira_board_id
in: body
type: string
description: "Jira board ID to extract velocity from."
- name: powerbi_dataset_id
in: body
type: string
description: "Power BI dataset ID to refresh."
steps:
- name: get-sprints
type: call
call: "jira-sprints.get-closed-sprints"
with:
boardId: "{{jira_board_id}}"
- name: refresh-dataset
type: call
call: "powerbi.refresh-dataset"
with:
datasetId: "{{powerbi_dataset_id}}"
consumes:
- type: http
namespace: jira-sprints
baseUri: "https://intel.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: sprints
path: "/board/{{boardId}}/sprint"
inputParameters:
- name: boardId
in: path
operations:
- name: get-closed-sprints
method: GET
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
LinkedIn Social Engagement Digest to Salesforce
▼
marketing social linkedin salesforce reporting
Pulls LinkedIn company page engagement metrics and logs a weekly social performance summary as a Salesforce campaign activity record.
naftiko: "0.5"
info:
label: "LinkedIn Social Engagement Digest to Salesforce"
description: "Pulls LinkedIn company page engagement metrics and logs a weekly social performance summary as a Salesforce campaign activity record."
tags:
- marketing
- social
- linkedin
- salesforce
- reporting
capability:
exposes:
- type: mcp
namespace: social-reporting
port: 8080
tools:
- name: digest-linkedin-engagement
description: "Given a LinkedIn organization ID and a Salesforce campaign ID, retrieve weekly company page impressions and engagement data from LinkedIn and log the digest as a Salesforce task."
inputParameters:
- name: linkedin_org_id
in: body
type: string
description: "LinkedIn organization (company page) ID."
- name: salesforce_campaign_id
in: body
type: string
description: "Salesforce campaign ID to log the digest against."
steps:
- name: get-li-stats
type: call
call: "linkedin-org.get-follower-stats"
with:
organizationId: "{{linkedin_org_id}}"
- name: log-sf-task
type: call
call: "salesforce-li.create-task"
with:
WhatId: "{{salesforce_campaign_id}}"
Subject: "LinkedIn Engagement Digest"
Description: "Impressions: {{get-li-stats.impressionCount}} | Clicks: {{get-li-stats.clickCount}} | Engagement rate: {{get-li-stats.engagementRate}}"
consumes:
- type: http
namespace: linkedin-org
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: follower-stats
path: "/organizationalEntityFollowerStatistics"
inputParameters:
- name: organizationalEntity
in: query
operations:
- name: get-follower-stats
method: GET
- type: http
namespace: salesforce-li
baseUri: "https://intel.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
Microsoft Entra Identity Risk Alert to ServiceNow
▼
security identity microsoft-entra servicenow access-management
Detects risky sign-in events in Microsoft Entra ID Protection and creates a ServiceNow security incident for the identity security team to investigate.
naftiko: "0.5"
info:
label: "Microsoft Entra Identity Risk Alert to ServiceNow"
description: "Detects risky sign-in events in Microsoft Entra ID Protection and creates a ServiceNow security incident for the identity security team to investigate."
tags:
- security
- identity
- microsoft-entra
- servicenow
- access-management
capability:
exposes:
- type: mcp
namespace: identity-security
port: 8080
tools:
- name: handle-identity-risk
description: "Given a Microsoft Entra risk detection ID, retrieve the risky sign-in details from Microsoft Graph and create a ServiceNow security incident for investigation."
inputParameters:
- name: risk_detection_id
in: body
type: string
description: "Microsoft Entra ID risk detection ID."
steps:
- name: get-risk-detection
type: call
call: "graph-entra.get-risk-detection"
with:
riskDetectionId: "{{risk_detection_id}}"
- name: create-sec-incident
type: call
call: "servicenow-iam.create-incident"
with:
short_description: "Identity risk: {{get-risk-detection.userDisplayName}} — {{get-risk-detection.riskEventType}}"
category: "security"
urgency: "2"
description: "User: {{get-risk-detection.userPrincipalName}} | Risk level: {{get-risk-detection.riskLevel}} | IP: {{get-risk-detection.ipAddress}}"
consumes:
- type: http
namespace: graph-entra
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: risk-detections
path: "/identityProtection/riskDetections/{{riskDetectionId}}"
inputParameters:
- name: riskDetectionId
in: path
operations:
- name: get-risk-detection
method: GET
- type: http
namespace: servicenow-iam
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
New Relic App Health Lookup
▼
observability new-relic apm
Retrieves application health status and response time from New Relic APM.
naftiko: "0.5"
info:
label: "New Relic App Health Lookup"
description: "Retrieves application health status and response time from New Relic APM."
tags:
- observability
- new-relic
- apm
capability:
exposes:
- type: mcp
namespace: app-health
port: 8080
tools:
- name: get-app-health
description: "Given a New Relic application name, return health status and response time."
inputParameters:
- name: app_name
in: body
type: string
description: "Application name."
call: newrelic.get-application
with:
name: "{{app_name}}"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "X-Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: applications
path: "/applications.json"
inputParameters:
- name: name
in: query
operations:
- name: get-application
method: GET
New Relic Application Performance Anomaly to Jira
▼
observability devops new-relic jira performance
Detects application performance anomalies reported by New Relic and creates a prioritized Jira ticket for the owning engineering team.
naftiko: "0.5"
info:
label: "New Relic Application Performance Anomaly to Jira"
description: "Detects application performance anomalies reported by New Relic and creates a prioritized Jira ticket for the owning engineering team."
tags:
- observability
- devops
- new-relic
- jira
- performance
capability:
exposes:
- type: mcp
namespace: apm-ops
port: 8080
tools:
- name: handle-apm-anomaly
description: "Given a New Relic application ID and an anomaly threshold percentage, retrieve the latest throughput and error rate from New Relic and create a Jira performance bug if anomalies are detected."
inputParameters:
- name: app_id
in: body
type: string
description: "New Relic application ID."
- name: error_rate_threshold
in: body
type: number
description: "Error rate percentage above which to create a Jira ticket."
steps:
- name: get-app-metrics
type: call
call: "newrelic-apm.get-app-summary"
with:
applicationId: "{{app_id}}"
- name: create-perf-bug
type: call
call: "jira-perf.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "APM anomaly: App {{app_id}} error rate {{get-app-metrics.error_rate}}%"
description: "Throughput: {{get-app-metrics.throughput}} rpm | Error rate: {{get-app-metrics.error_rate}}% | Response time: {{get-app-metrics.response_time}}ms"
priority: "High"
consumes:
- type: http
namespace: newrelic-apm
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "X-Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: apps
path: "/applications/{{applicationId}}.json"
inputParameters:
- name: applicationId
in: path
operations:
- name: get-app-summary
method: GET
- type: http
namespace: jira-perf
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
New Relic Error Spike to Jira
▼
observability devops new-relic jira slack
When New Relic detects an error rate spike, creates a Jira bug and notifies the team via Slack.
naftiko: "0.5"
info:
label: "New Relic Error Spike to Jira"
description: "When New Relic detects an error rate spike, creates a Jira bug and notifies the team via Slack."
tags:
- observability
- devops
- new-relic
- jira
- slack
capability:
exposes:
- type: mcp
namespace: error-tracking
port: 8080
tools:
- name: handle-error-spike
description: "Given a New Relic app ID, check error rate and create Jira bug if exceeded."
inputParameters:
- name: app_id
in: body
type: string
description: "New Relic app ID."
steps:
- name: get-metrics
type: call
call: "newrelic.get-app-metrics"
with:
app_id: "{{app_id}}"
- name: create-bug
type: call
call: "jira.create-issue"
with:
project: "ENG"
issuetype: "Bug"
summary: "Error spike: {{get-metrics.app_name}} at {{get-metrics.error_rate}}%"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#engineering"
text: "Error spike: {{get-metrics.app_name}} — Jira: {{create-bug.key}}"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "X-Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: apps
path: "/applications/{{app_id}}.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-app-metrics
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta Access Review
▼
security compliance okta snowflake servicenow
Loads review data.
naftiko: "0.5"
info:
label: "Okta Access Review"
description: "Loads review data."
tags:
- security
- compliance
- okta
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: okta
port: 8080
tools:
- name: okta-access-review-to-snowflake-load
description: "Loads review data."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "okta.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Okta Access Review"
consumes:
- type: http
namespace: okta
baseUri: "https://okta.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
Okta MFA Reset with ServiceNow
▼
security identity okta servicenow
Resets user MFA in Okta based on an approved ServiceNow request and updates the ticket.
naftiko: "0.5"
info:
label: "Okta MFA Reset with ServiceNow"
description: "Resets user MFA in Okta based on an approved ServiceNow request and updates the ticket."
tags:
- security
- identity
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: identity-ops
port: 8080
tools:
- name: reset-mfa
description: "Given a ServiceNow request and user email, reset MFA and close the ticket."
inputParameters:
- name: request_number
in: body
type: string
description: "ServiceNow request number."
