Morgan Stanley Capabilities
Naftiko 0.5 capability definitions for Morgan Stanley - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
ADP Payroll Variance Alert
▼
finance payroll adp snowflake servicenow microsoft-teams
Compares ADP payroll run totals against Snowflake budget forecasts, creates a ServiceNow task for finance review if variance exceeds threshold, and notifies via Teams.
naftiko: "0.5"
info:
label: "ADP Payroll Variance Alert"
description: "Compares ADP payroll run totals against Snowflake budget forecasts, creates a ServiceNow task for finance review if variance exceeds threshold, and notifies via Teams."
tags:
- finance
- payroll
- adp
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: payroll-variance
port: 8080
tools:
- name: check-payroll-variance
description: "Given a payroll period, compare ADP actuals against Snowflake budget and alert if variance exceeds threshold."
inputParameters:
- name: payroll_period
in: body
type: string
description: "Payroll period identifier (e.g., 2026-03)."
- name: variance_threshold
in: body
type: number
description: "Percentage variance threshold."
steps:
- name: get-budget-forecast
type: call
call: "snowflake-payroll.execute-query"
with:
statement: "SELECT department, budgeted_amount, actual_amount, ((actual_amount - budgeted_amount)/budgeted_amount * 100) as variance_pct FROM finance.payroll_budget WHERE period = '{{payroll_period}}' AND ABS(variance_pct) > {{variance_threshold}}"
- name: create-review-task
type: call
call: "snow-finance.create-task"
with:
short_description: "Payroll variance alert: {{payroll_period}}"
description: "Departments exceeding {{variance_threshold}}% variance threshold identified."
assignment_group: "Finance_Payroll"
- name: notify-finance
type: call
call: "teams-payroll.send-message"
with:
channel_id: "$secrets.finance_teams_channel"
text: "Payroll Variance Alert: Period {{payroll_period}} has departments exceeding {{variance_threshold}}% variance. ServiceNow: {{create-review-task.number}}"
consumes:
- type: http
namespace: snowflake-payroll
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: snow-finance
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: teams-payroll
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/$secrets.finance_team_id/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Anthropic AI Compliance Document Review
▼
ai compliance anthropic sharepoint snowflake microsoft-teams document-review
Fetches a compliance document from SharePoint, sends it to Anthropic Claude for risk clause identification, logs flagged clauses to Snowflake, and posts a review summary to the Legal Compliance Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Anthropic AI Compliance Document Review"
description: "Fetches a compliance document from SharePoint, sends it to Anthropic Claude for risk clause identification, logs flagged clauses to Snowflake, and posts a review summary to the Legal Compliance Microsoft Teams channel."
tags:
- ai
- compliance
- anthropic
- sharepoint
- snowflake
- microsoft-teams
- document-review
capability:
exposes:
- type: mcp
namespace: ai-compliance-review
port: 8080
tools:
- name: review-compliance-document
description: "Given a SharePoint document ID for a compliance document, extract text content, send to Anthropic Claude for risk clause detection, log findings to Snowflake, and post the review summary to the LegalCompliance Teams channel."
inputParameters:
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the compliance document is stored."
- name: document_item_id
in: body
type: string
description: "SharePoint drive item ID of the compliance document to review."
- name: regulation_context
in: body
type: string
description: "Regulatory context to frame the review, e.g. 'MiFID II', 'GDPR', 'SEC Rule 17a-4'."
steps:
- name: fetch-document
type: call
call: "sharepoint-legal.get-file-content"
with:
site_id: "{{sharepoint_site_id}}"
item_id: "{{document_item_id}}"
- name: ai-review
type: call
call: "anthropic-review.create-message"
with:
model: "claude-opus-4-5"
content: "Review the following document for compliance risk clauses under {{regulation_context}}: {{fetch-document.text_content}}"
- name: log-findings
type: call
call: "snowflake-legal.insert-record"
with:
table: "COMPLIANCE.AI_DOCUMENT_REVIEWS"
document_id: "{{document_item_id}}"
regulation: "{{regulation_context}}"
risk_clauses: "{{ai-review.content}}"
- name: notify-legal
type: call
call: "msteams-legal.post-channel-message"
with:
channel_id: "LegalCompliance"
text: "AI compliance review complete for document {{document_item_id}} under {{regulation_context}}. Risk clauses identified and logged to Snowflake."
consumes:
- type: http
namespace: sharepoint-legal
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: file-content
path: "/sites/{{site_id}}/drive/items/{{item_id}}/content"
inputParameters:
- name: site_id
in: path
- name: item_id
in: path
operations:
- name: get-file-content
method: GET
- type: http
namespace: anthropic-review
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: snowflake-legal
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: msteams-legal
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Anthropic Client Communication Draft
▼
client-management ai-content anthropic salesforce confluence slack
Generates personalized client communication drafts using Anthropic Claude based on Salesforce relationship data, stores in Confluence for review, and notifies the advisor via Slack.
naftiko: "0.5"
info:
label: "Anthropic Client Communication Draft"
description: "Generates personalized client communication drafts using Anthropic Claude based on Salesforce relationship data, stores in Confluence for review, and notifies the advisor via Slack."
tags:
- client-management
- ai-content
- anthropic
- salesforce
- confluence
- slack
capability:
exposes:
- type: mcp
namespace: client-comms
port: 8080
tools:
- name: draft-client-communication
description: "Given a Salesforce account ID and communication purpose, draft a personalized message using Claude."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: purpose
in: body
type: string
description: "Communication purpose (e.g., quarterly review, market update, birthday)."
steps:
- name: get-client-data
type: call
call: "sfdc-comms.get-account"
with:
id: "{{account_id}}"
- name: generate-draft
type: call
call: "anthropic-comms.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Draft a professional {{purpose}} communication for client {{get-client-data.name}} ({{get-client-data.industry}}). Relationship manager: {{get-client-data.owner_name}}. Keep it warm, professional, and concise."
- name: store-draft
type: call
call: "confluence-comms.create-page"
with:
space: "CLIENT"
title: "Draft: {{purpose}} - {{get-client-data.name}}"
body: "{{generate-draft.text}}"
- name: notify-advisor
type: call
call: "slack-comms.post-message"
with:
channel: "$secrets.advisors_slack_channel"
text: "Client communication draft ready: {{purpose}} for {{get-client-data.name}}. Review in Confluence: {{store-draft.url}}"
consumes:
- type: http
namespace: sfdc-comms
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: anthropic-comms
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: confluence-comms
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: slack-comms
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Anthropic Regulatory Document Summarization
▼
compliance ai anthropic confluence microsoft-teams
Submits a regulatory document to Anthropic Claude for summarization, stores the summary in Confluence, and notifies the compliance team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Anthropic Regulatory Document Summarization"
description: "Submits a regulatory document to Anthropic Claude for summarization, stores the summary in Confluence, and notifies the compliance team via Microsoft Teams."
tags:
- compliance
- ai
- anthropic
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: reg-doc-summary
port: 8080
tools:
- name: summarize-regulatory-document
description: "Given a Confluence page ID containing a regulatory document, generate an AI summary and notify the compliance team."
inputParameters:
- name: source_page_id
in: body
type: string
description: "Confluence page ID of the regulatory document."
- name: target_space
in: body
type: string
description: "Confluence space key to store the summary."
steps:
- name: get-document
type: call
call: "confluence-reg.get-page"
with:
page_id: "{{source_page_id}}"
- name: generate-summary
type: call
call: "anthropic-reg.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Summarize the following regulatory document in 3-5 key points, highlighting compliance requirements and deadlines: {{get-document.body}}"
- name: store-summary
type: call
call: "confluence-reg.create-page"
with:
space: "{{target_space}}"
title: "Summary: {{get-document.title}}"
body: "{{generate-summary.text}}"
- name: notify-compliance
type: call
call: "teams-compliance.send-message"
with:
channel_id: "$secrets.compliance_teams_channel"
text: "New regulatory summary available: {{get-document.title}}. View: {{store-summary.url}}"
consumes:
- type: http
namespace: confluence-reg
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content/{{page_id}}?expand=body.storage"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
- name: new-pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: anthropic-reg
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: teams-compliance
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/$secrets.compliance_team_id/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Anti-Money Laundering Transaction Screening
▼
compliance aml refinitiv servicenow snowflake
Screens high-value transactions against sanctions lists via Refinitiv World-Check, creates a compliance case in ServiceNow if flagged, and logs results to Snowflake for audit trail.
naftiko: "0.5"
info:
label: "Anti-Money Laundering Transaction Screening"
description: "Screens high-value transactions against sanctions lists via Refinitiv World-Check, creates a compliance case in ServiceNow if flagged, and logs results to Snowflake for audit trail."
tags:
- compliance
- aml
- refinitiv
- servicenow
- snowflake
capability:
exposes:
- type: mcp
namespace: aml-screening
port: 8080
tools:
- name: screen-transaction
description: "Given a transaction ID, counterparty name, and amount, screen against sanctions lists and create a compliance case if flagged."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Internal transaction reference ID."
- name: counterparty_name
in: body
type: string
description: "Name of the transaction counterparty."
- name: amount
in: body
type: number
description: "Transaction amount in USD."
steps:
- name: sanctions-check
type: call
call: "refinitiv-aml.search-entity"
with:
name: "{{counterparty_name}}"
entity_type: "organization"
- name: create-compliance-case
type: call
call: "snow-compliance.create-case"
with:
short_description: "AML screening alert: {{counterparty_name}} - ${{amount}}"
description: "Transaction: {{transaction_id}}\nMatch count: {{sanctions-check.match_count}}\nRisk score: {{sanctions-check.risk_score}}"
assignment_group: "AML_Compliance"
- name: log-screening-result
type: call
call: "snowflake-aml.insert-record"
with:
table: "COMPLIANCE.AML_SCREENINGS"
transaction_id: "{{transaction_id}}"
counterparty: "{{counterparty_name}}"
risk_score: "{{sanctions-check.risk_score}}"
case_number: "{{create-compliance-case.number}}"
consumes:
- type: http
namespace: refinitiv-aml
baseUri: "https://api.thomsonreuters.com/worldcheck/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: entities
path: "/entities/search"
operations:
- name: search-entity
method: POST
- type: http
namespace: snow-compliance
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cases
path: "/table/sn_compliance_case"
operations:
- name: create-case
method: POST
- type: http
namespace: snowflake-aml
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
Azure DevOps Deployment Approval Gate
▼
devops deployment azure-devops sonarqube slack
Validates a deployment release in Azure DevOps, checks SonarQube quality gate status, and posts approval request to the release management Slack channel.
naftiko: "0.5"
info:
label: "Azure DevOps Deployment Approval Gate"
description: "Validates a deployment release in Azure DevOps, checks SonarQube quality gate status, and posts approval request to the release management Slack channel."
tags:
- devops
- deployment
- azure-devops
- sonarqube
- slack
capability:
exposes:
- type: mcp
namespace: deploy-gate
port: 8080
tools:
- name: validate-deployment
description: "Given an Azure DevOps release ID and project, check quality gates and post approval request to Slack."
inputParameters:
- name: project
in: body
type: string
description: "Azure DevOps project name."
- name: release_id
in: body
type: string
description: "Azure DevOps release ID."
steps:
- name: get-release
type: call
call: "azdo-release.get-release"
with:
project: "{{project}}"
release_id: "{{release_id}}"
- name: check-quality-gate
type: call
call: "sonarqube-api.get-quality-gate"
with:
project_key: "{{get-release.artifact_source}}"
- name: post-approval-request
type: call
call: "slack-release.post-message"
with:
channel: "$secrets.release_mgmt_channel"
text: "Deployment approval needed: {{project}} release {{release_id}}\nQuality Gate: {{check-quality-gate.status}}\nArtifact: {{get-release.artifact_version}}"
consumes:
- type: http
namespace: azdo-release
baseUri: "https://vsrm.dev.azure.com/morganstanley"
authentication:
type: bearer
token: "$secrets.azdo_pat"
resources:
- name: releases
path: "/{{project}}/_apis/release/releases/{{release_id}}"
inputParameters:
- name: project
in: path
- name: release_id
in: path
operations:
- name: get-release
method: GET
- type: http
namespace: sonarqube-api
baseUri: "https://sonarqube.morganstanley.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality-gates
path: "/qualitygates/project_status"
inputParameters:
- name: project_key
in: query
operations:
- name: get-quality-gate
method: GET
- type: http
namespace: slack-release
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Azure Resource Health Check
▼
cloud infrastructure microsoft-azure
Checks the health status of an Azure resource, returning availability state and any active service issues affecting Morgan Stanley cloud infrastructure.
naftiko: "0.5"
info:
label: "Azure Resource Health Check"
description: "Checks the health status of an Azure resource, returning availability state and any active service issues affecting Morgan Stanley cloud infrastructure."
tags:
- cloud
- infrastructure
- microsoft-azure
capability:
exposes:
- type: mcp
namespace: azure-health
port: 8080
tools:
- name: check-resource-health
description: "Given an Azure resource ID, return its current availability status and any recent health events."
inputParameters:
- name: resource_id
in: body
type: string
description: "Full Azure resource ID."
call: "azure-api.get-health"
with:
resource_id: "{{resource_id}}"
outputParameters:
- name: availability_state
type: string
mapping: "$.properties.availabilityState"
consumes:
- type: http
namespace: azure-api
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: health
path: "/{{resource_id}}/providers/Microsoft.ResourceHealth/availabilityStatuses/current"
inputParameters:
- name: resource_id
in: path
operations:
- name: get-health
method: GET
Bloomberg Credit Risk Assessment Workflow
▼
risk-management credit bloomberg snowflake confluence
Pulls credit ratings from Bloomberg, calculates exposure metrics in Snowflake, and generates a risk assessment summary stored in Confluence for the credit committee.
naftiko: "0.5"
info:
label: "Bloomberg Credit Risk Assessment Workflow"
description: "Pulls credit ratings from Bloomberg, calculates exposure metrics in Snowflake, and generates a risk assessment summary stored in Confluence for the credit committee."
tags:
- risk-management
- credit
- bloomberg
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: credit-risk
port: 8080
tools:
- name: assess-credit-risk
description: "Given a counterparty identifier, pull credit data and generate a risk assessment."
inputParameters:
- name: counterparty_id
in: body
type: string
description: "Counterparty identifier."
steps:
- name: get-credit-ratings
type: call
call: "bloomberg-cr.get-ratings"
with:
entity: "{{counterparty_id}}"
- name: calculate-exposure
type: call
call: "snowflake-cr.execute-query"
with:
statement: "SELECT total_exposure, net_exposure, collateral_value FROM risk.counterparty_exposure WHERE counterparty_id = '{{counterparty_id}}'"
- name: publish-assessment
type: call
call: "confluence-cr.create-page"
with:
space: "CREDIT"
title: "Credit Assessment: {{counterparty_id}}"
body: "Rating: {{get-credit-ratings.rating}}\nTotal Exposure: {{calculate-exposure.total_exposure}}\nNet Exposure: {{calculate-exposure.net_exposure}}"
consumes:
- type: http
namespace: bloomberg-cr
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: ratings
path: "/credit-ratings/{{entity}}"
inputParameters:
- name: entity
in: path
operations:
- name: get-ratings
method: GET
- type: http
namespace: snowflake-cr
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence-cr
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Bloomberg EOD Market Summary Distribution
▼
trading market-data bloomberg anthropic slack microsoft-teams
Pulls end-of-day market summary data from Bloomberg, formats a digest using Anthropic Claude, and distributes to trading desks via Slack and Microsoft Teams.
naftiko: "0.5"
info:
label: "Bloomberg EOD Market Summary Distribution"
description: "Pulls end-of-day market summary data from Bloomberg, formats a digest using Anthropic Claude, and distributes to trading desks via Slack and Microsoft Teams."
tags:
- trading
- market-data
- bloomberg
- anthropic
- slack
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: eod-summary
port: 8080
tools:
- name: distribute-eod-summary
description: "Generate and distribute an end-of-day market summary to trading desks."
inputParameters:
- name: market_date
in: body
type: string
description: "Market date in YYYY-MM-DD format."
steps:
- name: get-market-data
type: call
call: "bloomberg-eod.get-summary"
with:
date: "{{market_date}}"
- name: format-digest
type: call
call: "anthropic-eod.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Format a concise end-of-day market summary for {{market_date}}: {{get-market-data.summary}}. Include key index moves, notable sector performance, and overnight outlook."