- name: user_email
in: body
type: string
description: "User email."
steps:
- name: reset-factors
type: call
call: "okta.reset-factors"
with:
user_id: "{{user_email}}"
- name: close-ticket
type: call
call: "servicenow.update-request"
with:
number: "{{request_number}}"
state: "closed_complete"
consumes:
- type: http
namespace: okta
baseUri: "https://intel.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "SSWS $secrets.okta_api_token"
placement: header
resources:
- name: factors
path: "/users/{{user_id}}/lifecycle/reset_factors"
inputParameters:
- name: user_id
in: path
operations:
- name: reset-factors
method: POST
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: update-request
method: PATCH
Okta Risky Login Investigation
▼
security identity okta splunk servicenow
Investigates with Splunk.
naftiko: "0.5"
info:
label: "Okta Risky Login Investigation"
description: "Investigates with Splunk."
tags:
- security
- identity
- okta
- splunk
- servicenow
capability:
exposes:
- type: mcp
namespace: okta
port: 8080
tools:
- name: okta-risky-login-to-splunk-query
description: "Investigates with Splunk."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "identity.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Okta Risky Login Investigation"
consumes:
- type: http
namespace: identity
baseUri: "https://identity.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.identity_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
Okta User Group Lookup
▼
security identity okta
Lists all Okta groups a user belongs to by email address for identity governance queries.
naftiko: "0.5"
info:
label: "Okta User Group Lookup"
description: "Lists all Okta groups a user belongs to by email address for identity governance queries."
tags:
- security
- identity
- okta
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-user-groups
description: "Given a user email, retrieve all Okta group memberships."
inputParameters:
- name: user_email
in: body
type: string
description: "User email address."
call: okta.get-user-groups
with:
user_id: "{{user_email}}"
consumes:
- type: http
namespace: okta
baseUri: "https://intel.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "SSWS $secrets.okta_api_token"
placement: header
resources:
- name: user-groups
path: "/users/{{user_id}}/groups"
inputParameters:
- name: user_id
in: path
operations:
- name: get-user-groups
method: GET
Oracle Invoice to Snowflake
▼
finance data oracle snowflake
Loads invoices.
naftiko: "0.5"
info:
label: "Oracle Invoice to Snowflake"
description: "Loads invoices."
tags:
- finance
- data
- oracle
- snowflake
capability:
exposes:
- type: mcp
namespace: oracle
port: 8080
tools:
- name: oracle-erp-invoice-to-snowflake-load
description: "Loads invoices."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "data.get-data"
with:
id: "{{input_id}}"
consumes:
- type: http
namespace: data
baseUri: "https://data.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
Oracle ERP Journal Approval to Snowflake Finance Ledger
▼
finance erp oracle-integration snowflake data
After an Oracle Integration Cloud approval workflow completes, fetches the approved journal entry and loads it into the Snowflake finance data warehouse.
naftiko: "0.5"
info:
label: "Oracle ERP Journal Approval to Snowflake Finance Ledger"
description: "After an Oracle Integration Cloud approval workflow completes, fetches the approved journal entry and loads it into the Snowflake finance data warehouse."
tags:
- finance
- erp
- oracle-integration
- snowflake
- data
capability:
exposes:
- type: mcp
namespace: finance-ledger
port: 8080
tools:
- name: load-approved-journal
description: "Given an Oracle Integration Cloud instance ID for an approved journal entry, retrieve the journal details and load them into the Snowflake FINANCE.GL.JOURNALS table."
inputParameters:
- name: oic_instance_id
in: body
type: string
description: "Oracle Integration Cloud process instance ID for the approved journal."
steps:
- name: get-journal
type: call
call: "oracle-int.get-instance"
with:
instanceId: "{{oic_instance_id}}"
- name: load-to-snowflake
type: call
call: "snowflake-gl.insert-journal"
with:
journal_data: "{{get-journal.payload}}"
consumes:
- type: http
namespace: oracle-int
baseUri: "https://intel-oic.integration.ocp.oraclecloud.com/ic/api/integration/v1"
authentication:
type: basic
username: "$secrets.oic_user"
password: "$secrets.oic_password"
resources:
- name: instances
path: "/processes/{{instanceId}}"
inputParameters:
- name: instanceId
in: path
operations:
- name: get-instance
method: GET
- type: http
namespace: snowflake-gl
baseUri: "https://intel.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: journals
path: "/statements"
operations:
- name: insert-journal
method: POST
PagerDuty Incident to Confluence Postmortem
▼
operations documentation pagerduty confluence slack
When a PagerDuty incident resolves, creates a Confluence postmortem page and notifies the SRE team.
naftiko: "0.5"
info:
label: "PagerDuty Incident to Confluence Postmortem"
description: "When a PagerDuty incident resolves, creates a Confluence postmortem page and notifies the SRE team."
tags:
- operations
- documentation
- pagerduty
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: postmortem
port: 8080
tools:
- name: create-postmortem
description: "Given a PagerDuty incident ID, create a Confluence postmortem."
inputParameters:
- name: incident_id
in: body
type: string
description: "PagerDuty incident ID."
steps:
- name: get-incident
type: call
call: "pagerduty.get-incident"
with:
incident_id: "{{incident_id}}"
- name: create-page
type: call
call: "confluence.create-page"
with:
space_key: "SRE"
title: "Postmortem: {{get-incident.title}}"
body: "## Summary\n{{get-incident.title}}\n## Duration\n{{get-incident.duration}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#sre"
text: "Postmortem created: {{create-page.url}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "Token token=$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: "https://intel-wiki.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
PagerDuty Schedule Lookup
▼
operations pagerduty incident-response
Retrieves the current on-call engineer for a PagerDuty schedule by schedule ID.
naftiko: "0.5"
info:
label: "PagerDuty Schedule Lookup"
description: "Retrieves the current on-call engineer for a PagerDuty schedule by schedule ID."
tags:
- operations
- pagerduty
- incident-response
capability:
exposes:
- type: mcp
namespace: ops
port: 8080
tools:
- name: get-on-call
description: "Given a PagerDuty schedule ID, return the current on-call engineer."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID."
call: pagerduty.get-on-call
with:
schedule_id: "{{schedule_id}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "Token token=$secrets.pagerduty_token"
placement: header
resources:
- name: schedules
path: "/schedules/{{schedule_id}}"
inputParameters:
- name: schedule_id
in: path
operations:
- name: get-on-call
method: GET
Palo Alto Networks Threat Block to Cloudflare
▼
security palo-alto-networks cloudflare threat-intelligence waf
Fetches high-severity threat indicators from Palo Alto Networks and creates blocking IP list entries in Cloudflare for unified perimeter enforcement.
naftiko: "0.5"
info:
label: "Palo Alto Networks Threat Block to Cloudflare"
description: "Fetches high-severity threat indicators from Palo Alto Networks and creates blocking IP list entries in Cloudflare for unified perimeter enforcement."
tags:
- security
- palo-alto-networks
- cloudflare
- threat-intelligence
- waf
capability:
exposes:
- type: mcp
namespace: perimeter-security
port: 8080
tools:
- name: sync-threat-blocks
description: "Given a Palo Alto Networks device hostname and a Cloudflare zone ID, pull active high-severity blocked IPs from PAN and synchronize them as Cloudflare WAF IP rules."
inputParameters:
- name: pan_hostname
in: body
type: string
description: "Palo Alto Networks firewall hostname."
- name: cf_zone_id
in: body
type: string
description: "Cloudflare zone ID to update WAF rules on."
steps:
- name: get-blocked-ips
type: call
call: "pan-fw.get-blocked-ips"
with:
hostname: "{{pan_hostname}}"
- name: update-cf-list
type: call
call: "cloudflare-waf.update-ip-list"
with:
zone_id: "{{cf_zone_id}}"
ips: "{{get-blocked-ips.blocked_ips}}"
consumes:
- type: http
namespace: pan-fw
baseUri: "https://{{pan_hostname}}/restapi/v10.1"
authentication:
type: apikey
key: "X-PAN-KEY"
value: "$secrets.paloalto_api_key"
placement: header
resources:
- name: blocked-ips
path: "/Objects/AddressGroups"
operations:
- name: get-blocked-ips
method: GET
- type: http
namespace: cloudflare-waf
baseUri: "https://api.cloudflare.com/client/v4"
authentication:
type: bearer
token: "$secrets.cloudflare_token"
resources:
- name: ip-lists
path: "/zones/{{zone_id}}/firewall/rules"
inputParameters:
- name: zone_id
in: path
operations:
- name: update-ip-list
method: PUT
Pluralsight Skill Assessment to Workday Learning
▼
hr learning pluralsight workday talent-management
Fetches Pluralsight skill IQ assessment scores for an employee and records the competency levels in Workday Learning for talent profile tracking.
naftiko: "0.5"
info:
label: "Pluralsight Skill Assessment to Workday Learning"
description: "Fetches Pluralsight skill IQ assessment scores for an employee and records the competency levels in Workday Learning for talent profile tracking."
tags:
- hr
- learning
- pluralsight
- workday
- talent-management
capability:
exposes:
- type: mcp
namespace: skills-tracking
port: 8080
tools:
- name: sync-skill-assessments
description: "Given a Pluralsight user email and a Workday worker ID, retrieve the latest Skill IQ scores from Pluralsight and record them as competency assessments in Workday Learning."
inputParameters:
- name: pluralsight_email
in: body
type: string
description: "Pluralsight account email address."
- name: workday_worker_id
in: body
type: string
description: "Workday worker ID to update."
steps:
- name: get-skill-scores
type: call
call: "pluralsight-skills.get-skill-iq"
with:
email: "{{pluralsight_email}}"
- name: record-competency
type: call
call: "workday-learning.create-competency"
with:
workerId: "{{workday_worker_id}}"
skills: "{{get-skill-scores.skills}}"
consumes:
- type: http
namespace: pluralsight-skills
baseUri: "https://api.pluralsight.com/v2"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: skill-iq
path: "/users/{{email}}/skills"
inputParameters:
- name: email
in: path
operations:
- name: get-skill-iq
method: GET
- type: http
namespace: workday-learning
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: competencies
path: "/intel/workers/{{workerId}}/competencies"
inputParameters:
- name: workerId
in: path
operations:
- name: create-competency
method: POST
Power BI Dataset Refresh Lookup
▼
analytics reporting power-bi
Checks the last refresh status of a Power BI dataset for reporting readiness.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Lookup"
description: "Checks the last refresh status of a Power BI dataset for reporting readiness."
tags:
- analytics
- reporting
- power-bi
capability:
exposes:
- type: mcp
namespace: reporting
port: 8080
tools:
- name: get-refresh-status
description: "Given a Power BI dataset ID, return the last refresh status and time."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID."
call: powerbi.get-refresh-history
with:
dataset_id: "{{dataset_id}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh-history
method: GET
Power BI Distribution
▼
analytics reporting power-bi slack
Distributes reports.
naftiko: "0.5"
info:
label: "Power BI Distribution"
description: "Distributes reports."
tags:
- analytics
- reporting
- power-bi
- slack
capability:
exposes:
- type: mcp
namespace: power
port: 8080
tools:
- name: power-bi-report-dist-via-slack
description: "Distributes reports."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "analytics.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Power BI Distribution"
consumes:
- type: http
namespace: analytics
baseUri: "https://analytics.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Account Enrichment with ZoomInfo
▼
sales crm salesforce zoominfo data-enrichment
Enriches a Salesforce account record with firmographic data from ZoomInfo including employee count, revenue band, and technology install data.
naftiko: "0.5"
info:
label: "Salesforce Account Enrichment with ZoomInfo"
description: "Enriches a Salesforce account record with firmographic data from ZoomInfo including employee count, revenue band, and technology install data."
tags:
- sales
- crm
- salesforce
- zoominfo
- data-enrichment
capability:
exposes:
- type: mcp
namespace: account-enrichment
port: 8080
tools:
- name: enrich-sf-account
description: "Given a Salesforce account ID and company domain, look up the company in ZoomInfo and update the Salesforce account with employee count, revenue, and tech stack data."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: company_domain
in: body
type: string
description: "Company domain to look up in ZoomInfo, e.g. acme.com."
steps:
- name: lookup-zoominfo
type: call
call: "zoominfo.search-company"
with:
domain: "{{company_domain}}"
- name: update-account
type: call
call: "salesforce-acct.update-account"
with:
account_id: "{{account_id}}"
NumberOfEmployees: "{{lookup-zoominfo.employeeCount}}"
AnnualRevenue: "{{lookup-zoominfo.revenue}}"
Description: "Tech stack: {{lookup-zoominfo.technologies}}"
consumes:
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/company"
operations:
- name: search-company
method: POST
- type: http
namespace: salesforce-acct
baseUri: "https://intel.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
Salesforce Closed-Won to Jira Project
▼
crm devops salesforce jira slack
When a Salesforce opportunity is Closed-Won, creates a Jira project and notifies the delivery team via Slack.
naftiko: "0.5"
info:
label: "Salesforce Closed-Won to Jira Project"
description: "When a Salesforce opportunity is Closed-Won, creates a Jira project and notifies the delivery team via Slack."
tags:
- crm
- devops
- salesforce
- jira
- slack
capability:
exposes:
- type: mcp
namespace: deal-handoff
port: 8080
tools:
- name: handle-closed-won
description: "Given an opportunity ID, create a Jira project and notify delivery."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
steps:
- name: get-opp
type: call
call: "salesforce.get-opportunity"
with:
opportunity_id: "{{opportunity_id}}"
- name: create-project
type: call
call: "jira.create-project"
with:
name: "{{get-opp.Name}}"
projectTypeKey: "software"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#delivery"
text: "New project: {{get-opp.Name}} | Value: {{get-opp.Amount}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://intel.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: projects
path: "/project"
operations:
- name: create-project
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Contract to HubSpot
▼
crm marketing salesforce hubspot slack
Enrolls contracts.
naftiko: "0.5"
info:
label: "Contract to HubSpot"
description: "Enrolls contracts."
tags:
- crm
- marketing
- salesforce
- hubspot
- slack
capability:
exposes:
- type: mcp
namespace: salesforce
port: 8080
tools:
- name: salesforce-contract-to-hubspot-workflow
description: "Enrolls contracts."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "salesforce.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Contract to HubSpot"
consumes:
- type: http
namespace: salesforce
baseUri: "https://salesforce.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Opportunity Lookup
▼
crm salesforce sales
Retrieves a Salesforce opportunity by ID, returning stage, amount, close date, and account name.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Lookup"
description: "Retrieves a Salesforce opportunity by ID, returning stage, amount, close date, and account name."
tags:
- crm
- salesforce
- sales
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-opportunity
description: "Given a Salesforce opportunity ID, return the stage, amount, and close date."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
call: salesforce.get-opportunity
with:
opportunity_id: "{{opportunity_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://intel.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
Salesforce Renewal Risk
▼
crm sales salesforce slack
Notifies at-risk renewals.