- name: post-to-slack
type: call
call: "slack-eod.post-message"
with:
channel: "$secrets.trading_slack_channel"
text: "EOD Market Summary - {{market_date}}\n\n{{format-digest.text}}"
consumes:
- type: http
namespace: bloomberg-eod
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: summaries
path: "/market-summary/{{date}}"
inputParameters:
- name: date
in: path
operations:
- name: get-summary
method: GET
- type: http
namespace: anthropic-eod
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: slack-eod
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Bloomberg Market Data Lookup
▼
trading market-data bloomberg
Retrieves real-time market data for a given security ticker from Bloomberg Enterprise Data, returning price, volume, and change metrics for trading desk review.
naftiko: "0.5"
info:
label: "Bloomberg Market Data Lookup"
description: "Retrieves real-time market data for a given security ticker from Bloomberg Enterprise Data, returning price, volume, and change metrics for trading desk review."
tags:
- trading
- market-data
- bloomberg
capability:
exposes:
- type: mcp
namespace: market-data
port: 8080
tools:
- name: get-security-quote
description: "Given a Bloomberg security ticker, return current price, daily change, volume, and 52-week range. Use for pre-trade analysis or portfolio monitoring."
inputParameters:
- name: ticker
in: body
type: string
description: "Bloomberg security ticker symbol."
call: "bloomberg-data.get-quote"
with:
security: "{{ticker}}"
outputParameters:
- name: last_price
type: string
mapping: "$.last_price"
- name: daily_change
type: string
mapping: "$.daily_change_pct"
- name: volume
type: string
mapping: "$.volume"
consumes:
- type: http
namespace: bloomberg-data
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: quotes
path: "/quotes/{{security}}"
inputParameters:
- name: security
in: path
operations:
- name: get-quote
method: GET
Bloomberg Terminal Trade Execution Log
▼
trading post-trade bloomberg snowflake slack
Logs completed trade executions from Bloomberg AIM to Snowflake for post-trade analytics and generates a Slack summary notification for the trading desk.
naftiko: "0.5"
info:
label: "Bloomberg Terminal Trade Execution Log"
description: "Logs completed trade executions from Bloomberg AIM to Snowflake for post-trade analytics and generates a Slack summary notification for the trading desk."
tags:
- trading
- post-trade
- bloomberg
- snowflake
- slack
capability:
exposes:
- type: mcp
namespace: trade-logging
port: 8080
tools:
- name: log-trade-execution
description: "Given a Bloomberg trade reference, log execution details to Snowflake and send a Slack summary to the trading desk channel."
inputParameters:
- name: trade_ref
in: body
type: string
description: "Bloomberg AIM trade reference ID."
- name: desk_channel
in: body
type: string
description: "Slack channel ID for the trading desk."
steps:
- name: get-trade-details
type: call
call: "bloomberg-trade.get-execution"
with:
reference: "{{trade_ref}}"
- name: log-to-snowflake
type: call
call: "snowflake-trade.insert-record"
with:
table: "TRADING.EXECUTIONS"
trade_ref: "{{trade_ref}}"
security: "{{get-trade-details.security}}"
quantity: "{{get-trade-details.quantity}}"
price: "{{get-trade-details.execution_price}}"
- name: notify-desk
type: call
call: "slack-trade.post-message"
with:
channel: "{{desk_channel}}"
text: "Trade executed: {{get-trade-details.security}} | Qty: {{get-trade-details.quantity}} @ {{get-trade-details.execution_price}} | Ref: {{trade_ref}}"
consumes:
- type: http
namespace: bloomberg-trade
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: executions
path: "/executions/{{reference}}"
inputParameters:
- name: reference
in: path
operations:
- name: get-execution
method: GET
- type: http
namespace: snowflake-trade
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: slack-trade
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Box Document Classification Workflow
▼
document-management classification box anthropic snowflake
When a document is uploaded to Box, uses Anthropic Claude to classify it, applies retention labels, and logs the classification to Snowflake for compliance tracking.
naftiko: "0.5"
info:
label: "Box Document Classification Workflow"
description: "When a document is uploaded to Box, uses Anthropic Claude to classify it, applies retention labels, and logs the classification to Snowflake for compliance tracking."
tags:
- document-management
- classification
- box
- anthropic
- snowflake
capability:
exposes:
- type: mcp
namespace: doc-classification
port: 8080
tools:
- name: classify-document
description: "Given a Box file ID, classify the document using Claude and log the classification to Snowflake."
inputParameters:
- name: file_id
in: body
type: string
description: "Box file ID to classify."
steps:
- name: get-file-content
type: call
call: "box-api.get-file"
with:
file_id: "{{file_id}}"
- name: classify-with-ai
type: call
call: "anthropic-cls.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Classify this document into one of: Client Agreement, Regulatory Filing, Internal Memo, Research Report, Trade Confirmation. Document: {{get-file-content.text_representation}}"
- name: log-classification
type: call
call: "snowflake-cls.insert-record"
with:
table: "COMPLIANCE.DOCUMENT_CLASSIFICATIONS"
file_id: "{{file_id}}"
classification: "{{classify-with-ai.text}}"
file_name: "{{get-file-content.name}}"
consumes:
- type: http
namespace: box-api
baseUri: "https://api.box.com/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: files
path: "/files/{{file_id}}"
inputParameters:
- name: file_id
in: path
operations:
- name: get-file
method: GET
- type: http
namespace: anthropic-cls
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: snowflake-cls
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
Client Account Opening Workflow
▼
client-onboarding account-opening salesforce refinitiv servicenow
Orchestrates new client account opening by creating a Salesforce account record, initiating KYC screening via Refinitiv, and opening a ServiceNow onboarding task.
naftiko: "0.5"
info:
label: "Client Account Opening Workflow"
description: "Orchestrates new client account opening by creating a Salesforce account record, initiating KYC screening via Refinitiv, and opening a ServiceNow onboarding task."
tags:
- client-onboarding
- account-opening
- salesforce
- refinitiv
- servicenow
capability:
exposes:
- type: mcp
namespace: account-opening
port: 8080
tools:
- name: open-client-account
description: "Given client details, create a Salesforce account, run KYC screening, and open a ServiceNow onboarding task."
inputParameters:
- name: client_name
in: body
type: string
description: "Full legal name of the client."
- name: entity_type
in: body
type: string
description: "Entity type: individual or organization."
- name: country
in: body
type: string
description: "ISO country code for the client."
steps:
- name: create-sfdc-account
type: call
call: "sfdc-onboard.create-account"
with:
name: "{{client_name}}"
type: "{{entity_type}}"
country: "{{country}}"
- name: run-kyc
type: call
call: "refinitiv-onboard.screen-entity"
with:
name: "{{client_name}}"
entity_type: "{{entity_type}}"
- name: open-onboarding-task
type: call
call: "snow-onboard.create-task"
with:
short_description: "Account onboarding: {{client_name}}"
description: "Salesforce Account: {{create-sfdc-account.id}}\nKYC Risk Score: {{run-kyc.risk_score}}"
assignment_group: "Client_Onboarding"
consumes:
- type: http
namespace: sfdc-onboard
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account"
operations:
- name: create-account
method: POST
- type: http
namespace: refinitiv-onboard
baseUri: "https://api.thomsonreuters.com/worldcheck/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: screening
path: "/entities/search"
operations:
- name: screen-entity
method: POST
- type: http
namespace: snow-onboard
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Client Document Collection Workflow
▼
client-onboarding document-management docusign salesforce microsoft-teams
Creates a DocuSign envelope for required client documents, tracks collection status in Salesforce, and sends follow-up reminders via Microsoft Teams.
naftiko: "0.5"
info:
label: "Client Document Collection Workflow"
description: "Creates a DocuSign envelope for required client documents, tracks collection status in Salesforce, and sends follow-up reminders via Microsoft Teams."
tags:
- client-onboarding
- document-management
- docusign
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: doc-collection
port: 8080
tools:
- name: initiate-document-collection
description: "Given a Salesforce opportunity ID and document template, create a DocuSign envelope and track in Salesforce."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
- name: template_id
in: body
type: string
description: "DocuSign template ID for required documents."
- name: client_email
in: body
type: string
description: "Client email address for signing."
steps:
- name: get-opportunity
type: call
call: "sfdc-doc.get-opportunity"
with:
opp_id: "{{opportunity_id}}"
- name: create-envelope
type: call
call: "docusign-doc.create-envelope"
with:
template_id: "{{template_id}}"
signer_email: "{{client_email}}"
signer_name: "{{get-opportunity.contact_name}}"
- name: update-opportunity
type: call
call: "sfdc-doc.update-opportunity"
with:
opp_id: "{{opportunity_id}}"
envelope_id: "{{create-envelope.envelopeId}}"
doc_status: "Sent"
consumes:
- type: http
namespace: sfdc-doc
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- name: update-opportunity
method: PATCH
- type: http
namespace: docusign-doc
baseUri: "https://na4.docusign.net/restapi/v2.1"
authentication:
type: bearer
token: "$secrets.docusign_token"
resources:
- name: envelopes
path: "/accounts/default/envelopes"
operations:
- name: create-envelope
method: POST
Client Portfolio Rebalance Notification
▼
wealth-management portfolio snowflake salesforce microsoft-teams
When a Snowflake portfolio drift query exceeds threshold, creates a Salesforce task for the financial advisor and sends a Microsoft Teams notification with rebalance recommendations.
naftiko: "0.5"
info:
label: "Client Portfolio Rebalance Notification"
description: "When a Snowflake portfolio drift query exceeds threshold, creates a Salesforce task for the financial advisor and sends a Microsoft Teams notification with rebalance recommendations."
tags:
- wealth-management
- portfolio
- snowflake
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: portfolio-rebalance
port: 8080
tools:
- name: trigger-rebalance-alert
description: "Given a client account ID and drift threshold, query Snowflake for portfolio drift, create a Salesforce task, and notify the advisor via Teams."
inputParameters:
- name: client_account_id
in: body
type: string
description: "Client portfolio account identifier."
- name: drift_threshold
in: body
type: number
description: "Percentage drift threshold that triggers the alert."
steps:
- name: check-drift
type: call
call: "snowflake-portfolio.execute-query"
with:
statement: "SELECT asset_class, target_pct, actual_pct, (actual_pct - target_pct) AS drift FROM wealth.portfolio_allocations WHERE account_id = '{{client_account_id}}' AND ABS(actual_pct - target_pct) > {{drift_threshold}}"
- name: create-advisor-task
type: call
call: "sfdc-task.create-task"
with:
subject: "Portfolio rebalance required: {{client_account_id}}"
description: "Drift detected exceeding {{drift_threshold}}% threshold. Review allocation changes."
priority: "High"
- name: notify-advisor
type: call
call: "teams-notify.send-message"
with:
recipient_upn: "{{create-advisor-task.owner_email}}"
text: "Portfolio drift alert for account {{client_account_id}}. Salesforce task: {{create-advisor-task.task_id}}"
consumes:
- type: http
namespace: snowflake-portfolio
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: sfdc-task
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
- type: http
namespace: teams-notify
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Confluence Page Content Retrieval
▼
documentation knowledge-management confluence
Fetches the title and body content of a Confluence wiki page by ID, supporting knowledge base lookups and document review workflows.
naftiko: "0.5"
info:
label: "Confluence Page Content Retrieval"
description: "Fetches the title and body content of a Confluence wiki page by ID, supporting knowledge base lookups and document review workflows."
tags:
- documentation
- knowledge-management
- confluence
capability:
exposes:
- type: mcp
namespace: wiki-content
port: 8080
tools:
- name: get-page-content
description: "Given a Confluence page ID, return the page title, body content, and last modified date."
inputParameters:
- name: page_id
in: body
type: string
description: "Confluence page ID."
call: "confluence-api.get-page"
with:
id: "{{page_id}}"
outputParameters:
- name: title
type: string
mapping: "$.title"
- name: body
type: string
mapping: "$.body.storage.value"
consumes:
- type: http
namespace: confluence-api
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content/{{id}}?expand=body.storage"
inputParameters:
- name: id
in: path
operations:
- name: get-page
method: GET
Confluence Runbook Automated Execution
▼
operations runbooks confluence datadog servicenow
Retrieves operational runbook steps from Confluence, validates preconditions via Datadog health checks, and logs execution results to ServiceNow.
naftiko: "0.5"
info:
label: "Confluence Runbook Automated Execution"
description: "Retrieves operational runbook steps from Confluence, validates preconditions via Datadog health checks, and logs execution results to ServiceNow."
tags:
- operations
- runbooks
- confluence
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: runbook-exec
port: 8080
tools:
- name: execute-runbook
description: "Given a Confluence runbook page ID, validate preconditions and log execution results."
inputParameters:
- name: runbook_page_id
in: body
type: string
description: "Confluence runbook page ID."
- name: service_name
in: body
type: string
description: "Target service for runbook execution."
steps:
- name: get-runbook
type: call
call: "confluence-rb.get-page"
with:
page_id: "{{runbook_page_id}}"
- name: check-preconditions
type: call
call: "datadog-rb.get-service-health"
with:
service: "{{service_name}}"
- name: log-execution
type: call
call: "snow-rb.create-record"
with:
short_description: "Runbook executed: {{get-runbook.title}}"
description: "Service: {{service_name}}\nPrecondition check: {{check-preconditions.overall_state}}"
consumes:
- type: http
namespace: confluence-rb
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content/{{page_id}}?expand=body.storage"
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
- type: http
namespace: datadog-rb
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: services
path: "/service_level_objectives"
operations:
- name: get-service-health
method: GET
- type: http
namespace: snow-rb
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: records
path: "/table/change_request"
operations:
- name: create-record
method: POST
Coupa Purchase Order Approval Workflow
▼
procurement approvals coupa servicenow microsoft-teams
Routes Coupa purchase orders exceeding budget thresholds through ServiceNow approval and notifies the budget owner via Microsoft Teams.
naftiko: "0.5"
info:
label: "Coupa Purchase Order Approval Workflow"
description: "Routes Coupa purchase orders exceeding budget thresholds through ServiceNow approval and notifies the budget owner via Microsoft Teams."
tags:
- procurement
- approvals
- coupa
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: po-approval
port: 8080
tools:
- name: route-po-approval
description: "Given a Coupa PO number, retrieve details, create a ServiceNow approval, and notify the budget owner."
inputParameters:
- name: po_number
in: body
type: string
description: "Coupa purchase order number."
steps:
- name: get-po-details
type: call
call: "coupa-api.get-po"
with:
po_number: "{{po_number}}"
- name: create-approval
type: call
call: "snow-procurement.create-approval"
with:
short_description: "PO Approval: {{po_number}} - ${{get-po-details.total_amount}}"
description: "Supplier: {{get-po-details.supplier_name}}\nAmount: ${{get-po-details.total_amount}}\nCost Center: {{get-po-details.cost_center}}"
- name: notify-budget-owner
type: call
call: "teams-procurement.send-message"
with:
recipient_upn: "{{get-po-details.budget_owner_email}}"
text: "PO {{po_number}} (${{get-po-details.total_amount}}) from {{get-po-details.supplier_name}} requires your approval. ServiceNow: {{create-approval.number}}"
consumes:
- type: http
namespace: coupa-api
baseUri: "https://morganstanley.coupahost.com/api"
authentication:
type: apikey
key: "X-COUPA-API-KEY"
value: "$secrets.coupa_api_key"
placement: header
resources:
- name: purchase-orders
path: "/purchase_orders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
- type: http
namespace: snow-procurement
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: approvals
path: "/table/sysapproval_approver"
operations:
- name: create-approval
method: POST
- type: http
namespace: teams-procurement
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Databricks ML Model Deployment Notification
▼
data-science ml-ops databricks snowflake slack
Retrieves ML model deployment status from Databricks, logs the deployment to Snowflake model registry, and notifies the data science team via Slack.
naftiko: "0.5"
info:
label: "Databricks ML Model Deployment Notification"
description: "Retrieves ML model deployment status from Databricks, logs the deployment to Snowflake model registry, and notifies the data science team via Slack."
tags:
- data-science
- ml-ops
- databricks
- snowflake
- slack
capability:
exposes:
- type: mcp
namespace: ml-deploy
port: 8080
tools:
- name: log-model-deployment
description: "Given a Databricks model name and version, log deployment to Snowflake and notify the data science Slack channel."
inputParameters:
- name: model_name
in: body
type: string
description: "Databricks registered model name."