naftiko: "0.5"
info:
label: "Salesforce Renewal Risk"
description: "Notifies at-risk renewals."
tags:
- crm
- sales
- salesforce
- slack
capability:
exposes:
- type: mcp
namespace: salesforce
port: 8080
tools:
- name: salesforce-renewal-risk-notification
description: "Notifies at-risk renewals."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "salesforce.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Salesforce Renewal Risk"
consumes:
- type: http
namespace: salesforce
baseUri: "https://salesforce.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
SAP Concur Expense Report Approval Workflow
▼
finance hr sap-concur microsoft-teams approval
Retrieves pending expense reports from SAP Concur, validates amounts against policy, and either auto-approves or escalates to a manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Approval Workflow"
description: "Retrieves pending expense reports from SAP Concur, validates amounts against policy, and either auto-approves or escalates to a manager via Microsoft Teams."
tags:
- finance
- hr
- sap-concur
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: expense-approval
port: 8080
tools:
- name: process-expense-reports
description: "Given an approver employee ID and a daily spend limit, retrieve pending SAP Concur expense reports and auto-approve those within policy or send a Teams approval request for those exceeding the limit."
inputParameters:
- name: approver_id
in: body
type: string
description: "SAP Concur approver employee ID."
- name: auto_approve_limit
in: body
type: number
description: "USD amount below which expense reports are auto-approved."
steps:
- name: get-pending-reports
type: call
call: "sap-concur.get-pending-reports"
with:
approverId: "{{approver_id}}"
- name: send-approval-request
type: call
call: "msteams-approval.post-message"
with:
recipient_upn: "$secrets.approver_upn"
message: "Expense approval needed: {{get-pending-reports.count}} reports exceeding ${{auto_approve_limit}} threshold."
consumes:
- type: http
namespace: sap-concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports"
inputParameters:
- name: approverLoginID
in: query
operations:
- name: get-pending-reports
method: GET
- type: http
namespace: msteams-approval
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: post-message
method: POST
SAP Concur Expense Violation
▼
finance compliance sap-concur servicenow slack
Creates compliance task for violations.
naftiko: "0.5"
info:
label: "SAP Concur Expense Violation"
description: "Creates compliance task for violations."
tags:
- finance
- compliance
- sap-concur
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: sap
port: 8080
tools:
- name: sap-concur-expense-violation-task
description: "Creates compliance task for violations."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "sap-concur.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "SAP Concur Expense Violation"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "SAP Concur Expense Violation"
consumes:
- type: http
namespace: sap-concur
baseUri: "https://sap-concur.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_concur_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
SAP to Salesforce
▼
erp crm sap salesforce
Updates opportunity.
naftiko: "0.5"
info:
label: "SAP to Salesforce"
description: "Updates opportunity."
tags:
- erp
- crm
- sap
- salesforce
capability:
exposes:
- type: mcp
namespace: sap
port: 8080
tools:
- name: sap-delivery-to-salesforce-update
description: "Updates opportunity."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "erp.get-data"
with:
id: "{{input_id}}"
consumes:
- type: http
namespace: erp
baseUri: "https://erp.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.erp_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
SAP Stock Alert
▼
erp supply-chain sap slack
Alerts low stock.
naftiko: "0.5"
info:
label: "SAP Stock Alert"
description: "Alerts low stock."
tags:
- erp
- supply-chain
- sap
- slack
capability:
exposes:
- type: mcp
namespace: sap
port: 8080
tools:
- name: sap-material-stock-to-slack-alert
description: "Alerts low stock."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "erp.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "SAP Stock Alert"
consumes:
- type: http
namespace: erp
baseUri: "https://erp.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.erp_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
SAP Purchase Order Lookup
▼
finance sap procurement
Retrieves a SAP S/4HANA purchase order by number, returning status, vendor, and total value.
naftiko: "0.5"
info:
label: "SAP Purchase Order Lookup"
description: "Retrieves a SAP S/4HANA purchase order by number, returning status, vendor, and total value."
tags:
- finance
- sap
- procurement
capability:
exposes:
- type: mcp
namespace: erp
port: 8080
tools:
- name: get-purchase-order
description: "Given a SAP PO number, return the PO status, vendor, and total amount."
inputParameters:
- name: po_number
in: body
type: string
description: "SAP purchase order number."
call: sap.get-po
with:
po_number: "{{po_number}}"
consumes:
- type: http
namespace: sap
baseUri: "https://intel-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
SAP S/4HANA PO Receipt to Workday Cost Update
▼
finance erp sap-s4hana workday procurement
When a goods receipt is posted in SAP S/4HANA, updates the associated cost center budget in Workday Financials to reflect actual spend.
naftiko: "0.5"
info:
label: "SAP S/4HANA PO Receipt to Workday Cost Update"
description: "When a goods receipt is posted in SAP S/4HANA, updates the associated cost center budget in Workday Financials to reflect actual spend."
tags:
- finance
- erp
- sap-s4hana
- workday
- procurement
capability:
exposes:
- type: mcp
namespace: budget-sync
port: 8080
tools:
- name: sync-po-receipt-to-budget"
description: "Given a SAP material document number and Workday cost center ID, fetch the goods receipt value from SAP and record the actual spend against the Workday budget."
inputParameters:
- name: material_doc
in: body
type: string
description: "SAP material document number for the goods receipt."
- name: cost_center_id
in: body
type: string
description: "Workday cost center ID to update."
steps:
- name: get-receipt
type: call
call: "sap-gr.get-material-doc"
with:
materialDocument: "{{material_doc}}"
- name: update-budget
type: call
call: "workday-fin.update-budget"
with:
costCenterId: "{{cost_center_id}}"
actualAmount: "{{get-receipt.GoodsMovementAmount}}"
currency: "{{get-receipt.DocumentCurrency}}"
consumes:
- type: http
namespace: sap-gr
baseUri: "https://intel-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_DOCUMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: material-docs
path: "/A_MaterialDocumentHeader('{{materialDocument}}')"
inputParameters:
- name: materialDocument
in: path
operations:
- name: get-material-doc
method: GET
- type: http
namespace: workday-fin
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: budgets
path: "/intel/budgets/{{costCenterId}}/actuals"
inputParameters:
- name: costCenterId
in: path
operations:
- name: update-budget
method: POST
SAP Stock Procurement Alert
▼
erp supply-chain sap slack
Notifies procurement.
naftiko: "0.5"
info:
label: "SAP Stock Procurement Alert"
description: "Notifies procurement."
tags:
- erp
- supply-chain
- sap
- slack
capability:
exposes:
- type: mcp
namespace: sap
port: 8080
tools:
- name: sap-stock-alert-procurement
description: "Notifies procurement."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "erp.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "SAP Stock Procurement Alert"
consumes:
- type: http
namespace: erp
baseUri: "https://erp.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.erp_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ServiceNow Change Advisory Board Digest
▼
itsm change-management servicenow microsoft-teams reporting
Aggregates pending ServiceNow change requests for the weekly CAB meeting and posts a digest to a Microsoft Teams channel with links to each change record.
naftiko: "0.5"
info:
label: "ServiceNow Change Advisory Board Digest"
description: "Aggregates pending ServiceNow change requests for the weekly CAB meeting and posts a digest to a Microsoft Teams channel with links to each change record."