- name: model_version
in: body
type: string
description: "Model version number."
steps:
- name: get-model-version
type: call
call: "databricks-ml.get-model-version"
with:
name: "{{model_name}}"
version: "{{model_version}}"
- name: log-deployment
type: call
call: "snowflake-ml.insert-record"
with:
table: "ML_OPS.MODEL_DEPLOYMENTS"
model_name: "{{model_name}}"
version: "{{model_version}}"
status: "{{get-model-version.current_stage}}"
- name: notify-team
type: call
call: "slack-ds.post-message"
with:
channel: "$secrets.datascience_slack_channel"
text: "Model deployed: {{model_name}} v{{model_version}} | Stage: {{get-model-version.current_stage}} | Run ID: {{get-model-version.run_id}}"
consumes:
- type: http
namespace: databricks-ml
baseUri: "https://morganstanley.cloud.databricks.com/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: model-versions
path: "/mlflow/model-versions/get"
inputParameters:
- name: name
in: query
- name: version
in: query
operations:
- name: get-model-version
method: GET
- type: http
namespace: snowflake-ml
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: slack-ds
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Cost Anomaly to FinOps Review
▼
finops cost-management datadog servicenow slack
Detects cloud cost anomalies from Datadog, creates a FinOps review task in ServiceNow, and alerts the cloud platform team via Slack with cost breakdown details.
naftiko: "0.5"
info:
label: "Datadog Cost Anomaly to FinOps Review"
description: "Detects cloud cost anomalies from Datadog, creates a FinOps review task in ServiceNow, and alerts the cloud platform team via Slack with cost breakdown details."
tags:
- finops
- cost-management
- datadog
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: cost-anomaly
port: 8080
tools:
- name: handle-cost-anomaly
description: "Given a Datadog cost anomaly alert, create a FinOps review task and notify the team."
inputParameters:
- name: anomaly_id
in: body
type: string
description: "Datadog cost anomaly alert ID."
steps:
- name: get-anomaly-details
type: call
call: "datadog-cost.get-anomaly"
with:
id: "{{anomaly_id}}"
- name: create-review-task
type: call
call: "snow-finops.create-task"
with:
short_description: "Cloud cost anomaly: {{get-anomaly-details.service_name}}"
description: "Service: {{get-anomaly-details.service_name}}\nExpected: ${{get-anomaly-details.expected_cost}}\nActual: ${{get-anomaly-details.actual_cost}}\nVariance: {{get-anomaly-details.variance_pct}}%"
assignment_group: "Cloud_FinOps"
- name: alert-team
type: call
call: "slack-finops.post-message"
with:
channel: "$secrets.finops_slack_channel"
text: "Cost Anomaly: {{get-anomaly-details.service_name}} | Expected: ${{get-anomaly-details.expected_cost}} vs Actual: ${{get-anomaly-details.actual_cost}} | Task: {{create-review-task.number}}"
consumes:
- type: http
namespace: datadog-cost
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: anomalies
path: "/cost/anomalies/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-anomaly
method: GET
- type: http
namespace: snow-finops
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: slack-finops
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Monitor Status Check
▼
monitoring observability datadog
Retrieves the current state and details of a Datadog monitor, including overall status, last triggered time, and affected hosts.
naftiko: "0.5"
info:
label: "Datadog Monitor Status Check"
description: "Retrieves the current state and details of a Datadog monitor, including overall status, last triggered time, and affected hosts."
tags:
- monitoring
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: dd-monitor
port: 8080
tools:
- name: get-monitor-status
description: "Given a Datadog monitor ID, return its name, overall state, last triggered timestamp, and message."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID."
call: "datadog-api.get-monitor"
with:
id: "{{monitor_id}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
- name: overall_state
type: string
mapping: "$.overall_state"
consumes:
- type: http
namespace: datadog-api
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-monitor
method: GET
Datadog SLI Breach to ServiceNow Problem
▼
sre reliability datadog servicenow slack
When a Datadog SLI breaches its SLO threshold, creates a ServiceNow problem record and posts an alert to the reliability engineering Slack channel.
naftiko: "0.5"
info:
label: "Datadog SLI Breach to ServiceNow Problem"
description: "When a Datadog SLI breaches its SLO threshold, creates a ServiceNow problem record and posts an alert to the reliability engineering Slack channel."
tags:
- sre
- reliability
- datadog
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: sli-breach
port: 8080
tools:
- name: handle-sli-breach
description: "Given a Datadog SLO ID and service name, create a ServiceNow problem and notify the SRE team."
inputParameters:
- name: slo_id
in: body
type: string
description: "Datadog SLO ID that breached."
- name: service_name
in: body
type: string
description: "Name of the service with the SLO breach."
steps:
- name: get-slo-details
type: call
call: "datadog-slo.get-slo"
with:
slo_id: "{{slo_id}}"
- name: create-problem
type: call
call: "snow-sre.create-problem"
with:
short_description: "SLO breach: {{service_name}} - {{get-slo-details.name}}"
description: "SLO: {{get-slo-details.name}}\nTarget: {{get-slo-details.target_threshold}}\nCurrent: {{get-slo-details.overall_status}}"
assignment_group: "Site_Reliability_Engineering"
- name: alert-sre
type: call
call: "slack-sre.post-message"
with:
channel: "$secrets.sre_slack_channel"
text: "SLO Breach: {{service_name}} | Target: {{get-slo-details.target_threshold}} | Problem: {{create-problem.number}}"
consumes:
- type: http
namespace: datadog-slo
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slos
path: "/slo/{{slo_id}}"
inputParameters:
- name: slo_id
in: path
operations:
- name: get-slo
method: GET
- type: http
namespace: snow-sre
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: problems
path: "/table/problem"
operations:
- name: create-problem
method: POST
- type: http
namespace: slack-sre
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Datadog Trading Platform Observability Alert
▼
observability trading datadog pagerduty microsoft-teams latency reliability
Monitors Datadog for latency threshold breaches on trading APIs, triggers a PagerDuty on-call alert, and posts a diagnostic summary to the Trading Operations Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Datadog Trading Platform Observability Alert"
description: "Monitors Datadog for latency threshold breaches on trading APIs, triggers a PagerDuty on-call alert, and posts a diagnostic summary to the Trading Operations Microsoft Teams channel."
tags:
- observability
- trading
- datadog
- pagerduty
- microsoft-teams
- latency
- reliability
capability:
exposes:
- type: mcp
namespace: trading-observability
port: 8080
tools:
- name: handle-latency-breach
description: "Given a Datadog monitor ID detecting a trading API latency breach, retrieve monitor details, trigger a PagerDuty alert for the trading on-call team, and post diagnostics to the TradingOps Teams channel."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Datadog monitor ID that detected the latency threshold breach."
- name: service_name
in: body
type: string
description: "Name of the trading service exhibiting latency."
steps:
- name: get-monitor-details
type: call
call: "datadog-trading.get-monitor"
with:
monitor_id: "{{monitor_id}}"
- name: page-oncall
type: call
call: "pagerduty-trading.create-incident"
with:
title: "Latency breach: {{service_name}} — {{get-monitor-details.current_value}}ms"
description: "Monitor: {{monitor_id}}\nThreshold exceeded: {{get-monitor-details.threshold}}ms"
- name: post-diagnostics
type: call
call: "msteams-trading.post-channel-message"
with:
channel_id: "TradingOps"
text: "Latency alert: {{service_name}} at {{get-monitor-details.current_value}}ms (threshold {{get-monitor-details.threshold}}ms). PD: {{page-oncall.incident_id}}"
consumes:
- type: http
namespace: datadog-trading
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: pagerduty-trading
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-trading
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
DocuSign Envelope Status Check
▼
legal document-signing docusign
Retrieves the signing status, recipient details, and completion date for a DocuSign envelope used in client agreement workflows.
naftiko: "0.5"
info:
label: "DocuSign Envelope Status Check"
description: "Retrieves the signing status, recipient details, and completion date for a DocuSign envelope used in client agreement workflows."
tags:
- legal
- document-signing
- docusign
capability:
exposes:
- type: mcp
namespace: docusign-status
port: 8080
tools:
- name: get-envelope-status
description: "Given a DocuSign envelope ID, return its status, sent date, and list of recipients with their signing status."
inputParameters:
- name: envelope_id
in: body
type: string
description: "DocuSign envelope ID."
call: "docusign-api.get-envelope"
with:
envelope_id: "{{envelope_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: sent_datetime
type: string
mapping: "$.sentDateTime"
consumes:
- type: http
namespace: docusign-api
baseUri: "https://na4.docusign.net/restapi/v2.1"
authentication:
type: bearer
token: "$secrets.docusign_token"
resources:
- name: envelopes
path: "/accounts/default/envelopes/{{envelope_id}}"
inputParameters:
- name: envelope_id
in: path
operations:
- name: get-envelope
method: GET
Employee Offboarding and Access Revocation
▼
hr offboarding workday okta microsoft-graph servicenow
When an employee is terminated in Workday, deactivates their Okta account, disables Microsoft 365 access via Microsoft Graph, and opens a ServiceNow offboarding change request.
naftiko: "0.5"
info:
label: "Employee Offboarding and Access Revocation"
description: "When an employee is terminated in Workday, deactivates their Okta account, disables Microsoft 365 access via Microsoft Graph, and opens a ServiceNow offboarding change request."
tags:
- hr
- offboarding
- workday
- okta
- microsoft-graph
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: "Given a Workday employee ID for a terminated employee, deactivate Okta account, disable Microsoft 365 access, and open a ServiceNow change request for asset recovery."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "Workday worker ID of the departing employee."
- name: termination_date
in: body
type: string
description: "Effective termination date in ISO 8601 format."
steps:
- name: get-worker
type: call
call: "workday-offboard.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: deactivate-okta
type: call
call: "okta-offboard.deactivate-user"
with:
user_id: "{{get-worker.okta_user_id}}"
- name: disable-m365
type: call
call: "msgraph-offboard.disable-user"
with:
user_id: "{{get-worker.azure_object_id}}"
- name: open-change
type: call
call: "servicenow-offboard.create-change"
with:
short_description: "Offboarding: {{get-worker.full_name}} — termination {{termination_date}}"
category: "hr_offboarding"
consumes:
- type: http
namespace: workday-offboard
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/morganstanley/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-offboard
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: user-lifecycle
path: "/users/{{user_id}}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: msgraph-offboard
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_id}}"
inputParameters:
- name: user_id
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow-offboard
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
operations:
- name: create-change
method: POST
Employee Onboarding Provisioning
▼
hr onboarding workday okta servicenow microsoft-teams
When a new hire is created in Workday, provisions an Okta identity, creates a ServiceNow onboarding ticket, and sends a Microsoft Teams welcome message to the new employee.
naftiko: "0.5"
info:
label: "Employee Onboarding Provisioning"
description: "When a new hire is created in Workday, provisions an Okta identity, creates a ServiceNow onboarding ticket, and sends a Microsoft Teams welcome message to the new employee."
tags:
- hr
- onboarding
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, provision an Okta user account, open a ServiceNow onboarding ticket, and send a Teams welcome message to the new hire."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "Employee start date in ISO 8601 format."
- name: department
in: body
type: string
description: "Department name for Okta group assignment and ticket routing."
steps:
- name: get-worker
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: create-okta-user
type: call
call: "okta.create-user"
with:
firstName: "{{get-worker.first_name}}"
lastName: "{{get-worker.last_name}}"
email: "{{get-worker.work_email}}"
department: "{{department}}"
- name: open-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-worker.full_name}}"
category: "hr_onboarding"
assigned_to: "IT_Onboarding"
- name: send-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-worker.work_email}}"
text: "Welcome to Morgan Stanley, {{get-worker.first_name}}! Your IT onboarding ticket: {{open-ticket.number}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/morganstanley/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user-mail
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
FactSet Earnings Estimate Lookup
▼
research equity factset
Retrieves consensus earnings estimates for a given security from FactSet, supporting equity research and investment decision workflows.
naftiko: "0.5"
info:
label: "FactSet Earnings Estimate Lookup"
description: "Retrieves consensus earnings estimates for a given security from FactSet, supporting equity research and investment decision workflows."
tags:
- research
- equity
- factset
capability:
exposes:
- type: mcp
namespace: factset-estimates
port: 8080
tools:
- name: get-earnings-estimates
description: "Given a FactSet security identifier, return consensus EPS estimates for the next four quarters."
inputParameters:
- name: security_id
in: body
type: string
description: "FactSet security identifier."
call: "factset-api.get-estimates"
with:
id: "{{security_id}}"
outputParameters:
- name: estimates
type: string
mapping: "$.data"
consumes:
- type: http
namespace: factset-api
baseUri: "https://api.factset.com/analytics/v3"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_api_key"
resources:
- name: estimates
path: "/estimates/{{id}}/consensus"
inputParameters:
- name: id
in: path
operations:
- name: get-estimates
method: GET
GitHub Actions Failure to Jira Ticket
▼
development ci-cd github-actions jira slack
When a GitHub Actions workflow fails, retrieves failure details, creates a Jira bug ticket, and notifies the development team via Slack.
naftiko: "0.5"
info:
label: "GitHub Actions Failure to Jira Ticket"
description: "When a GitHub Actions workflow fails, retrieves failure details, creates a Jira bug ticket, and notifies the development team via Slack."
tags:
- development
- ci-cd
- github-actions
- jira
- slack
capability:
exposes:
- type: mcp
namespace: cicd-failure
port: 8080
tools:
- name: handle-workflow-failure
description: "Given a GitHub Actions run ID and repository, create a Jira ticket and notify the team via Slack."
inputParameters:
- name: repo
in: body
type: string
description: "Repository in org/repo format."
- name: run_id
in: body
type: string
description: "GitHub Actions workflow run ID."
steps:
- name: get-run-details
type: call
call: "github-ci.get-workflow-run"
with:
repo: "{{repo}}"
run_id: "{{run_id}}"
- name: create-bug
type: call
call: "jira-ci.create-issue"
with:
project_key: "INFRA"
issuetype: "Bug"
summary: "CI failure: {{get-run-details.name}} in {{repo}}"
description: "Workflow: {{get-run-details.name}}\nBranch: {{get-run-details.head_branch}}"
- name: notify-team
type: call
call: "slack-ci.post-message"
with:
channel: "$secrets.dev_slack_channel"
text: "CI Failure: {{get-run-details.name}} in {{repo}} | Jira: {{create-bug.key}}"
consumes:
- type: http
namespace: github-ci
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: runs
path: "/repos/{{repo}}/actions/runs/{{run_id}}"
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira-ci
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-ci
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
GitHub Dependency Vulnerability Remediation
▼
security vulnerability github jira snowflake
When Dependabot finds critical vulnerabilities, creates a prioritized Jira security ticket, assigns to the owning team, and tracks remediation SLA in Snowflake.
naftiko: "0.5"
info:
label: "GitHub Dependency Vulnerability Remediation"
description: "When Dependabot finds critical vulnerabilities, creates a prioritized Jira security ticket, assigns to the owning team, and tracks remediation SLA in Snowflake."
tags:
- security
- vulnerability
- github
- jira
- snowflake
capability:
exposes:
- type: mcp
namespace: vuln-remediation
port: 8080
tools:
- name: handle-vulnerability
description: "Given a GitHub Dependabot alert, create a Jira ticket and track the remediation SLA."
inputParameters:
- name: repo
in: body
type: string
description: "Repository with the vulnerability."
- name: alert_number
in: body
type: string
description: "Dependabot alert number."
steps:
- name: get-alert
type: call
call: "github-vuln.get-dependabot-alert"
with:
repo: "{{repo}}"
alert_number: "{{alert_number}}"
- name: create-ticket
type: call
call: "jira-vuln.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "Vulnerability: {{get-alert.package_name}} in {{repo}}"
description: "Severity: {{get-alert.severity}}\nPackage: {{get-alert.package_name}}\nCVE: {{get-alert.cve_id}}\nFixed version: {{get-alert.fixed_version}}"
priority: "High"
- name: track-sla
type: call
call: "snowflake-vuln.insert-record"
with:
table: "SECURITY.VULNERABILITY_SLA_TRACKING"
repo: "{{repo}}"
severity: "{{get-alert.severity}}"
jira_key: "{{create-ticket.key}}"
consumes:
- type: http
namespace: github-vuln
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: alerts
path: "/repos/{{repo}}/dependabot/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: jira-vuln
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snowflake-vuln
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
GitHub Pull Request Compliance Gate
▼
devops compliance github jira microsoft-teams code-review devsecops
On pull requests to production branches, verifies that all commits are signed and the PR has required compliance reviewer approvals, posts gate results to Jira, and notifies the DevSecOps Microsoft Teams channel.
naftiko: "0.5"
info:
label: "GitHub Pull Request Compliance Gate"
description: "On pull requests to production branches, verifies that all commits are signed and the PR has required compliance reviewer approvals, posts gate results to Jira, and notifies the DevSecOps Microsoft Teams channel."
tags:
- devops
- compliance
- github
- jira
- microsoft-teams
- code-review
- devsecops
capability:
exposes:
- type: mcp
namespace: compliance-gate
port: 8080
tools:
- name: enforce-pr-compliance-gate
description: "Given a GitHub repo and PR number, verify commit signing and required compliance reviewer approvals, post gate results as a PR comment, and notify DevSecOps Teams channel if gate fails."
inputParameters:
- name: repo
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: pr_number
in: body
type: integer
description: "Pull request number to enforce the compliance gate on."
- name: required_reviewers
in: body
type: string
description: "Comma-separated list of required reviewer GitHub logins."
steps:
- name: get-pr-reviews
type: call
call: "github-reviews.list-reviews"
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
- name: post-gate-result
type: call
call: "github-gate-comment.create-pr-comment"
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
body: "Compliance gate result: required reviewers {{required_reviewers}} — approval status: {{get-pr-reviews.approval_status}}"
- name: notify-devsecops
type: call
call: "msteams-devsecops.post-channel-message"
with:
channel_id: "DevSecOps"
text: "Compliance gate for PR #{{pr_number}} in {{repo}}: {{get-pr-reviews.approval_status}}. Required: {{required_reviewers}}"
consumes:
- type: http
namespace: github-reviews
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pr-reviews
path: "/repos/{{repo}}/pulls/{{pr_number}}/reviews"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: list-reviews
method: GET
- type: http
namespace: github-gate-comment
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: issue-comments
path: "/repos/{{repo}}/issues/{{pr_number}}/comments"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: create-pr-comment
method: POST
- type: http
namespace: msteams-devsecops
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
GitHub Repository Info Lookup
▼
development source-control github
Returns metadata for a GitHub repository including language breakdown, open issues count, last commit date, and CI status.
naftiko: "0.5"
info:
label: "GitHub Repository Info Lookup"
description: "Returns metadata for a GitHub repository including language breakdown, open issues count, last commit date, and CI status."
tags:
- development
- source-control
- github
capability:
exposes:
- type: mcp
namespace: gh-repo
port: 8080
tools:
- name: get-repo-info
description: "Given an organization and repository name, return its description, primary language, open issues count, and default branch."
inputParameters:
- name: org
in: body
type: string
description: "GitHub organization name."
- name: repo
in: body
type: string
description: "Repository name."
call: "github-api.get-repository"
with:
owner: "{{org}}"
repo: "{{repo}}"
outputParameters:
- name: description
type: string
mapping: "$.description"
- name: language
type: string
mapping: "$.language"
consumes:
- type: http
namespace: github-api
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{owner}}/{{repo}}"
inputParameters:
- name: owner
in: path
- name: repo
in: path
operations:
- name: get-repository
method: GET
GitHub Secret Scanning Alert Response
▼
security secret-management github pagerduty jira slack
When GitHub detects exposed secrets, creates a PagerDuty incident for immediate rotation, opens a Jira security ticket, and notifies the security team via Slack.
naftiko: "0.5"
info:
label: "GitHub Secret Scanning Alert Response"
description: "When GitHub detects exposed secrets, creates a PagerDuty incident for immediate rotation, opens a Jira security ticket, and notifies the security team via Slack."
tags:
- security
- secret-management
- github
- pagerduty
- jira
- slack
capability:
exposes:
- type: mcp
namespace: secret-response
port: 8080
tools:
- name: respond-to-secret-exposure
description: "Given a GitHub secret scanning alert, create a PagerDuty incident, Jira ticket, and Slack notification."
inputParameters:
- name: repo
in: body
type: string
description: "Repository with the exposed secret."
- name: alert_number
in: body
type: string
description: "GitHub secret scanning alert number."
steps:
- name: get-alert
type: call
call: "github-sec.get-secret-alert"
with:
repo: "{{repo}}"
alert_number: "{{alert_number}}"
- name: page-security
type: call
call: "pagerduty-sec.create-incident"
with:
service_id: "$secrets.pagerduty_security_service_id"
summary: "CRITICAL: Secret exposed in {{repo}} - {{get-alert.secret_type}}"
severity: "critical"
- name: create-ticket
type: call
call: "jira-sec.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "Secret rotation required: {{get-alert.secret_type}} in {{repo}}"
description: "Secret type: {{get-alert.secret_type}}\nFile: {{get-alert.path}}\nImmediate rotation required."
priority: "Highest"
consumes:
- type: http
namespace: github-sec
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: alerts
path: "/repos/{{repo}}/secret-scanning/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-secret-alert
method: GET
- type: http
namespace: pagerduty-sec
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: jira-sec
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
GitHub Security Scanning and Compliance Audit
▼
security devops github snowflake jira code-scanning compliance
Scans GitHub repositories for exposed secrets and code vulnerabilities using GitHub Advanced Security, logs findings to Snowflake for audit, and creates Jira tickets for critical issues.
naftiko: "0.5"
info:
label: "GitHub Security Scanning and Compliance Audit"
description: "Scans GitHub repositories for exposed secrets and code vulnerabilities using GitHub Advanced Security, logs findings to Snowflake for audit, and creates Jira tickets for critical issues."
tags:
- security
- devops
- github
- snowflake
- jira
- code-scanning
- compliance
capability:
exposes:
- type: mcp
namespace: code-security
port: 8080
tools:
- name: audit-github-security-findings
description: "Given a GitHub organization, list all open code scanning and secret scanning alerts at high or critical severity, log findings to Snowflake for compliance audit, and create Jira SEC tickets for each critical alert."
inputParameters:
- name: github_org
in: body
type: string
description: "GitHub organization to scan for security alerts."
- name: severity_filter
in: body
type: string
description: "Minimum severity to include: 'high' or 'critical'."
steps:
- name: get-code-scanning-alerts
type: call
call: "github-code-scan.list-alerts"
with:
org: "{{github_org}}"
severity: "{{severity_filter}}"
- name: log-to-snowflake
type: call
call: "snowflake-security.insert-record"
with:
table: "SECURITY.CODE_SCANNING_ALERTS"
org: "{{github_org}}"
alert_count: "{{get-code-scanning-alerts.alert_count}}"
severities: "{{get-code-scanning-alerts.severity_breakdown}}"
- name: create-jira-ticket
type: call
call: "jira-code-sec.create-issue"
with:
project_key: "SEC"
issuetype: "Bug"
summary: "Code scanning: {{get-code-scanning-alerts.alert_count}} {{severity_filter}} alerts in {{github_org}}"
description: "Alerts: {{get-code-scanning-alerts.alert_ids}}\nSnowflake audit logged."
consumes:
- type: http
namespace: github-code-scan
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: code-scanning-alerts
path: "/orgs/{{org}}/code-scanning/alerts"
inputParameters:
- name: org
in: path
- name: severity
in: query
operations:
- name: list-alerts
method: GET
- type: http
namespace: snowflake-security
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: jira-code-sec
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Investment Banking Deal Pipeline Sync
▼
investment-banking pipeline salesforce snowflake power-bi
Syncs deal pipeline data from Salesforce to Snowflake and refreshes the Power BI deal tracking dashboard for investment banking leadership review.
naftiko: "0.5"
info:
label: "Investment Banking Deal Pipeline Sync"
description: "Syncs deal pipeline data from Salesforce to Snowflake and refreshes the Power BI deal tracking dashboard for investment banking leadership review."
tags:
- investment-banking
- pipeline
- salesforce
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: deal-pipeline
port: 8080
tools:
- name: sync-deal-pipeline
description: "Extract current deal pipeline from Salesforce, load into Snowflake staging, and trigger a Power BI dashboard refresh."
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: "Fiscal quarter to sync (e.g., Q1-2026)."
steps:
- name: extract-deals
type: call
call: "sfdc-deals.query-deals"
with:
query: "SELECT Id, Name, Amount, StageName FROM Opportunity WHERE FiscalQuarter = '{{fiscal_quarter}}'"
- name: load-to-snowflake
type: call
call: "snowflake-deals.execute-statement"
with:
statement: "CALL STAGING.LOAD_IB_DEAL_PIPELINE('{{fiscal_quarter}}')"
- name: refresh-dashboard
type: call
call: "pbi-deals.trigger-refresh"
with:
group_id: "$secrets.pbi_ib_workspace_id"
dataset_id: "$secrets.pbi_deal_pipeline_dataset_id"
consumes:
- type: http
namespace: sfdc-deals
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: query
path: "/query"
operations:
- name: query-deals
method: GET
- type: http
namespace: snowflake-deals
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: pbi-deals
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Jira Development Sprint Reporting
▼
devops engineering jira microsoft-teams agile sprint-reporting
Fetches completed Jira sprint metrics for the technology division, generates a sprint report, and posts a digest to the Technology Leadership Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Jira Development Sprint Reporting"
description: "Fetches completed Jira sprint metrics for the technology division, generates a sprint report, and posts a digest to the Technology Leadership Microsoft Teams channel."
tags:
- devops
- engineering
- jira
- microsoft-teams
- agile
- sprint-reporting
capability:
exposes:
- type: mcp
namespace: sprint-reporting
port: 8080
tools:
- name: publish-sprint-report
description: "Given a Jira board ID and the number of sprints to analyze, calculate velocity, bug rate, and completion rate, then post a sprint report digest to the Technology Leadership Teams channel."
inputParameters:
- name: board_id
in: body
type: string
description: "Jira board ID to pull sprint data from."
- name: sprint_count
in: body
type: integer
description: "Number of completed sprints to include in the report."
steps:
- name: get-sprint-data
type: call
call: "jira-sprints.list-completed-sprints"
with:
board_id: "{{board_id}}"
limit: "{{sprint_count}}"
- name: post-report
type: call
call: "msteams-tech.post-channel-message"
with:
channel_id: "TechLeadership"
text: "Sprint report for board {{board_id}}: Avg velocity {{get-sprint-data.avg_velocity}} pts | Bug rate {{get-sprint-data.bug_rate}}% | Completion rate {{get-sprint-data.completion_rate}}% over {{sprint_count}} sprints."
consumes:
- type: http
namespace: jira-sprints
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: board-sprints
path: "/board/{{board_id}}/sprint"
inputParameters:
- name: board_id
in: path
- name: limit
in: query
operations:
- name: list-completed-sprints
method: GET
- type: http
namespace: msteams-tech
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Jira Issue Detail Lookup
▼
development project-management jira
Returns the summary, status, assignee, and sprint for a Jira issue by key, enabling quick status checks during standups or planning sessions.
naftiko: "0.5"
info:
label: "Jira Issue Detail Lookup"
description: "Returns the summary, status, assignee, and sprint for a Jira issue by key, enabling quick status checks during standups or planning sessions."
tags:
- development
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: jira-lookup
port: 8080
tools:
- name: get-issue-details
description: "Given a Jira issue key, return its summary, status, assignee, priority, and current sprint name."
inputParameters:
- name: issue_key
in: body
type: string
description: "Jira issue key (e.g., PLAT-1234)."
call: "jira-api.get-issue"
with:
key: "{{issue_key}}"
outputParameters:
- name: summary
type: string
mapping: "$.fields.summary"
- name: status
type: string
mapping: "$.fields.status.name"
consumes:
- type: http
namespace: jira-api
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{key}}"
inputParameters:
- name: key
in: path
operations:
- name: get-issue
method: GET
Jira Quarterly Velocity Report
▼
engineering velocity jira snowflake confluence
Aggregates sprint velocity metrics from Jira, stores historical data in Snowflake, and publishes a quarterly engineering report to Confluence.
naftiko: "0.5"
info:
label: "Jira Quarterly Velocity Report"
description: "Aggregates sprint velocity metrics from Jira, stores historical data in Snowflake, and publishes a quarterly engineering report to Confluence."
tags:
- engineering
- velocity
- jira
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: velocity-report
port: 8080
tools:
- name: generate-velocity-report
description: "Given a Jira board ID and quarter, generate a velocity report and publish to Confluence."
inputParameters:
- name: board_id
in: body
type: string
description: "Jira board ID."
- name: quarter
in: body
type: string
description: "Quarter (e.g., Q1-2026)."
steps:
- name: get-velocity
type: call
call: "jira-vel.get-board-velocity"
with:
board_id: "{{board_id}}"
- name: store-metrics
type: call
call: "snowflake-vel.insert-record"
with:
table: "ENGINEERING.VELOCITY_METRICS"
board_id: "{{board_id}}"
quarter: "{{quarter}}"
avg_velocity: "{{get-velocity.average}}"
- name: publish-report
type: call
call: "confluence-vel.create-page"
with:
space: "ENG"
title: "Velocity Report - {{quarter}}"
body: "Average velocity: {{get-velocity.average}} points\nSprints completed: {{get-velocity.sprint_count}}"
consumes:
- type: http
namespace: jira-vel
baseUri: "https://morganstanley.atlassian.net/rest/agile/1.0"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: boards
path: "/board/{{board_id}}/sprint"
inputParameters:
- name: board_id
in: path
operations:
- name: get-board-velocity
method: GET
- type: http
namespace: snowflake-vel
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: confluence-vel
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
KYC Client Risk Screening
▼
compliance kyc refinitiv salesforce snowflake client-onboarding
Runs a new client through Refinitiv World-Check for KYC screening, creates a Salesforce onboarding case with risk results, and logs the screening outcome to Snowflake for compliance reporting.
naftiko: "0.5"
info:
label: "KYC Client Risk Screening"
description: "Runs a new client through Refinitiv World-Check for KYC screening, creates a Salesforce onboarding case with risk results, and logs the screening outcome to Snowflake for compliance reporting."
tags:
- compliance
- kyc
- refinitiv
- salesforce
- snowflake
- client-onboarding
capability:
exposes:
- type: mcp
namespace: kyc-screening
port: 8080
tools:
- name: screen-new-client
description: "Given a new client name and entity type, run a Refinitiv World-Check KYC screening, create a Salesforce onboarding case with the risk score, and log the result to Snowflake for audit."
inputParameters:
- name: client_name
in: body
type: string
description: "Full legal name of the client entity to screen."