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: cab-digest
port: 8080
tools:
- name: digest-cab-changes
description: "Retrieve all ServiceNow change requests in Scheduled or Pending Approval state for the next 7 days and post a CAB meeting digest to the designated Microsoft Teams channel."
inputParameters:
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID to post the CAB digest to."
steps:
- name: get-pending-changes
type: call
call: "servicenow-cab-read.list-changes"
with:
state: "scheduled"
- name: post-cab-digest
type: call
call: "msteams-cab.post-message"
with:
channel_id: "{{teams_channel_id}}"
message: "CAB Digest: {{get-pending-changes.total}} changes pending. Top changes: {{get-pending-changes.summary}}"
consumes:
- type: http
namespace: servicenow-cab-read
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request"
inputParameters:
- name: state
in: query
operations:
- name: list-changes
method: GET
- type: http
namespace: msteams-cab
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Change Approval Apply
▼
itsm infrastructure servicenow terraform
Applies Terraform.
naftiko: "0.5"
info:
label: "Change Approval Apply"
description: "Applies Terraform."
tags:
- itsm
- infrastructure
- servicenow
- terraform
capability:
exposes:
- type: mcp
namespace: servicenow
port: 8080
tools:
- name: servicenow-change-approval-terraform
description: "Applies Terraform."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "infrastructure.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Change Approval Apply"
consumes:
- type: http
namespace: infrastructure
baseUri: "https://infrastructure.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.infrastructure_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
Change to Terraform
▼
itsm infrastructure servicenow terraform
Applies on approval.
naftiko: "0.5"
info:
label: "Change to Terraform"
description: "Applies on approval."
tags:
- itsm
- infrastructure
- servicenow
- terraform
capability:
exposes:
- type: mcp
namespace: servicenow
port: 8080
tools:
- name: servicenow-change-to-terraform-run
description: "Applies on approval."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "infrastructure.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Change to Terraform"
consumes:
- type: http
namespace: infrastructure
baseUri: "https://infrastructure.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.infrastructure_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
ServiceNow Incident Lookup
▼
itsm servicenow incident-management
Retrieves the current state, priority, and assignment group of a ServiceNow incident by number.
naftiko: "0.5"
info:
label: "ServiceNow Incident Lookup"
description: "Retrieves the current state, priority, and assignment group of a ServiceNow incident by number."
tags:
- itsm
- servicenow
- incident-management
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: get-incident
description: "Given a ServiceNow incident number, return state, priority, and assignment group."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
call: servicenow.get-incident
with:
number: "{{incident_number}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
Major Incident Bridge
▼
itsm incident-response servicenow pagerduty slack
Creates bridge for P1.
naftiko: "0.5"
info:
label: "Major Incident Bridge"
description: "Creates bridge for P1."
tags:
- itsm
- incident-response
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: servicenow
port: 8080
tools:
- name: servicenow-major-incident-bridge-setup
description: "Creates bridge for P1."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "servicenow.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Major Incident Bridge"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Major Incident Bridge"
consumes:
- type: http
namespace: servicenow
baseUri: "https://servicenow.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Slack Message Poster
▼
communication slack notifications
Posts a formatted message to a Slack channel for notifications and team communication.
naftiko: "0.5"
info:
label: "Slack Message Poster"
description: "Posts a formatted message to a Slack channel for notifications and team communication."
tags:
- communication
- slack
- notifications
capability:
exposes:
- type: mcp
namespace: messaging
port: 8080
tools:
- name: post-message
description: "Given a Slack channel and message text, post to the channel."
inputParameters:
- name: channel
in: body
type: string
description: "Slack channel."
- name: message
in: body
type: string
description: "Message text."
call: slack.post-message
with:
channel: "{{channel}}"
text: "{{message}}"
consumes:
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Cost Alert to FinOps
▼
data finops snowflake servicenow slack
Checks credits and alerts when over budget.
naftiko: "0.5"
info:
label: "Snowflake Cost Alert to FinOps"
description: "Checks credits and alerts when over budget."
tags:
- data
- finops
- snowflake
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: snowflake
port: 8080
tools:
- name: snowflake-cost-alert-to-finops
description: "Checks credits and alerts when over budget."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "data.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Snowflake Cost Alert to FinOps"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Snowflake Cost Alert to FinOps"
consumes:
- type: http
namespace: data
baseUri: "https://data.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Data Quality Check to Jira
▼
data quality snowflake jira slack
Runs a Snowflake data quality query and creates a Jira task if anomalies exceed threshold, notifying Slack.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Check to Jira"
description: "Runs a Snowflake data quality query and creates a Jira task if anomalies exceed threshold, notifying Slack."
tags:
- data
- quality
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: check-quality
description: "Execute a quality check query and create Jira task if anomalies found."
inputParameters:
- name: quality_query
in: body
type: string
description: "SQL quality check query."
steps:
- name: run-check
type: call
call: "snowflake.execute-query"
with:
statement: "{{quality_query}}"
- name: create-task
type: call
call: "jira.create-issue"
with:
project: "DATA"
issuetype: "Task"
summary: "Data quality anomaly: {{run-check.anomaly_count}} records"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#data-engineering"
text: "Data quality alert: {{run-check.anomaly_count}} anomalies — Jira: {{create-task.key}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://intel.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: "https://intel-jira.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Data Quality Pipeline Alert
▼
data analytics snowflake datadog jira monitoring
Runs a Snowflake data quality validation query and creates a Datadog event and a Jira bug when row counts or null rates fall outside acceptable bounds.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Pipeline Alert"
description: "Runs a Snowflake data quality validation query and creates a Datadog event and a Jira bug when row counts or null rates fall outside acceptable bounds."
tags:
- data
- analytics
- snowflake
- datadog
- jira
- monitoring
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: run-data-quality-check
description: "Given a Snowflake database, schema, table, and quality thresholds, run a validation query and alert via Datadog and Jira if quality rules fail."
inputParameters:
- name: database
in: body
type: string
description: "Snowflake database name."
- name: schema
in: body
type: string
description: "Snowflake schema name."
- name: table
in: body
type: string
description: "Snowflake table name to validate."
- name: null_rate_threshold
in: body
type: number
description: "Maximum acceptable null rate (0.0 to 1.0) for key columns."
steps:
- name: run-validation
type: call
call: "snowflake.run-query"
with:
database: "{{database}}"
schema: "{{schema}}"
table: "{{table}}"
- name: post-dd-event
type: call
call: "datadog-dq.post-event"
with:
title: "Data Quality Failure: {{database}}.{{schema}}.{{table}}"
text: "Null rate: {{run-validation.null_rate}} | Row count: {{run-validation.row_count}}"
alert_type: "warning"
- name: create-jira-bug
type: call
call: "jira.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "DQ failure: {{database}}.{{schema}}.{{table}} null rate {{run-validation.null_rate}}"
description: "Threshold: {{null_rate_threshold}} | Actual: {{run-validation.null_rate}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://intel.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: datadog-dq
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: post-event
method: POST
- type: http
namespace: jira
baseUri: "https://intel.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Snowflake Query Runner
▼
data analytics snowflake
Executes a read-only SQL query against a Snowflake warehouse and returns results for analytics queries.
naftiko: "0.5"
info:
label: "Snowflake Query Runner"
description: "Executes a read-only SQL query against a Snowflake warehouse and returns results for analytics queries."
tags:
- data
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: run-query
description: "Given a SQL statement, execute it against the Snowflake warehouse."
inputParameters:
- name: sql_statement
in: body
type: string
description: "SQL query to execute."
call: snowflake.execute-query
with:
statement: "{{sql_statement}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://intel.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
SolarWinds Network Performance Digest
▼
network observability solarwinds power-bi reporting
Pulls SolarWinds network interface utilization data for core switches and publishes a weekly performance digest to a Power BI dataset.
naftiko: "0.5"
info:
label: "SolarWinds Network Performance Digest"
description: "Pulls SolarWinds network interface utilization data for core switches and publishes a weekly performance digest to a Power BI dataset."
tags:
- network
- observability
- solarwinds
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: network-reporting
port: 8080
tools:
- name: publish-network-digest
description: "Given a SolarWinds node group and a Power BI dataset ID, extract weekly interface utilization metrics and push a dataset refresh for network performance reporting."
inputParameters:
- name: node_group
in: body
type: string
description: "SolarWinds node group name to query."