- name: entity_type
in: body
type: string
description: "Entity type: 'individual' or 'organization'."
- name: country_of_incorporation
in: body
type: string
description: "ISO 3166-1 alpha-2 country code for the client's country of incorporation."
steps:
- name: run-kyc-screen
type: call
call: "refinitiv-kyc.search-entity"
with:
name: "{{client_name}}"
entity_type: "{{entity_type}}"
country: "{{country_of_incorporation}}"
- name: create-onboarding-case
type: call
call: "salesforce-kyc.create-case"
with:
subject: "KYC screening: {{client_name}}"
description: "Entity type: {{entity_type}}\nCountry: {{country_of_incorporation}}\nRisk score: {{run-kyc-screen.risk_score}}\nMatch count: {{run-kyc-screen.match_count}}"
priority: "{{run-kyc-screen.recommended_priority}}"
- name: log-screening
type: call
call: "snowflake-kyc.insert-record"
with:
table: "COMPLIANCE.KYC_SCREENINGS"
client_name: "{{client_name}}"
risk_score: "{{run-kyc-screen.risk_score}}"
case_id: "{{create-onboarding-case.case_number}}"
consumes:
- type: http
namespace: refinitiv-kyc
baseUri: "https://api.thomsonreuters.com/worldcheck/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: entities
path: "/entities/search"
inputParameters:
- name: name
in: query
- name: entity_type
in: query
- name: country
in: query
operations:
- name: search-entity
method: GET
- type: http
namespace: salesforce-kyc
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: snowflake-kyc
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
LinkedIn Executive Communications Publisher
▼
marketing communications linkedin sharepoint snowflake social-media executive-communications
Fetches approved executive communications from SharePoint, publishes them as LinkedIn posts on behalf of the organization, and logs publication metadata to Snowflake for campaign tracking.
naftiko: "0.5"
info:
label: "LinkedIn Executive Communications Publisher"
description: "Fetches approved executive communications from SharePoint, publishes them as LinkedIn posts on behalf of the organization, and logs publication metadata to Snowflake for campaign tracking."
tags:
- marketing
- communications
- linkedin
- sharepoint
- snowflake
- social-media
- executive-communications
capability:
exposes:
- type: mcp
namespace: exec-comms
port: 8080
tools:
- name: publish-executive-post
description: "Given a SharePoint document ID containing approved communications content and a LinkedIn organization ID, publish the post to LinkedIn and log the publication record to Snowflake."
inputParameters:
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the approved content document is stored."
- name: document_item_id
in: body
type: string
description: "SharePoint drive item ID of the approved communications document."
- name: linkedin_org_id
in: body
type: string
description: "LinkedIn organization URN ID to post on behalf of."
steps:
- name: fetch-content
type: call
call: "sharepoint-comms.get-file-content"
with:
site_id: "{{sharepoint_site_id}}"
item_id: "{{document_item_id}}"
- name: publish-to-linkedin
type: call
call: "linkedin-comms.create-share"
with:
organization_id: "{{linkedin_org_id}}"
text: "{{fetch-content.text_content}}"
- name: log-publication
type: call
call: "snowflake-comms.insert-record"
with:
table: "MARKETING.LINKEDIN_PUBLICATIONS"
org_id: "{{linkedin_org_id}}"
post_id: "{{publish-to-linkedin.post_id}}"
published_at: "{{publish-to-linkedin.created_at}}"
consumes:
- type: http
namespace: sharepoint-comms
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: file-content
path: "/sites/{{site_id}}/drive/items/{{item_id}}/content"
inputParameters:
- name: site_id
in: path
- name: item_id
in: path
operations:
- name: get-file-content
method: GET
- type: http
namespace: linkedin-comms
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: shares
path: "/ugcPosts"
operations:
- name: create-share
method: POST
- type: http
namespace: snowflake-comms
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
LinkedIn Thought Leadership Publisher
▼
marketing content anthropic bloomberg linkedin salesforce
Drafts thought leadership content using Anthropic Claude based on Bloomberg market data, publishes to LinkedIn, and logs the campaign to Salesforce Marketing Cloud.
naftiko: "0.5"
info:
label: "LinkedIn Thought Leadership Publisher"
description: "Drafts thought leadership content using Anthropic Claude based on Bloomberg market data, publishes to LinkedIn, and logs the campaign to Salesforce Marketing Cloud."
tags:
- marketing
- content
- anthropic
- bloomberg
- linkedin
- salesforce
capability:
exposes:
- type: mcp
namespace: thought-leadership
port: 8080
tools:
- name: publish-thought-leadership
description: "Given a market topic and Bloomberg data points, draft content with Claude, publish to LinkedIn, and log to Salesforce."
inputParameters:
- name: topic
in: body
type: string
description: "Market topic for the thought leadership piece."
- name: bloomberg_data_ref
in: body
type: string
description: "Bloomberg data reference for supporting market data."
steps:
- name: get-market-data
type: call
call: "bloomberg-mktg.get-data"
with:
reference: "{{bloomberg_data_ref}}"
- name: draft-content
type: call
call: "anthropic-mktg.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Write a professional LinkedIn thought leadership post about {{topic}} using these market data points: {{get-market-data.summary}}. Keep it under 1300 characters."
- name: publish-to-linkedin
type: call
call: "linkedin-api.create-post"
with:
text: "{{draft-content.text}}"
consumes:
- type: http
namespace: bloomberg-mktg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: data
path: "/{{reference}}"
inputParameters:
- name: reference
in: path
operations:
- name: get-data
method: GET
- type: http
namespace: anthropic-mktg
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: linkedin-api
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: posts
path: "/ugcPosts"
operations:
- name: create-post
method: POST
Microsoft Sentinel Alert Triage
▼
security siem microsoft-sentinel splunk servicenow microsoft-teams
Triages Microsoft Sentinel security alerts by enriching with Splunk log data, creates a ServiceNow security incident, and notifies the SOC team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Microsoft Sentinel Alert Triage"
description: "Triages Microsoft Sentinel security alerts by enriching with Splunk log data, creates a ServiceNow security incident, and notifies the SOC team via Microsoft Teams."
tags:
- security
- siem
- microsoft-sentinel
- splunk
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sentinel-triage
port: 8080
tools:
- name: triage-sentinel-alert
description: "Given a Sentinel alert ID, enrich with Splunk data, create a ServiceNow incident, and notify the SOC."
inputParameters:
- name: alert_id
in: body
type: string
description: "Microsoft Sentinel alert ID."
steps:
- name: get-alert
type: call
call: "sentinel-api.get-alert"
with:
alert_id: "{{alert_id}}"
- name: correlate-logs
type: call
call: "splunk-soc.create-search"
with:
search: "index=security {{get-alert.entities}} earliest=-1h"
- name: create-incident
type: call
call: "snow-soc.create-incident"
with:
short_description: "Sentinel: {{get-alert.display_name}}"
description: "Severity: {{get-alert.severity}}\nCorrelated events: {{correlate-logs.result_count}}"
priority: "2"
consumes:
- type: http
namespace: sentinel-api
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: alerts
path: "/providers/Microsoft.SecurityInsights/incidents/{{alert_id}}"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert
method: GET
- type: http
namespace: splunk-soc
baseUri: "https://splunk.morganstanley.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: searches
path: "/search/jobs"
operations:
- name: create-search
method: POST
- type: http
namespace: snow-soc
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
New Relic Alert to PagerDuty Escalation
▼
monitoring incident-response new-relic pagerduty slack
When a New Relic alert condition fires, retrieves violation details, creates a PagerDuty incident, and posts a notification to the engineering Slack channel.
naftiko: "0.5"
info:
label: "New Relic Alert to PagerDuty Escalation"
description: "When a New Relic alert condition fires, retrieves violation details, creates a PagerDuty incident, and posts a notification to the engineering Slack channel."
tags:
- monitoring
- incident-response
- new-relic
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: nr-escalation
port: 8080
tools:
- name: escalate-nr-alert
description: "Given a New Relic violation ID, retrieve details, create a PagerDuty incident, and notify the engineering Slack channel."
inputParameters:
- name: violation_id
in: body
type: string
description: "New Relic alert violation ID."
- name: slack_channel_id
in: body
type: string
description: "Slack channel ID for engineering notifications."
steps:
- name: get-violation
type: call
call: "newrelic-api.get-violation"
with:
violation_id: "{{violation_id}}"
- name: create-incident
type: call
call: "pagerduty-api.create-incident"
with:
service_id: "$secrets.pagerduty_infra_service_id"
summary: "New Relic: {{get-violation.condition_name}} on {{get-violation.entity_name}}"
severity: "critical"
- name: notify-slack
type: call
call: "slack-eng.post-message"
with:
channel: "{{slack_channel_id}}"
text: "New Relic Alert: {{get-violation.condition_name}} | Entity: {{get-violation.entity_name}} | PagerDuty: {{create-incident.incidentId}}"
consumes:
- type: http
namespace: newrelic-api
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apikey
key: "Api-Key"
value: "$secrets.newrelic_api_key"
placement: header
resources:
- name: violations
path: "/alerts_violations/{{violation_id}}.json"
inputParameters:
- name: violation_id
in: path
operations:
- name: get-violation
method: GET
- type: http
namespace: pagerduty-api
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-eng
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta Group Membership Audit
▼
security identity-audit okta workday servicenow slack
Audits Okta group memberships against Workday organizational data, flags mismatches in a ServiceNow task, and sends an audit summary to the identity team via Slack.
naftiko: "0.5"
info:
label: "Okta Group Membership Audit"
description: "Audits Okta group memberships against Workday organizational data, flags mismatches in a ServiceNow task, and sends an audit summary to the identity team via Slack."
tags:
- security
- identity-audit
- okta
- workday
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: identity-audit
port: 8080
tools:
- name: audit-group-memberships
description: "Given an Okta group ID, audit memberships against Workday org data and flag mismatches."
inputParameters:
- name: group_id
in: body
type: string
description: "Okta group ID to audit."
steps:
- name: get-okta-members
type: call
call: "okta-audit.get-group-members"
with:
group_id: "{{group_id}}"
- name: get-workday-org
type: call
call: "workday-audit.get-org-members"
with:
group_id: "{{group_id}}"
- name: create-audit-task
type: call
call: "snow-audit.create-task"
with:
short_description: "Identity audit: Okta group {{group_id}}"
description: "Okta members: {{get-okta-members.count}}\nWorkday expected: {{get-workday-org.count}}\nMismatches flagged for review."
assignment_group: "Identity_Governance"
consumes:
- type: http
namespace: okta-audit
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: groups
path: "/groups/{{group_id}}/users"
inputParameters:
- name: group_id
in: path
operations:
- name: get-group-members
method: GET
- type: http
namespace: workday-audit
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: orgs
path: "/morganstanley/organizations"
operations:
- name: get-org-members
method: GET
- type: http
namespace: snow-audit
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Okta MFA Compliance Enforcement
▼
security identity okta sharepoint microsoft-teams mfa compliance
Queries Okta for users without MFA enrolled, generates a non-compliance report in SharePoint, and sends a reminder notification via Microsoft Teams to each non-compliant user's manager.
naftiko: "0.5"
info:
label: "Okta MFA Compliance Enforcement"
description: "Queries Okta for users without MFA enrolled, generates a non-compliance report in SharePoint, and sends a reminder notification via Microsoft Teams to each non-compliant user's manager."
tags:
- security
- identity
- okta
- sharepoint
- microsoft-teams
- mfa
- compliance
capability:
exposes:
- type: mcp
namespace: mfa-compliance
port: 8080
tools:
- name: enforce-mfa-compliance
description: "Query Okta for all active users without MFA enrolled, export the list to SharePoint for compliance records, and send Teams reminders to each non-compliant user."
inputParameters:
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the MFA non-compliance report will be saved."
steps:
- name: get-non-mfa-users
type: call
call: "okta-mfa.list-users-without-mfa"
with:
status: "ACTIVE"
factor_type: "NONE"
- name: export-report
type: call
call: "sharepoint-mfa.create-file"
with:
site_id: "{{sharepoint_site_id}}"
file_name: "MFA_NonCompliance_Report.csv"
content: "{{get-non-mfa-users.csv_data}}"
- name: notify-security
type: call
call: "msteams-mfa.post-channel-message"
with:
channel_id: "InformationSecurity"
text: "MFA compliance: {{get-non-mfa-users.user_count}} active users without MFA. Non-compliance report exported to SharePoint: {{export-report.file_url}}"
consumes:
- type: http
namespace: okta-mfa
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users"
inputParameters:
- name: status
in: query
- name: factor_type
in: query
operations:
- name: list-users-without-mfa
method: GET
- type: http
namespace: sharepoint-mfa
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/sites/{{site_id}}/drive/root/children"
inputParameters:
- name: site_id
in: path
operations:
- name: create-file
method: POST
- type: http
namespace: msteams-mfa
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Okta Privileged Access Request Workflow
▼
identity security okta jira snowflake access-management approval
Processes Okta group access requests from employees, routes approval through Jira, applies group membership on approval, and audits the change in Snowflake.
naftiko: "0.5"
info:
label: "Okta Privileged Access Request Workflow"
description: "Processes Okta group access requests from employees, routes approval through Jira, applies group membership on approval, and audits the change in Snowflake."
tags:
- identity
- security
- okta
- jira
- snowflake
- access-management
- approval
capability:
exposes:
- type: mcp
namespace: access-requests
port: 8080
tools:
- name: process-access-request
description: "Given an employee Okta user ID and requested group name, create a Jira approval ticket for the access request, and upon approval add the user to the Okta group and log the change in Snowflake."
inputParameters:
- name: okta_user_id
in: body
type: string
description: "Okta user ID of the employee requesting access."
- name: requested_group
in: body
type: string
description: "Okta group name being requested."
- name: business_justification
in: body
type: string
description: "Business justification for the access request."
steps:
- name: create-approval-ticket
type: call
call: "jira-access.create-issue"
with:
project_key: "SEC"
issuetype: "Task"
summary: "Access request: {{okta_user_id}} for group {{requested_group}}"
description: "Justification: {{business_justification}}"
- name: add-to-group
type: call
call: "okta-access.add-user-to-group"
with:
group_name: "{{requested_group}}"
user_id: "{{okta_user_id}}"
- name: log-access-change
type: call
call: "snowflake-access.insert-record"
with:
table: "SECURITY.ACCESS_CHANGES"
user_id: "{{okta_user_id}}"
group: "{{requested_group}}"
ticket: "{{create-approval-ticket.key}}"
consumes:
- type: http
namespace: jira-access
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: okta-access
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_name}}/users"
inputParameters:
- name: group_name
in: path
operations:
- name: add-user-to-group
method: PUT
- type: http
namespace: snowflake-access
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
Okta Session Anomaly Revocation
▼
security identity okta snowflake microsoft-teams session-management threat-detection
Detects Okta users with anomalous sign-in behavior (impossible travel or new device), revokes their active sessions, logs the event to Snowflake, and alerts the Information Security Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Okta Session Anomaly Revocation"
description: "Detects Okta users with anomalous sign-in behavior (impossible travel or new device), revokes their active sessions, logs the event to Snowflake, and alerts the Information Security Microsoft Teams channel."
tags:
- security
- identity
- okta
- snowflake
- microsoft-teams
- session-management
- threat-detection
capability:
exposes:
- type: mcp
namespace: session-security
port: 8080
tools:
- name: revoke-anomalous-session
description: "Given an Okta user ID flagged for anomalous sign-in activity, revoke all active sessions, log the event to Snowflake for security audit, and alert the InformationSecurity Teams channel."
inputParameters:
- name: okta_user_id
in: body
type: string
description: "Okta user ID whose sessions should be revoked due to anomalous activity."
- name: anomaly_type
in: body
type: string
description: "Type of anomaly detected, e.g. 'impossible_travel' or 'new_device_high_risk'."
steps:
- name: revoke-sessions
type: call
call: "okta-session.revoke-user-sessions"
with:
user_id: "{{okta_user_id}}"
- name: log-event
type: call
call: "snowflake-session.insert-record"
with:
table: "SECURITY.SESSION_REVOCATIONS"
user_id: "{{okta_user_id}}"
anomaly_type: "{{anomaly_type}}"
revoked_at: "{{revoke-sessions.revoked_at}}"
- name: alert-infosec
type: call
call: "msteams-infosec.post-channel-message"
with:
channel_id: "InformationSecurity"
text: "Session revocation: User {{okta_user_id}} — anomaly: {{anomaly_type}}. All sessions revoked and logged to Snowflake."
consumes:
- type: http
namespace: okta-session
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: user-sessions
path: "/users/{{user_id}}/sessions"
inputParameters:
- name: user_id
in: path
operations:
- name: revoke-user-sessions
method: DELETE
- type: http
namespace: snowflake-session
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: msteams-infosec
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Okta Suspicious Activity to Splunk Investigation
▼
security soc okta splunk servicenow slack
When Okta detects suspicious login activity, queries Splunk for correlated security events, creates a ServiceNow security incident, and alerts the SOC via Slack.
naftiko: "0.5"
info:
label: "Okta Suspicious Activity to Splunk Investigation"
description: "When Okta detects suspicious login activity, queries Splunk for correlated security events, creates a ServiceNow security incident, and alerts the SOC via Slack."
tags:
- security
- soc
- okta
- splunk
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: security-investigation
port: 8080
tools:
- name: investigate-suspicious-login
description: "Given an Okta user ID and event ID, correlate with Splunk logs, create a security incident, and alert the SOC."
inputParameters:
- name: okta_user_id
in: body
type: string
description: "Okta user ID with suspicious activity."
- name: event_id
in: body
type: string
description: "Okta system log event ID."
steps:
- name: get-okta-event
type: call
call: "okta-sec.get-event"
with:
event_id: "{{event_id}}"
- name: search-splunk
type: call
call: "splunk-sec.create-search"
with:
search: "index=security sourcetype=okta user={{okta_user_id}} earliest=-24h"
- name: create-security-incident
type: call
call: "snow-sec.create-incident"
with:
short_description: "Suspicious login: {{okta_user_id}}"
description: "Okta event: {{event_id}}\nClient IP: {{get-okta-event.client_ip}}\nCorrelated events: {{search-splunk.result_count}}"
category: "security"
priority: "2"
- name: alert-soc
type: call
call: "slack-soc.post-message"
with:
channel: "$secrets.soc_slack_channel"
text: "Security Alert: Suspicious login for {{okta_user_id}} | {{search-splunk.result_count}} correlated events | Incident: {{create-security-incident.number}}"
consumes:
- type: http
namespace: okta-sec
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: events
path: "/logs"
operations:
- name: get-event
method: GET
- type: http
namespace: splunk-sec
baseUri: "https://splunk.morganstanley.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: searches
path: "/search/jobs"
operations:
- name: create-search
method: POST
- type: http
namespace: snow-sec
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-soc
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Okta User Status Check
▼
security identity okta
Checks the current status and last login time for an Okta user account, supporting identity verification and access review workflows.
naftiko: "0.5"
info:
label: "Okta User Status Check"
description: "Checks the current status and last login time for an Okta user account, supporting identity verification and access review workflows."
tags:
- security
- identity
- okta
capability:
exposes:
- type: mcp
namespace: okta-status
port: 8080
tools:
- name: check-user-status
description: "Given an Okta user login email, return their account status, last login time, and MFA enrollment state."
inputParameters:
- name: user_login
in: body
type: string
description: "User's Okta login email address."
call: "okta-users.get-user"
with:
login: "{{user_login}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: last_login
type: string
mapping: "$.lastLogin"
consumes:
- type: http
namespace: okta-users
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{login}}"
inputParameters:
- name: login
in: path
operations:
- name: get-user
method: GET
PagerDuty On-Call Lookup
▼
incident-management on-call pagerduty
Returns the current on-call engineer for a given PagerDuty schedule, supporting rapid incident escalation and team coordination.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Lookup"
description: "Returns the current on-call engineer for a given PagerDuty schedule, supporting rapid incident escalation and team coordination."
tags:
- incident-management
- on-call
- pagerduty
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-on-call
description: "Given a PagerDuty schedule ID, return the current on-call user's name, email, and escalation level."
inputParameters:
- name: schedule_id
in: body
type: string
description: "PagerDuty schedule ID."
call: "pagerduty-api.get-oncall"
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user_name
type: string
mapping: "$.oncalls[0].user.name"
- name: user_email
type: string
mapping: "$.oncalls[0].user.email"
consumes:
- type: http
namespace: pagerduty-api
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: oncalls
path: "/oncalls"
inputParameters:
- name: schedule_id
in: query
operations:
- name: get-oncall
method: GET
PagerDuty On-Call Schedule Sync
▼
itsm pagerduty sharepoint microsoft-teams on-call operations
Fetches the current PagerDuty on-call schedule, updates the On-Call rotation in SharePoint, and posts the weekly on-call roster to the Operations Microsoft Teams channel.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Schedule Sync"
description: "Fetches the current PagerDuty on-call schedule, updates the On-Call rotation in SharePoint, and posts the weekly on-call roster to the Operations Microsoft Teams channel."
tags:
- itsm
- pagerduty
- sharepoint
- microsoft-teams
- on-call
- operations
capability:
exposes:
- type: mcp
namespace: oncall-sync
port: 8080
tools:
- name: sync-oncall-roster
description: "Given a PagerDuty schedule ID, fetch the current on-call rotation, update the on-call SharePoint list, and post the weekly roster to the Operations Teams channel."
inputParameters:
- name: pagerduty_schedule_id
in: body
type: string
description: "PagerDuty schedule ID to fetch on-call rotation from."
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the on-call roster list is maintained."
steps:
- name: get-oncall-schedule
type: call
call: "pagerduty-schedule.get-schedule"
with:
schedule_id: "{{pagerduty_schedule_id}}"
- name: update-sharepoint-roster
type: call
call: "sharepoint-oncall.create-file"
with:
site_id: "{{sharepoint_site_id}}"
file_name: "OnCall_Roster_Current.csv"
content: "{{get-oncall-schedule.roster_csv}}"
- name: post-roster
type: call
call: "msteams-ops.post-channel-message"
with:
channel_id: "Operations"
text: "On-call roster updated for schedule {{pagerduty_schedule_id}}. Current on-call: {{get-oncall-schedule.current_oncall}}. Roster: {{update-sharepoint-roster.file_url}}"
consumes:
- type: http
namespace: pagerduty-schedule
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: schedules
path: "/schedules/{{schedule_id}}"
inputParameters:
- name: schedule_id
in: path
operations:
- name: get-schedule
method: GET
- type: http
namespace: sharepoint-oncall
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/sites/{{site_id}}/drive/root/children"
inputParameters:
- name: site_id
in: path
operations:
- name: create-file
method: POST
- type: http
namespace: msteams-ops
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Power BI Dataset Refresh Status
▼
reporting business-intelligence power-bi
Checks the last refresh status and timestamp for a Power BI dataset, supporting data freshness monitoring for financial dashboards.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Status"
description: "Checks the last refresh status and timestamp for a Power BI dataset, supporting data freshness monitoring for financial dashboards."
tags:
- reporting
- business-intelligence
- power-bi
capability:
exposes:
- type: mcp
namespace: pbi-refresh
port: 8080
tools:
- name: get-refresh-status
description: "Given a Power BI group ID and dataset ID, return the last refresh status, end time, and any error message."
inputParameters:
- name: group_id
in: body
type: string
description: "Power BI workspace (group) ID."
- name: dataset_id
in: body
type: string
description: "Power BI dataset ID."
call: "pbi-api.get-refresh-history"
with:
group_id: "{{group_id}}"
dataset_id: "{{dataset_id}}"
consumes:
- type: http
namespace: pbi-api
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: get-refresh-history
method: GET
Power BI Executive Dashboard Pipeline
▼
reporting executive snowflake power-bi slack
Refreshes Snowflake data warehouse views, triggers Power BI dataset refresh, and posts a readiness notification to the executive reporting Slack channel.
naftiko: "0.5"
info:
label: "Power BI Executive Dashboard Pipeline"
description: "Refreshes Snowflake data warehouse views, triggers Power BI dataset refresh, and posts a readiness notification to the executive reporting Slack channel."
tags:
- reporting
- executive
- snowflake
- power-bi
- slack
capability:
exposes:
- type: mcp
namespace: exec-dashboard
port: 8080
tools:
- name: refresh-executive-dashboard
description: "Refresh Snowflake views and Power BI datasets for executive dashboards."
inputParameters:
- name: dashboard_name
in: body
type: string
description: "Name of the executive dashboard to refresh."
steps:
- name: refresh-snowflake
type: call
call: "snowflake-exec.execute-query"
with:
statement: "CALL EXEC_REPORTING.REFRESH_VIEWS('{{dashboard_name}}')"
- name: refresh-pbi
type: call
call: "pbi-exec.trigger-refresh"
with:
group_id: "$secrets.pbi_exec_workspace_id"
dataset_id: "$secrets.pbi_exec_dataset_id"
- name: notify-ready
type: call
call: "slack-exec.post-message"
with:
channel: "$secrets.exec_reporting_channel"
text: "Executive Dashboard '{{dashboard_name}}' refreshed and ready for review."
consumes:
- type: http
namespace: snowflake-exec
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: pbi-exec
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/groups/{{group_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: group_id
in: path
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: slack-exec
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Quarterly Risk Report Generation
▼
risk-management reporting snowflake anthropic confluence microsoft-teams
Queries Snowflake for quarterly risk metrics, generates a summary report using Anthropic Claude, and publishes to Confluence with a Microsoft Teams notification.
naftiko: "0.5"
info:
label: "Quarterly Risk Report Generation"
description: "Queries Snowflake for quarterly risk metrics, generates a summary report using Anthropic Claude, and publishes to Confluence with a Microsoft Teams notification."
tags:
- risk-management
- reporting
- snowflake
- anthropic
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: risk-report
port: 8080
tools:
- name: generate-quarterly-risk-report
description: "Given a fiscal quarter, generate a risk report from Snowflake data, summarize with Claude, and publish to Confluence."
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: "Fiscal quarter (e.g., Q1-2026)."
steps:
- name: get-risk-metrics
type: call
call: "snowflake-risk.execute-query"
with:
statement: "SELECT risk_category, var_95, expected_shortfall, stress_test_result FROM risk.quarterly_metrics WHERE quarter = '{{fiscal_quarter}}'"
- name: generate-summary
type: call
call: "anthropic-risk.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Generate an executive summary of quarterly risk metrics for {{fiscal_quarter}}: {{get-risk-metrics.data}}. Include key findings and recommendations."
- name: publish-report
type: call
call: "confluence-risk.create-page"
with:
space: "RISK"
title: "Quarterly Risk Report - {{fiscal_quarter}}"
body: "{{generate-summary.text}}"
consumes:
- type: http
namespace: snowflake-risk
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: anthropic-risk
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: confluence-risk
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Refinitiv Company Fundamentals Lookup
▼
research market-data refinitiv
Retrieves key financial fundamentals for a company from Refinitiv, including market cap, P/E ratio, and revenue, for investment research support.
naftiko: "0.5"
info:
label: "Refinitiv Company Fundamentals Lookup"
description: "Retrieves key financial fundamentals for a company from Refinitiv, including market cap, P/E ratio, and revenue, for investment research support."
tags:
- research
- market-data
- refinitiv
capability:
exposes:
- type: mcp
namespace: fundamentals
port: 8080
tools:
- name: get-company-fundamentals
description: "Given a Refinitiv instrument code (RIC), return the company's market capitalization, P/E ratio, EPS, and last reported revenue."
inputParameters:
- name: ric
in: body
type: string
description: "Refinitiv Instrument Code (e.g., MSFT.O)."
call: "refinitiv-data.get-fundamentals"
with:
instrument: "{{ric}}"
outputParameters:
- name: market_cap
type: string
mapping: "$.market_cap"
- name: pe_ratio
type: string
mapping: "$.pe_ratio"
consumes:
- type: http
namespace: refinitiv-data
baseUri: "https://api.refinitiv.com/data/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: fundamentals
path: "/instruments/{{instrument}}/fundamentals"
inputParameters:
- name: instrument
in: path
operations:
- name: get-fundamentals
method: GET
Regulatory Filing Deadline Tracker
▼
compliance regulatory snowflake jira slack
Queries Snowflake for upcoming regulatory filing deadlines, creates Jira tracking tickets, and sends a digest to the compliance Slack channel.
naftiko: "0.5"
info:
label: "Regulatory Filing Deadline Tracker"
description: "Queries Snowflake for upcoming regulatory filing deadlines, creates Jira tracking tickets, and sends a digest to the compliance Slack channel."
tags:
- compliance
- regulatory
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: reg-filing
port: 8080
tools:
- name: track-upcoming-filings
description: "Query upcoming regulatory filing deadlines and create tracking tickets with Slack notification."
inputParameters:
- name: days_ahead
in: body
type: number
description: "Number of days ahead to look for filing deadlines."
steps:
- name: get-deadlines
type: call
call: "snowflake-reg.execute-query"
with:
statement: "SELECT filing_type, jurisdiction, deadline_date FROM compliance.regulatory_filings WHERE deadline_date BETWEEN CURRENT_DATE AND DATEADD(day, {{days_ahead}}, CURRENT_DATE) AND status = 'PENDING'"
- name: create-tracking-ticket
type: call
call: "jira-reg.create-issue"
with:
project_key: "COMPLIANCE"
issuetype: "Task"
summary: "Regulatory filing due: {{get-deadlines.filing_type}}"
description: "Deadline: {{get-deadlines.deadline_date}}\nJurisdiction: {{get-deadlines.jurisdiction}}"
- name: send-digest
type: call
call: "slack-compliance.post-message"
with:
channel: "$secrets.compliance_slack_channel"
text: "Regulatory Filing Digest: filings due in next {{days_ahead}} days. Jira tickets created."
consumes:
- type: http
namespace: snowflake-reg
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: jira-reg
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-compliance
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Regulatory Reporting Period Close
▼
compliance finance snowflake sharepoint microsoft-teams regulatory-reporting period-close
At period close, queries Snowflake for required regulatory metrics, generates a PDF report via an internal reporting service, uploads it to SharePoint for compliance archival, and notifies the Regulatory Reporting Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Regulatory Reporting Period Close"
description: "At period close, queries Snowflake for required regulatory metrics, generates a PDF report via an internal reporting service, uploads it to SharePoint for compliance archival, and notifies the Regulatory Reporting Microsoft Teams channel."
tags:
- compliance
- finance
- snowflake
- sharepoint
- microsoft-teams
- regulatory-reporting
- period-close
capability:
exposes:
- type: mcp
namespace: regulatory-reporting
port: 8080
tools:
- name: run-period-close-report
description: "Given a reporting period and regulation type (e.g. MiFID II, Basel III), query Snowflake for required metrics, save the report to SharePoint, and notify the Regulatory Reporting Teams channel."
inputParameters:
- name: reporting_period
in: body
type: string
description: "Reporting period identifier, e.g. '2026-Q1'."
- name: regulation_type
in: body
type: string
description: "Regulatory framework for the report, e.g. 'MiFID_II', 'Basel_III', 'Dodd_Frank'."