- name: powerbi_dataset_id
in: body
type: string
description: "Power BI dataset ID to refresh with network data."
steps:
- name: get-utilization
type: call
call: "solarwinds-net.query-interfaces"
with:
nodeGroup: "{{node_group}}"
- name: refresh-pbi
type: call
call: "powerbi-net.refresh-dataset"
with:
datasetId: "{{powerbi_dataset_id}}"
consumes:
- type: http
namespace: solarwinds-net
baseUri: "https://intel-solarwinds.internal:17778/SolarWinds/InformationService/v3/Json"
authentication:
type: basic
username: "$secrets.solarwinds_user"
password: "$secrets.solarwinds_password"
resources:
- name: interfaces
path: "/Query"
operations:
- name: query-interfaces
method: POST
- type: http
namespace: powerbi-net
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
SolarWinds to PagerDuty
▼
networking incident-response solarwinds pagerduty servicenow
Creates incident for down.
naftiko: "0.5"
info:
label: "SolarWinds to PagerDuty"
description: "Creates incident for down."
tags:
- networking
- incident-response
- solarwinds
- pagerduty
- servicenow
capability:
exposes:
- type: mcp
namespace: solarwinds
port: 8080
tools:
- name: solarwinds-node-down-to-pagerduty-alert
description: "Creates incident for down."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "solarwinds.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "SolarWinds to PagerDuty"
consumes:
- type: http
namespace: solarwinds
baseUri: "https://solarwinds.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.solarwinds_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
Splunk Log Search
▼
security observability splunk
Executes a Splunk search query over a specified time range for security and incident investigation.
naftiko: "0.5"
info:
label: "Splunk Log Search"
description: "Executes a Splunk search query over a specified time range for security and incident investigation."
tags:
- security
- observability
- splunk
capability:
exposes:
- type: mcp
namespace: log-analysis
port: 8080
tools:
- name: search-logs
description: "Given a Splunk SPL query and time range, execute the search and return events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk SPL search query."
- name: earliest_time
in: body
type: string
description: "Search start time."
call: splunk.create-search
with:
search: "{{search_query}}"
earliest_time: "{{earliest_time}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.intel.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs"
operations:
- name: create-search
method: POST
Splunk Security Alert to ServiceNow
▼
security siem splunk servicenow slack
When Splunk detects a security anomaly, creates a ServiceNow security incident and notifies the SOC via Slack.
naftiko: "0.5"
info:
label: "Splunk Security Alert to ServiceNow"
description: "When Splunk detects a security anomaly, creates a ServiceNow security incident and notifies the SOC via Slack."
tags:
- security
- siem
- splunk
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: soc-ops
port: 8080
tools:
- name: handle-security-alert
description: "Given a Splunk alert, create a ServiceNow security incident and notify SOC."
inputParameters:
- name: alert_description
in: body
type: string
description: "Alert description."
- name: severity
in: body
type: string
description: "Severity level."
steps:
- name: create-incident
type: call
call: "servicenow-sec.create-incident"
with:
short_description: "Splunk alert: {{alert_description}}"
severity: "{{severity}}"
assignment_group: "SOC_Team"
- name: notify-soc
type: call
call: "slack.post-message"
with:
channel: "#soc-alerts"
text: "Security incident {{create-incident.number}} — {{alert_description}}"
consumes:
- type: http
namespace: servicenow-sec
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/sn_si_incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Splunk Security Event Correlation to ServiceNow
▼
security observability splunk servicenow siem
Queries Splunk for high-severity security events in the last 15 minutes and creates a ServiceNow security incident for each correlated event cluster.
naftiko: "0.5"
info:
label: "Splunk Security Event Correlation to ServiceNow"
description: "Queries Splunk for high-severity security events in the last 15 minutes and creates a ServiceNow security incident for each correlated event cluster."
tags:
- security
- observability
- splunk
- servicenow
- siem
capability:
exposes:
- type: mcp
namespace: siem-ops
port: 8080
tools:
- name: correlate-security-events
description: "Given a Splunk search query for high-severity security events and a lookback window, run the search and create a ServiceNow security incident for each event cluster found."
inputParameters:
- name: splunk_query
in: body
type: string
description: "Splunk SPL query to find high-severity security events."
- name: lookback_minutes
in: body
type: integer
description: "Lookback window in minutes for the Splunk search."
steps:
- name: run-splunk-search
type: call
call: "splunk.run-search"
with:
search: "{{splunk_query}}"
earliest_time: "-{{lookback_minutes}}m"
- name: create-security-incident
type: call
call: "servicenow-siem.create-incident"
with:
short_description: "SIEM: High-severity security events detected"
category: "security"
urgency: "1"
description: "Event count: {{run-splunk-search.result_count}} | Query: {{splunk_query}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.intel.internal:8089"
authentication:
type: basic
username: "$secrets.splunk_user"
password: "$secrets.splunk_password"
resources:
- name: searches
path: "/services/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: servicenow-siem
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Tableau Dashboard Refresh and Distribution
▼
analytics reporting tableau microsoft-teams data
Triggers a Tableau workbook refresh and, on completion, posts the dashboard URL to a Microsoft Teams channel for stakeholder distribution.
naftiko: "0.5"
info:
label: "Tableau Dashboard Refresh and Distribution"
description: "Triggers a Tableau workbook refresh and, on completion, posts the dashboard URL to a Microsoft Teams channel for stakeholder distribution."
tags:
- analytics
- reporting
- tableau
- microsoft-teams
- data
capability:
exposes:
- type: mcp
namespace: bi-distribution
port: 8080
tools:
- name: refresh-and-distribute-dashboard
description: "Given a Tableau workbook ID and a Microsoft Teams channel ID, trigger a full workbook refresh and post the dashboard URL to the channel when complete."
inputParameters:
- name: tableau_workbook_id
in: body
type: string
description: "Tableau workbook LUID (content URL identifier)."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID to post the dashboard link to."
steps:
- name: refresh-workbook
type: call
call: "tableau.refresh-workbook"
with:
workbookId: "{{tableau_workbook_id}}"
- name: post-to-teams
type: call
call: "msteams-bi.post-message"
with:
channel_id: "{{teams_channel_id}}"
message: "Dashboard refreshed: {{refresh-workbook.contentUrl}} — ready for review."
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.intel.com/api/2.8"
authentication:
type: apikey
key: "X-Tableau-Auth"
value: "$secrets.tableau_token"
placement: header
resources:
- name: workbooks
path: "/sites/{{site_id}}/workbooks/{{workbookId}}/refresh"
inputParameters:
- name: workbookId
in: path
operations:
- name: refresh-workbook
method: POST
- type: http
namespace: msteams-bi
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: messages
path: "/teams/{{channel_id}}/channels/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Tableau Extract Alert
▼
analytics itsm tableau servicenow slack
Alerts on failure.
naftiko: "0.5"
info:
label: "Tableau Extract Alert"
description: "Alerts on failure."
tags:
- analytics
- itsm
- tableau
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: tableau
port: 8080
tools:
- name: tableau-extract-failure-alert
description: "Alerts on failure."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "analytics.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Tableau Extract Alert"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Tableau Extract Alert"
consumes:
- type: http
namespace: analytics
baseUri: "https://analytics.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Tableau to ServiceNow
▼
analytics itsm tableau servicenow slack
Creates incident.
naftiko: "0.5"
info:
label: "Tableau to ServiceNow"
description: "Creates incident."
tags:
- analytics
- itsm
- tableau
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: tableau
port: 8080
tools:
- name: tableau-failure-to-servicenow-incident
description: "Creates incident."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "analytics.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Tableau to ServiceNow"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Tableau to ServiceNow"
consumes:
- type: http
namespace: analytics
baseUri: "https://analytics.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Teams to Confluence
▼
communication documentation microsoft-teams confluence
Creates page.
naftiko: "0.5"
info:
label: "Teams to Confluence"
description: "Creates page."