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the compliance report will be archived."
steps:
- name: query-metrics
type: call
call: "snowflake-regulatory.run-report-query"
with:
period: "{{reporting_period}}"
regulation: "{{regulation_type}}"
- name: upload-report
type: call
call: "sharepoint-regulatory.create-file"
with:
site_id: "{{sharepoint_site_id}}"
file_name: "{{regulation_type}}_{{reporting_period}}_Report.csv"
content: "{{query-metrics.csv_data}}"
- name: notify-regulatory
type: call
call: "msteams-regulatory.post-channel-message"
with:
channel_id: "RegulatoryReporting"
text: "{{regulation_type}} period close complete for {{reporting_period}}. Report archived: {{upload-report.file_url}}"
consumes:
- type: http
namespace: snowflake-regulatory
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
inputParameters:
- name: period
in: query
- name: regulation
in: query
operations:
- name: run-report-query
method: POST
- type: http
namespace: sharepoint-regulatory
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/sites/{{site_id}}/drive/root/children"
inputParameters:
- name: site_id
in: path
operations:
- name: create-file
method: POST
- type: http
namespace: msteams-regulatory
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
SailPoint Access Review Status
▼
security identity-governance sailpoint
Checks the completion status of a SailPoint identity access review campaign, returning progress percentage and pending reviewers.
naftiko: "0.5"
info:
label: "SailPoint Access Review Status"
description: "Checks the completion status of a SailPoint identity access review campaign, returning progress percentage and pending reviewers."
tags:
- security
- identity-governance
- sailpoint
capability:
exposes:
- type: mcp
namespace: sailpoint-review
port: 8080
tools:
- name: get-review-status
description: "Given a SailPoint access review campaign ID, return its completion percentage, total items, and pending reviewer count."
inputParameters:
- name: campaign_id
in: body
type: string
description: "SailPoint access review campaign ID."
call: "sailpoint-api.get-campaign"
with:
id: "{{campaign_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: completion_pct
type: string
mapping: "$.completionPercentage"
consumes:
- type: http
namespace: sailpoint-api
baseUri: "https://morganstanley.api.identitynow.com/v3"
authentication:
type: bearer
token: "$secrets.sailpoint_token"
resources:
- name: campaigns
path: "/campaigns/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-campaign
method: GET
Salesforce Account Detail Lookup
▼
crm client-management salesforce
Returns account name, industry, AUM tier, and relationship manager for a Salesforce account ID, supporting client relationship review.
naftiko: "0.5"
info:
label: "Salesforce Account Detail Lookup"
description: "Returns account name, industry, AUM tier, and relationship manager for a Salesforce account ID, supporting client relationship review."
tags:
- crm
- client-management
- salesforce
capability:
exposes:
- type: mcp
namespace: sfdc-account
port: 8080
tools:
- name: get-account-details
description: "Given a Salesforce account ID, return the account name, industry, AUM tier, and owner details."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account record ID."
call: "sfdc-acct.get-account"
with:
id: "{{account_id}}"
outputParameters:
- name: name
type: string
mapping: "$.Name"
- name: industry
type: string
mapping: "$.Industry"
- name: owner
type: string
mapping: "$.Owner.Name"
consumes:
- type: http
namespace: sfdc-acct
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-account
method: GET
Salesforce Client Churn Risk Alert
▼
client-retention analytics salesforce snowflake microsoft-teams
Analyzes client engagement metrics from Salesforce and Snowflake, identifies churn risk accounts, and creates retention tasks for relationship managers with Teams notifications.
naftiko: "0.5"
info:
label: "Salesforce Client Churn Risk Alert"
description: "Analyzes client engagement metrics from Salesforce and Snowflake, identifies churn risk accounts, and creates retention tasks for relationship managers with Teams notifications."
tags:
- client-retention
- analytics
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: churn-risk
port: 8080
tools:
- name: identify-churn-risk
description: "Given a risk threshold score, identify at-risk accounts and create retention tasks."
inputParameters:
- name: risk_threshold
in: body
type: number
description: "Churn risk score threshold (0-100)."
steps:
- name: get-risk-scores
type: call
call: "snowflake-churn.execute-query"
with:
statement: "SELECT account_id, account_name, churn_risk_score, last_interaction_days FROM analytics.client_churn_model WHERE churn_risk_score > {{risk_threshold}} ORDER BY churn_risk_score DESC"
- name: create-retention-task
type: call
call: "sfdc-churn.create-task"
with:
subject: "Retention outreach: {{get-risk-scores.account_name}}"
description: "Churn risk score: {{get-risk-scores.churn_risk_score}}\nDays since last interaction: {{get-risk-scores.last_interaction_days}}"
priority: "High"
- name: notify-rm
type: call
call: "teams-churn.send-message"
with:
channel_id: "$secrets.wm_teams_channel"
text: "Churn Risk Alert: {{get-risk-scores.account_name}} (Score: {{get-risk-scores.churn_risk_score}}). Retention task created in Salesforce."
consumes:
- type: http
namespace: snowflake-churn
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: sfdc-churn
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
- type: http
namespace: teams-churn
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/$secrets.wm_team_id/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Salesforce Client Meeting Activity Logger
▼
sales crm salesforce microsoft-teams activity-logging wealth-management
Logs completed client meeting activities from Microsoft Teams calendar events to Salesforce as Activity records, ensuring CRM data remains current for wealth management and investment banking relationship tracking.
naftiko: "0.5"
info:
label: "Salesforce Client Meeting Activity Logger"
description: "Logs completed client meeting activities from Microsoft Teams calendar events to Salesforce as Activity records, ensuring CRM data remains current for wealth management and investment banking relationship tracking."
tags:
- sales
- crm
- salesforce
- microsoft-teams
- activity-logging
- wealth-management
capability:
exposes:
- type: mcp
namespace: activity-logging
port: 8080
tools:
- name: log-client-meeting-to-salesforce
description: "Given a Microsoft Graph calendar event ID for a completed client meeting and a Salesforce contact ID, create a Salesforce Activity record linking the meeting details to the contact."
inputParameters:
- name: event_id
in: body
type: string
description: "Microsoft Graph calendar event ID for the completed client meeting."
- name: salesforce_contact_id
in: body
type: string
description: "Salesforce contact ID representing the client who attended the meeting."
- name: user_upn
in: body
type: string
description: "UPN of the employee whose calendar the event belongs to."
steps:
- name: get-calendar-event
type: call
call: "msgraph-calendar.get-event"
with:
user_upn: "{{user_upn}}"
event_id: "{{event_id}}"
- name: log-to-salesforce
type: call
call: "salesforce-activity.create-task"
with:
contact_id: "{{salesforce_contact_id}}"
subject: "{{get-calendar-event.subject}}"
activity_date: "{{get-calendar-event.start_datetime}}"
description: "Meeting duration: {{get-calendar-event.duration_minutes}} min. Attendees: {{get-calendar-event.attendee_count}}"
consumes:
- type: http
namespace: msgraph-calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: calendar-events
path: "/users/{{user_upn}}/events/{{event_id}}"
inputParameters:
- name: user_upn
in: path
- name: event_id
in: path
operations:
- name: get-event
method: GET
- type: http
namespace: salesforce-activity
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
Salesforce Deal Closure Celebration Notification
▼
sales crm salesforce snowflake power-bi slack
When a Salesforce opportunity is marked Closed Won, logs the deal to Snowflake, updates the leaderboard in Power BI, and posts a celebration to the sales Slack channel.
naftiko: "0.5"
info:
label: "Salesforce Deal Closure Celebration Notification"
description: "When a Salesforce opportunity is marked Closed Won, logs the deal to Snowflake, updates the leaderboard in Power BI, and posts a celebration to the sales Slack channel."
tags:
- sales
- crm
- salesforce
- snowflake
- power-bi
- slack
capability:
exposes:
- type: mcp
namespace: deal-celebration
port: 8080
tools:
- name: celebrate-deal-closure
description: "Given a Salesforce opportunity ID that closed won, log to Snowflake and celebrate in Slack."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "Salesforce opportunity ID."
steps:
- name: get-deal
type: call
call: "sfdc-deal.get-opportunity"
with:
opp_id: "{{opportunity_id}}"
- name: log-to-snowflake
type: call
call: "snowflake-deal.insert-record"
with:
table: "SALES.CLOSED_WON_DEALS"
opp_id: "{{opportunity_id}}"
amount: "{{get-deal.amount}}"
owner: "{{get-deal.owner_name}}"
- name: celebrate
type: call
call: "slack-sales.post-message"
with:
channel: "$secrets.sales_celebration_channel"
text: "Deal Closed Won! {{get-deal.name}} - ${{get-deal.amount}} by {{get-deal.owner_name}}. Account: {{get-deal.account_name}}"
consumes:
- type: http
namespace: sfdc-deal
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opp_id}}"
inputParameters:
- name: opp_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: snowflake-deal
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: slack-sales
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Salesforce Pipeline Forecast Report
▼
sales crm salesforce microsoft-teams forecasting investment-banking
Queries Salesforce for open opportunities by close date range, aggregates pipeline value by stage, and posts a weekly forecast digest to the Investment Banking Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Salesforce Pipeline Forecast Report"
description: "Queries Salesforce for open opportunities by close date range, aggregates pipeline value by stage, and posts a weekly forecast digest to the Investment Banking Microsoft Teams channel."
tags:
- sales
- crm
- salesforce
- microsoft-teams
- forecasting
- investment-banking
capability:
exposes:
- type: mcp
namespace: pipeline-forecasting
port: 8080
tools:
- name: digest-pipeline-forecast
description: "Given a close date range, query Salesforce for open opportunities, aggregate pipeline value by stage, and post a forecast digest to the Investment Banking Teams channel."
inputParameters:
- name: close_date_start
in: body
type: string
description: "Start of the close date window in ISO 8601 format."
- name: close_date_end
in: body
type: string
description: "End of the close date window in ISO 8601 format."
steps:
- name: get-opportunities
type: call
call: "salesforce-forecast.list-opportunities"
with:
close_date_gte: "{{close_date_start}}"
close_date_lte: "{{close_date_end}}"
- name: post-forecast
type: call
call: "msteams-ib.post-channel-message"
with:
channel_id: "InvestmentBanking"
text: "Pipeline forecast {{close_date_start}} to {{close_date_end}}: Total ${{get-opportunities.total_value}} across {{get-opportunities.count}} opportunities. Weighted: ${{get-opportunities.weighted_value}}"
consumes:
- type: http
namespace: salesforce-forecast
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
inputParameters:
- name: close_date_gte
in: query
- name: close_date_lte
in: query
operations:
- name: list-opportunities
method: GET
- type: http
namespace: msteams-ib
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Salesforce Quarterly Business Review Prep
▼
client-management qbr salesforce snowflake anthropic confluence
Extracts client relationship data from Salesforce, pulls revenue metrics from Snowflake, and generates a QBR deck outline via Anthropic Claude stored in Confluence.
naftiko: "0.5"
info:
label: "Salesforce Quarterly Business Review Prep"
description: "Extracts client relationship data from Salesforce, pulls revenue metrics from Snowflake, and generates a QBR deck outline via Anthropic Claude stored in Confluence."
tags:
- client-management
- qbr
- salesforce
- snowflake
- anthropic
- confluence
capability:
exposes:
- type: mcp
namespace: qbr-prep
port: 8080
tools:
- name: prepare-qbr
description: "Given a Salesforce account ID and quarter, generate a QBR outline and store in Confluence."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: quarter
in: body
type: string
description: "Fiscal quarter for the QBR."
steps:
- name: get-account-data
type: call
call: "sfdc-qbr.get-account"
with:
id: "{{account_id}}"
- name: get-revenue-metrics
type: call
call: "snowflake-qbr.execute-query"
with:
statement: "SELECT total_revenue, product_breakdown, yoy_growth FROM finance.client_revenue WHERE account_id = '{{account_id}}' AND quarter = '{{quarter}}'"
- name: generate-outline
type: call
call: "anthropic-qbr.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Generate a QBR deck outline for {{get-account-data.name}}, {{quarter}}. Revenue: {{get-revenue-metrics.total_revenue}}, Growth: {{get-revenue-metrics.yoy_growth}}."
- name: store-outline
type: call
call: "confluence-qbr.create-page"
with:
space: "CLIENT"
title: "QBR - {{get-account-data.name}} - {{quarter}}"
body: "{{generate-outline.text}}"
consumes:
- type: http
namespace: sfdc-qbr
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: snowflake-qbr
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: anthropic-qbr
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: confluence-qbr
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Salesforce Wealth Management Client Enrichment
▼
sales wealth-management salesforce linkedin microsoft-teams client-enrichment
Enriches Salesforce wealth management client records with LinkedIn professional data and Bloomberg financial summaries, then flags high-net-worth leads for advisor follow-up via Microsoft Teams.
naftiko: "0.5"
info:
label: "Salesforce Wealth Management Client Enrichment"
description: "Enriches Salesforce wealth management client records with LinkedIn professional data and Bloomberg financial summaries, then flags high-net-worth leads for advisor follow-up via Microsoft Teams."
tags:
- sales
- wealth-management
- salesforce
- linkedin
- microsoft-teams
- client-enrichment
capability:
exposes:
- type: mcp
namespace: wealth-enrichment
port: 8080
tools:
- name: enrich-wealth-client
description: "Given a Salesforce contact ID for a wealth management prospect, enrich with LinkedIn profile data, update the Salesforce record, and post an advisor follow-up reminder to the Wealth Management Teams channel."
inputParameters:
- name: contact_id
in: body
type: string
description: "Salesforce contact ID for the wealth management prospect to enrich."
steps:
- name: get-contact
type: call
call: "salesforce-wealth.get-contact"
with:
contact_id: "{{contact_id}}"
- name: enrich-linkedin
type: call
call: "linkedin-wealth.search-profile"
with:
name: "{{get-contact.full_name}}"
company: "{{get-contact.account_name}}"
- name: update-contact
type: call
call: "salesforce-wealth.update-contact"
with:
contact_id: "{{contact_id}}"
linkedin_url: "{{enrich-linkedin.profile_url}}"
title: "{{enrich-linkedin.headline}}"
- name: notify-advisor
type: call
call: "msteams-wealth.post-channel-message"
with:
channel_id: "WealthManagement"
text: "Client enriched: {{get-contact.full_name}} | LinkedIn: {{enrich-linkedin.profile_url}} | Advisor follow-up recommended."
consumes:
- type: http
namespace: salesforce-wealth
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/sobjects/Contact/{{contact_id}}"
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- name: update-contact
method: PATCH
- type: http
namespace: linkedin-wealth
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: profiles
path: "/people"
inputParameters:
- name: name
in: query
- name: company
in: query
operations:
- name: search-profile
method: GET
- type: http
namespace: msteams-wealth
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
SAP Concur Expense Audit
▼
finance expense-management sap-concur microsoft-teams audit compliance
Audits submitted SAP Concur expense reports against Morgan Stanley's expense policy, flags out-of-policy items, and notifies the Finance compliance Microsoft Teams channel with a summary.
naftiko: "0.5"
info:
label: "SAP Concur Expense Audit"
description: "Audits submitted SAP Concur expense reports against Morgan Stanley's expense policy, flags out-of-policy items, and notifies the Finance compliance Microsoft Teams channel with a summary."
tags:
- finance
- expense-management
- sap-concur
- microsoft-teams
- audit
- compliance
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit-expense-reports
description: "Given an expense submission period, fetch submitted SAP Concur expense reports, flag any line items violating expense policy (amount over threshold, missing receipt), and post a violation summary to Finance Teams."
inputParameters:
- name: period_start
in: body
type: string
description: "Start of the expense audit period in ISO 8601 format."
- name: period_end
in: body
type: string
description: "End of the expense audit period in ISO 8601 format."