tags:
- communication
- documentation
- microsoft-teams
- confluence
capability:
exposes:
- type: mcp
namespace: teams
port: 8080
tools:
- name: teams-meeting-to-confluence-page
description: "Creates page."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "microsoft-teams.get-data"
with:
id: "{{input_id}}"
- name: create-page
type: call
call: "confluence.create-page"
with:
title: "Teams to Confluence"
consumes:
- type: http
namespace: microsoft-teams
baseUri: "https://microsoft-teams.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.microsoft_teams_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: confluence
baseUri: "https://intel-wiki.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: content
path: "/content"
operations:
- name: create-page
method: POST
Terraform Cloud Cost Estimate to ServiceNow Approval
▼
cloud infrastructure terraform servicenow finops approval
When a Terraform Cloud plan is created, fetches the cost estimate and routes it to a ServiceNow approval workflow if projected monthly cost exceeds a defined budget threshold.
naftiko: "0.5"
info:
label: "Terraform Cloud Cost Estimate to ServiceNow Approval"
description: "When a Terraform Cloud plan is created, fetches the cost estimate and routes it to a ServiceNow approval workflow if projected monthly cost exceeds a defined budget threshold."
tags:
- cloud
- infrastructure
- terraform
- servicenow
- finops
- approval
capability:
exposes:
- type: mcp
namespace: infra-approval
port: 8080
tools:
- name: gate-terraform-cost
description: "Given a Terraform Cloud run ID and monthly cost threshold, retrieve the cost estimate from Terraform and route to ServiceNow for approval if the estimate exceeds the threshold."
inputParameters:
- name: run_id
in: body
type: string
description: "Terraform Cloud run ID."
- name: monthly_limit_usd
in: body
type: number
description: "Monthly cost threshold in USD above which approval is required."
steps:
- name: get-cost-estimate
type: call
call: "terraform-est.get-cost-estimate"
with:
runId: "{{run_id}}"
- name: create-approval
type: call
call: "servicenow-appr.create-approval"
with:
short_description: "Terraform cost approval: Run {{run_id}} — ${{get-cost-estimate.proposed_monthly_cost}}/mo"
category: "cloud_spend"
description: "Proposed monthly cost: ${{get-cost-estimate.proposed_monthly_cost}} exceeds limit ${{monthly_limit_usd}}"
consumes:
- type: http
namespace: terraform-est
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: cost-estimates
path: "/runs/{{runId}}/cost-estimate"
inputParameters:
- name: runId
in: path
operations:
- name: get-cost-estimate
method: GET
- type: http
namespace: servicenow-appr
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: approvals
path: "/table/sysapproval_approver"
operations:
- name: create-approval
method: POST
Terraform Plan to ServiceNow Change
▼
infrastructure itsm terraform servicenow
When a Terraform plan has resource changes, creates a ServiceNow change request for approval.
naftiko: "0.5"
info:
label: "Terraform Plan to ServiceNow Change"
description: "When a Terraform plan has resource changes, creates a ServiceNow change request for approval."
tags:
- infrastructure
- itsm
- terraform
- servicenow
capability:
exposes:
- type: mcp
namespace: infra-governance
port: 8080
tools:
- name: create-change-for-plan
description: "Given a Terraform run ID, create a ServiceNow change request."
inputParameters:
- name: run_id
in: body
type: string
description: "Terraform run ID."
steps:
- name: get-run
type: call
call: "terraform.get-run"
with:
run_id: "{{run_id}}"
- name: create-change
type: call
call: "servicenow-chg.create-change"
with:
short_description: "Terraform: {{get-run.plan_summary.resource_additions}} add, {{get-run.plan_summary.resource_changes}} change"
category: "infrastructure"
assignment_group: "Cloud_Platform"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs/{{run_id}}"
inputParameters:
- name: run_id
in: path
operations:
- name: get-run
method: GET
- type: http
namespace: servicenow-chg
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
Terraform Workspace Lookup
▼
infrastructure terraform cloud
Retrieves the current state and last run status of a Terraform Cloud workspace.
naftiko: "0.5"
info:
label: "Terraform Workspace Lookup"
description: "Retrieves the current state and last run status of a Terraform Cloud workspace."
tags:
- infrastructure
- terraform
- cloud
capability:
exposes:
- type: mcp
namespace: infra
port: 8080
tools:
- name: get-workspace
description: "Given a Terraform Cloud organization and workspace, return the workspace status."
inputParameters:
- name: workspace_name
in: body
type: string
description: "Workspace name."
call: terraform.get-workspace
with:
workspace: "{{workspace_name}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/intel/workspaces/{{workspace}}"
inputParameters:
- name: workspace
in: path
operations:
- name: get-workspace
method: GET
Benefits Enrollment
▼
hr workday servicenow slack benefits
Reminds employees.
naftiko: "0.5"
info:
label: "Benefits Enrollment"
description: "Reminds employees."
tags:
- hr
- workday
- servicenow
- slack
- benefits
capability:
exposes:
- type: mcp
namespace: workday
port: 8080
tools:
- name: workday-benefits-enrollment-notify
description: "Reminds employees."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "workday.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Benefits Enrollment"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Benefits Enrollment"
consumes:
- type: http
namespace: workday
baseUri: "https://workday.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Benefits Reminder
▼
hr workday servicenow slack benefits
Creates tasks.
naftiko: "0.5"
info:
label: "Benefits Reminder"
description: "Creates tasks."
tags:
- hr
- workday
- servicenow
- slack
- benefits
capability:
exposes:
- type: mcp
namespace: workday
port: 8080
tools:
- name: workday-benefits-reminder-task
description: "Creates tasks."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "workday.get-data"
with:
id: "{{input_id}}"
- name: create-record
type: call
call: "servicenow.create-record"
with:
short_description: "Benefits Reminder"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Benefits Reminder"
consumes:
- type: http
namespace: workday
baseUri: "https://workday.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/incident"
operations:
- name: create-record
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Workday Comp to Power BI
▼
hr analytics workday power-bi slack
Refreshes dashboard.
naftiko: "0.5"
info:
label: "Workday Comp to Power BI"
description: "Refreshes dashboard."
tags:
- hr
- analytics
- workday
- power-bi
- slack
capability:
exposes:
- type: mcp
namespace: workday
port: 8080
tools:
- name: workday-comp-to-power-bi-refresh
description: "Refreshes dashboard."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "analytics.get-data"
with:
id: "{{input_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#alerts"
text: "Workday Comp to Power BI"
consumes:
- type: http
namespace: analytics
baseUri: "https://analytics.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Workday Employee Profile Lookup
▼
hr workday employee-data
Retrieves employee profile details from Workday HCM by worker ID, returning name, department, title, and manager.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves employee profile details from Workday HCM by worker ID, returning name, department, title, and manager."
tags:
- hr
- workday
- employee-data
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-employee-profile
description: "Given a Workday worker ID, retrieve the employee full name, department, job title, and manager."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
call: workday.get-worker
with:
worker_id: "{{worker_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.worker.fullName"
- name: department
type: string
mapping: "$.worker.department"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Workday Headcount Snapshot to Snowflake
▼
hr analytics workday snowflake power-bi
Exports a headcount snapshot from Workday HCM and loads it into a Snowflake table for workforce analytics and Power BI reporting.
naftiko: "0.5"
info:
label: "Workday Headcount Snapshot to Snowflake"
description: "Exports a headcount snapshot from Workday HCM and loads it into a Snowflake table for workforce analytics and Power BI reporting."
tags:
- hr
- analytics
- workday
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: workforce-analytics
port: 8080
tools:
- name: sync-headcount-to-snowflake
description: "Given a Workday organization ID and a target Snowflake table, export the current headcount snapshot from Workday and load it into Snowflake for BI consumption."
inputParameters:
- name: org_id
in: body
type: string
description: "Workday organization ID for headcount export."