- name: policy_limit_usd
in: body
type: number
description: "Maximum allowed single expense amount in USD before flagging."
steps:
- name: get-expense-reports
type: call
call: "sap-concur-audit.list-reports"
with:
status: "Submitted"
start_date: "{{period_start}}"
end_date: "{{period_end}}"
- name: notify-finance
type: call
call: "msteams-expense.post-channel-message"
with:
channel_id: "FinanceCompliance"
text: "Expense audit: {{get-expense-reports.count}} reports for {{period_start}} to {{period_end}}. Policy violations: {{get-expense-reports.violation_count}} items over ${{policy_limit_usd}}."
consumes:
- type: http
namespace: sap-concur-audit
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reports"
inputParameters:
- name: status
in: query
- name: start_date
in: query
- name: end_date
in: query
operations:
- name: list-reports
method: GET
- type: http
namespace: msteams-expense
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
SAP Concur Travel Policy Violation Alert
▼
finance travel sap-concur servicenow microsoft-teams
Detects travel expense policy violations in SAP Concur, creates a compliance case in ServiceNow, and notifies the employee's manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "SAP Concur Travel Policy Violation Alert"
description: "Detects travel expense policy violations in SAP Concur, creates a compliance case in ServiceNow, and notifies the employee's manager via Microsoft Teams."
tags:
- finance
- travel
- sap-concur
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: travel-compliance
port: 8080
tools:
- name: flag-policy-violation
description: "Given a Concur expense report ID, check for policy violations, create a ServiceNow case, and notify the manager."
inputParameters:
- name: report_id
in: body
type: string
description: "SAP Concur expense report ID."
steps:
- name: get-expense-report
type: call
call: "concur-travel.get-report"
with:
report_id: "{{report_id}}"
- name: create-compliance-case
type: call
call: "snow-travel.create-case"
with:
short_description: "Travel policy violation: Report {{report_id}}"
description: "Employee: {{get-expense-report.employee_name}}\nTotal: ${{get-expense-report.total_amount}}"
assignment_group: "Travel_Compliance"
- name: notify-manager
type: call
call: "teams-mgr.send-message"
with:
recipient_upn: "{{get-expense-report.manager_email}}"
text: "Travel policy violation flagged for {{get-expense-report.employee_name}} - Report {{report_id}}. Case: {{create-compliance-case.number}}"
consumes:
- type: http
namespace: concur-travel
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports/{{report_id}}"
inputParameters:
- name: report_id
in: path
operations:
- name: get-report
method: GET
- type: http
namespace: snow-travel
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cases
path: "/table/sn_compliance_case"
operations:
- name: create-case
method: POST
- type: http
namespace: teams-mgr
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
SAP Invoice Approval and Payment Routing
▼
finance procurement sap servicenow microsoft-teams
Retrieves pending invoices from SAP, creates approval tasks in ServiceNow, and notifies the finance team via Microsoft Teams when invoices exceed threshold.
naftiko: "0.5"
info:
label: "SAP Invoice Approval and Payment Routing"
description: "Retrieves pending invoices from SAP, creates approval tasks in ServiceNow, and notifies the finance team via Microsoft Teams when invoices exceed threshold."
tags:
- finance
- procurement
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: invoice-approval
port: 8080
tools:
- name: route-invoice-for-approval
description: "Given an SAP invoice number, retrieve details, create a ServiceNow approval task, and notify finance via Teams."
inputParameters:
- name: invoice_number
in: body
type: string
description: "SAP invoice document number."
steps:
- name: get-invoice
type: call
call: "sap-invoice.get-document"
with:
document_number: "{{invoice_number}}"
- name: create-approval
type: call
call: "snow-approval.create-task"
with:
short_description: "Invoice approval: {{invoice_number}} - ${{get-invoice.amount}}"
description: "Vendor: {{get-invoice.vendor_name}}\nAmount: ${{get-invoice.amount}}\nCost Center: {{get-invoice.cost_center}}"
assignment_group: "Finance_AP"
- name: notify-finance
type: call
call: "teams-finance.send-message"
with:
channel_id: "$secrets.finance_teams_channel"
text: "Invoice {{invoice_number}} from {{get-invoice.vendor_name}} (${{get-invoice.amount}}) requires approval. ServiceNow: {{create-approval.number}}"
consumes:
- type: http
namespace: sap-invoice
baseUri: "https://morganstanley-sap.s4hana.cloud.sap/sap/opu/odata/sap"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: invoices
path: "/API_SUPPLIER_INVOICE_PROCESS_SRV/A_SupplierInvoice('{{document_number}}')"
inputParameters:
- name: document_number
in: path
operations:
- name: get-document
method: GET
- type: http
namespace: snow-approval
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
- type: http
namespace: teams-finance
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/$secrets.finance_team_id/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
ServiceNow Asset Lifecycle Retirement
▼
asset-management lifecycle servicenow jira snowflake
Processes IT asset retirements by updating ServiceNow CMDB records, triggering data wipe verification via Jira, and logging to Snowflake for audit.
naftiko: "0.5"
info:
label: "ServiceNow Asset Lifecycle Retirement"
description: "Processes IT asset retirements by updating ServiceNow CMDB records, triggering data wipe verification via Jira, and logging to Snowflake for audit."
tags:
- asset-management
- lifecycle
- servicenow
- jira
- snowflake
capability:
exposes:
- type: mcp
namespace: asset-retire
port: 8080
tools:
- name: retire-asset
description: "Given a ServiceNow asset tag, process the retirement workflow."
inputParameters:
- name: asset_tag
in: body
type: string
description: "ServiceNow asset tag to retire."
steps:
- name: get-asset
type: call
call: "snow-asset.get-ci"
with:
asset_tag: "{{asset_tag}}"
- name: create-wipe-ticket
type: call
call: "jira-asset.create-issue"
with:
project_key: "ITSEC"
issuetype: "Task"
summary: "Data wipe verification: {{asset_tag}}"
description: "Asset: {{get-asset.name}}\nType: {{get-asset.ci_type}}\nSerial: {{get-asset.serial_number}}\nVerify data wipe before disposal."
- name: log-retirement
type: call
call: "snowflake-asset.insert-record"
with:
table: "IT.ASSET_RETIREMENT_LOG"
asset_tag: "{{asset_tag}}"
ci_type: "{{get-asset.ci_type}}"
wipe_ticket: "{{create-wipe-ticket.key}}"
consumes:
- type: http
namespace: snow-asset
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: get-ci
method: GET
- type: http
namespace: jira-asset
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: snowflake-asset
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
ServiceNow Change Advisory Board Automation
▼
itsm change-management servicenow sharepoint microsoft-teams cab
Aggregates pending ServiceNow change requests for the weekly CAB review, posts a pre-read digest to SharePoint, and sends the meeting agenda to the Change Management Microsoft Teams channel.
naftiko: "0.5"
info:
label: "ServiceNow Change Advisory Board Automation"
description: "Aggregates pending ServiceNow change requests for the weekly CAB review, posts a pre-read digest to SharePoint, and sends the meeting agenda to the Change Management Microsoft Teams channel."
tags:
- itsm
- change-management
- servicenow
- sharepoint
- microsoft-teams
- cab
capability:
exposes:
- type: mcp
namespace: cab-automation
port: 8080
tools:
- name: prepare-cab-agenda
description: "Fetch all ServiceNow change requests in Scheduled state for the upcoming week, generate a CAB pre-read in SharePoint, and post the meeting agenda to the ChangeManagement Teams channel."
inputParameters:
- name: cab_date
in: body
type: string
description: "Date of the CAB meeting in ISO 8601 format."
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID where the CAB pre-read will be saved."
steps:
- name: get-pending-changes
type: call
call: "servicenow-cab.list-changes"
with:
state: "Scheduled"
cab_date: "{{cab_date}}"
- name: create-preread
type: call
call: "sharepoint-cab.create-file"
with:
site_id: "{{sharepoint_site_id}}"
file_name: "CAB_PreRead_{{cab_date}}.csv"
content: "{{get-pending-changes.csv_data}}"
- name: post-agenda
type: call
call: "msteams-cab.post-channel-message"
with:
channel_id: "ChangeManagement"
text: "CAB pre-read ready for {{cab_date}}: {{get-pending-changes.change_count}} changes scheduled. Pre-read: {{create-preread.file_url}}"
consumes:
- type: http
namespace: servicenow-cab
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
inputParameters:
- name: state
in: query
- name: cab_date
in: query
operations:
- name: list-changes
method: GET
- type: http
namespace: sharepoint-cab
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/sites/{{site_id}}/drive/root/children"
inputParameters:
- name: site_id
in: path
operations:
- name: create-file
method: POST
- type: http
namespace: msteams-cab
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
ServiceNow Change Risk Assessment
▼
change-management risk servicenow datadog slack
Evaluates a ServiceNow change request by querying Datadog for service health, checks the deployment window, and posts a risk assessment to the CAB Slack channel.
naftiko: "0.5"
info:
label: "ServiceNow Change Risk Assessment"
description: "Evaluates a ServiceNow change request by querying Datadog for service health, checks the deployment window, and posts a risk assessment to the CAB Slack channel."
tags:
- change-management
- risk
- servicenow
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: change-risk
port: 8080
tools:
- name: assess-change-risk
description: "Given a ServiceNow change request number, check service health in Datadog and post a risk assessment to the CAB channel."
inputParameters:
- name: change_number
in: body
type: string
description: "ServiceNow change request number."
steps:
- name: get-change-request
type: call
call: "snow-change.get-change"
with:
number: "{{change_number}}"
- name: check-service-health
type: call
call: "datadog-change.get-service-health"
with:
service: "{{get-change-request.cmdb_ci}}"
- name: post-risk-assessment
type: call
call: "slack-cab.post-message"
with:
channel: "$secrets.cab_slack_channel"
text: "Change Risk Assessment: {{change_number}}\nService: {{get-change-request.cmdb_ci}}\nHealth: {{check-service-health.overall_state}}\nRisk Level: {{get-change-request.risk}}\nWindow: {{get-change-request.planned_start}} - {{get-change-request.planned_end}}"
consumes:
- type: http
namespace: snow-change
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: get-change
method: GET
- type: http
namespace: datadog-change
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: services
path: "/service_level_objectives"
operations:
- name: get-service-health
method: GET
- type: http
namespace: slack-cab
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
ServiceNow CMDB Asset Reconciliation
▼
asset-management cmdb servicenow microsoft-azure jira slack
Reconciles ServiceNow CMDB records against Azure resource inventory, flags discrepancies in a Jira ticket, and notifies the asset management team via Slack.
naftiko: "0.5"
info:
label: "ServiceNow CMDB Asset Reconciliation"
description: "Reconciles ServiceNow CMDB records against Azure resource inventory, flags discrepancies in a Jira ticket, and notifies the asset management team via Slack."
tags:
- asset-management
- cmdb
- servicenow
- microsoft-azure
- jira
- slack
capability:
exposes:
- type: mcp
namespace: cmdb-recon
port: 8080
tools:
- name: reconcile-cmdb-assets
description: "Given a resource group, reconcile Azure resources against ServiceNow CMDB and flag discrepancies."
inputParameters:
- name: resource_group
in: body
type: string
description: "Azure resource group name to reconcile."
steps:
- name: get-azure-resources
type: call
call: "azure-recon.list-resources"
with:
resource_group: "{{resource_group}}"
- name: get-cmdb-records
type: call
call: "snow-recon.query-cmdb"
with:
resource_group: "{{resource_group}}"
- name: create-discrepancy-ticket
type: call
call: "jira-recon.create-issue"
with:
project_key: "ASSET"
issuetype: "Task"
summary: "CMDB reconciliation: {{resource_group}}"
description: "Azure resources: {{get-azure-resources.count}}\nCMDB records: {{get-cmdb-records.count}}\nDiscrepancies detected."
consumes:
- type: http
namespace: azure-recon
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: resources
path: "/subscriptions/$secrets.azure_subscription_id/resourceGroups/{{resource_group}}/resources"
inputParameters:
- name: resource_group
in: path
operations:
- name: list-resources
method: GET
- type: http
namespace: snow-recon
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: query-cmdb
method: GET
- type: http
namespace: jira-recon
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
ServiceNow Incident Status Lookup
▼
it-operations incident-management servicenow
Retrieves the current status, priority, assigned group, and resolution notes for a ServiceNow incident by number.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Lookup"
description: "Retrieves the current status, priority, assigned group, and resolution notes for a ServiceNow incident by number."
tags:
- it-operations
- incident-management
- servicenow
capability:
exposes:
- type: mcp
namespace: incident-lookup
port: 8080
tools:
- name: get-incident-status
description: "Given a ServiceNow incident number, return its current state, priority, assigned group, and short description."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number (e.g., INC0012345)."
call: "snow-incidents.get-incident"
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
consumes:
- type: http
namespace: snow-incidents
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
ServiceNow Major Incident Bridge Setup
▼
incident-management major-incident servicenow zoom slack pagerduty
When a P1 incident is created in ServiceNow, automatically creates a Zoom bridge, posts details to the incident Slack channel, and pages the on-call via PagerDuty.
naftiko: "0.5"
info:
label: "ServiceNow Major Incident Bridge Setup"
description: "When a P1 incident is created in ServiceNow, automatically creates a Zoom bridge, posts details to the incident Slack channel, and pages the on-call via PagerDuty."
tags:
- incident-management
- major-incident
- servicenow
- zoom
- slack
- pagerduty
capability:
exposes:
- type: mcp
namespace: major-incident
port: 8080
tools:
- name: setup-incident-bridge
description: "Given a ServiceNow incident number, create a Zoom bridge, post to Slack, and page the on-call engineer."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow P1 incident number."
- name: service_id
in: body
type: string
description: "PagerDuty service ID for the affected service."
steps:
- name: get-incident
type: call
call: "snow-mi.get-incident"
with:
number: "{{incident_number}}"
- name: create-bridge
type: call
call: "zoom-mi.create-meeting"
with:
topic: "P1 Bridge: {{get-incident.short_description}}"
duration: 120
- name: notify-channel
type: call
call: "slack-mi.post-message"
with:
channel: "$secrets.incident_slack_channel"
text: "P1 INCIDENT: {{incident_number}} - {{get-incident.short_description}}\nZoom Bridge: {{create-bridge.join_url}}\nPriority: {{get-incident.priority}}"
- name: page-oncall
type: call
call: "pagerduty-mi.create-incident"
with:
service_id: "{{service_id}}"
summary: "P1: {{get-incident.short_description}} | Bridge: {{create-bridge.join_url}}"
severity: "critical"
consumes:
- type: http
namespace: snow-mi
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
- type: http
namespace: zoom-mi
baseUri: "https://api.zoom.us/v2"
authentication:
type: bearer
token: "$secrets.zoom_token"
resources:
- name: meetings
path: "/users/me/meetings"
operations:
- name: create-meeting
method: POST
- type: http
namespace: slack-mi
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: pagerduty-mi
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_api_key"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
ServiceNow P1 Incident Escalation
▼
itsm incident-response servicenow pagerduty microsoft-teams jira trading-systems
When a P1 ServiceNow incident is opened for a production trading system, pages the on-call engineer via PagerDuty, posts context to Microsoft Teams, and creates a Jira war room issue.
naftiko: "0.5"
info:
label: "ServiceNow P1 Incident Escalation"
description: "When a P1 ServiceNow incident is opened for a production trading system, pages the on-call engineer via PagerDuty, posts context to Microsoft Teams, and creates a Jira war room issue."
tags:
- itsm
- incident-response
- servicenow
- pagerduty
- microsoft-teams
- jira
- trading-systems
capability:
exposes:
- type: mcp
namespace: p1-escalation
port: 8080
tools:
- name: escalate-p1-incident
description: "Given a ServiceNow P1 incident number for a trading system outage, trigger a PagerDuty alert to the on-call engineer, post context to the OnCall Teams channel, and open a Jira war room issue."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow P1 incident number, e.g. INC0012345."
- name: affected_system
in: body