- name: snowflake_table
in: body
type: string
description: "Snowflake target table in format DATABASE.SCHEMA.TABLE."
steps:
- name: export-headcount
type: call
call: "workday-hc.export-workers"
with:
orgId: "{{org_id}}"
- name: load-snowflake
type: call
call: "snowflake-load.insert-rows"
with:
table: "{{snowflake_table}}"
rows: "{{export-headcount.workers}}"
consumes:
- type: http
namespace: workday-hc
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers"
inputParameters:
- name: organizationId
in: query
operations:
- name: export-workers
method: GET
- type: http
namespace: snowflake-load
baseUri: "https://intel.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: rows
path: "/statements"
operations:
- name: insert-rows
method: POST
Workday Headcount to Snowflake
▼
hr data workday snowflake
Loads headcount snapshot.
naftiko: "0.5"
info:
label: "Workday Headcount to Snowflake"
description: "Loads headcount snapshot."
tags:
- hr
- data
- workday
- snowflake
capability:
exposes:
- type: mcp
namespace: workday
port: 8080
tools:
- name: workday-headcount-to-snowflake-load
description: "Loads headcount snapshot."
inputParameters:
- name: input_id
in: body
type: string
description: "Input identifier."
steps:
- name: get-data
type: call
call: "data.get-data"
with:
id: "{{input_id}}"
consumes:
- type: http
namespace: data
baseUri: "https://data.intel.com/api/v1"
authentication:
type: bearer
token: "$secrets.data_token"
resources:
- name: data
path: "/data"
operations:
- name: get-data
method: GET
Workday New Hire Onboarding Orchestrator
▼
hr onboarding workday servicenow microsoft-teams
When a new hire is created in Workday, provisions access in ServiceNow, sends a Microsoft Teams welcome message, and creates a SharePoint onboarding folder.
naftiko: "0.5"
info:
label: "Workday New Hire Onboarding Orchestrator"
description: "When a new hire is created in Workday, provisions access in ServiceNow, sends a Microsoft Teams welcome message, and creates a SharePoint onboarding folder."
tags:
- hr
- onboarding
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full new hire onboarding sequence across ServiceNow, Microsoft Teams, and SharePoint."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "Employee start date in YYYY-MM-DD format."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
workerId: "{{workday_employee_id}}"
- name: open-onboard-ticket
type: call
call: "servicenow.create-ticket"
with:
short_description: "New hire onboarding: {{get-employee.preferredName}}"
category: "hr_onboarding"
assignment_group: "IT_Onboarding"
- name: send-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-employee.workEmail}}"
message: "Welcome to Intel, {{get-employee.preferredName}}! Your onboarding ticket: {{open-onboard-ticket.number}}"
- name: create-folder
type: call
call: "graph-sp.create-folder"
with:
site_id: "intel-hr-onboarding"
folder_name: "{{get-employee.preferredName}}_{{start_date}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{workerId}}"
inputParameters:
- name: workerId
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: tickets
path: "/table/sc_request"
operations:
- name: create-ticket
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: graph-sp
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.graph_token"
resources:
- name: folders
path: "/sites/{{site_id}}/drive/root/children"
inputParameters:
- name: site_id
in: path
operations:
- name: create-folder
method: POST
Workday New Hire to Okta Provisioning
▼
hr security workday okta onboarding
When a new hire is detected in Workday, creates an Okta account and assigns standard applications for onboarding.
naftiko: "0.5"
info:
label: "Workday New Hire to Okta Provisioning"
description: "When a new hire is detected in Workday, creates an Okta account and assigns standard applications for onboarding."
tags:
- hr
- security
- workday
- okta
- onboarding
capability:
exposes:
- type: mcp
namespace: onboarding
port: 8080
tools:
- name: provision-new-hire
description: "Given a Workday worker ID, create Okta user and assign applications."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: create-okta-user
type: call
call: "okta.create-user"
with:
email: "{{get-worker.email}}"
firstName: "{{get-worker.firstName}}"
lastName: "{{get-worker.lastName}}"
- name: assign-apps
type: call
call: "okta.assign-app"
with:
user_id: "{{get-worker.email}}"
app_id: "$secrets.okta_standard_app_id"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://intel.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "SSWS $secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- name: app-users
path: "/apps/{{app_id}}/users"
inputParameters:
- name: app_id
in: path
operations:
- name: assign-app
method: POST
Workday Role Change to Okta Sync
▼
hr security workday okta servicenow
When a Workday employee changes roles, updates Okta group memberships and logs the change in ServiceNow.
naftiko: "0.5"
info:
label: "Workday Role Change to Okta Sync"
description: "When a Workday employee changes roles, updates Okta group memberships and logs the change in ServiceNow."
tags:
- hr
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: role-sync
port: 8080
tools:
- name: sync-role
description: "Given a worker ID and new department, update Okta groups and log in ServiceNow."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
- name: new_department
in: body
type: string
description: "New department."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: update-groups
type: call
call: "okta.update-groups"
with:
user_id: "{{get-worker.email}}"
group_name: "{{new_department}}"
- name: log-change
type: call
call: "servicenow.create-record"
with:
short_description: "Role change: {{get-worker.full_name}} to {{new_department}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://intel.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "SSWS $secrets.okta_api_token"
placement: header
resources:
- name: groups
path: "/groups"
operations:
- name: update-groups
method: PUT
- type: http
namespace: servicenow
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: records
path: "/table/sys_audit"
operations:
- name: create-record
method: POST
Workday Role Change to Salesforce Permission Update
▼
hr security workday salesforce access-management
When an employee's role changes in Workday, automatically updates their Salesforce permission set assignments to match the new job profile.
naftiko: "0.5"
info:
label: "Workday Role Change to Salesforce Permission Update"
description: "When an employee's role changes in Workday, automatically updates their Salesforce permission set assignments to match the new job profile."
tags:
- hr
- security
- workday
- salesforce
- access-management
capability:
exposes:
- type: mcp
namespace: role-provisioning
port: 8080
tools:
- name: sync-role-to-salesforce
description: "Given a Workday employee ID and new job profile name, look up the current Salesforce user for this employee and update their permission set assignments to reflect the new role."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: new_job_profile
in: body
type: string
description: "New Workday job profile name."
- name: employee_email
in: body
type: string
description: "Employee corporate email address for Salesforce user lookup."
steps:
- name: get-wd-worker
type: call
call: "workday-role.get-worker"
with:
workerId: "{{employee_id}}"
- name: get-sf-user
type: call
call: "salesforce-user-lookup.query-user"
with:
email: "{{employee_email}}"
- name: update-permissions
type: call
call: "salesforce-perms.update-permission-set"
with:
user_id: "{{get-sf-user.Id}}"
permission_set: "{{new_job_profile}}_Access"
consumes:
- type: http
namespace: workday-role
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{workerId}}"
inputParameters:
- name: workerId
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: salesforce-user-lookup
baseUri: "https://intel.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/query"
inputParameters:
- name: q
in: query
operations:
- name: query-user
method: GET
- type: http
namespace: salesforce-perms
baseUri: "https://intel.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: permission-sets
path: "/sobjects/PermissionSetAssignment"
operations:
- name: update-permission-set
method: POST
Workday Termination to Okta Deprovisioning
▼
hr security workday okta servicenow offboarding
When a Workday termination event fires, deactivates the user in Okta and creates a ServiceNow offboarding task.
naftiko: "0.5"
info:
label: "Workday Termination to Okta Deprovisioning"
description: "When a Workday termination event fires, deactivates the user in Okta and creates a ServiceNow offboarding task."
tags:
- hr
- security
- workday
- okta
- servicenow
- offboarding
capability:
exposes:
- type: mcp
namespace: offboarding
port: 8080
tools:
- name: handle-termination
description: "Given a Workday worker ID, deactivate the Okta user and create a ServiceNow offboarding task."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: deactivate-okta
type: call
call: "okta.deactivate-user"
with:
user_id: "{{get-worker.email}}"
- name: create-task
type: call
call: "servicenow-hr.create-task"
with:
short_description: "Offboarding: {{get-worker.full_name}} deprovisioned"
assignment_group: "HR_Operations"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/intel/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://intel.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "SSWS $secrets.okta_api_token"
placement: header
resources:
- name: users
path: "/users/{{user_id}}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: servicenow-hr
baseUri: "https://intel.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST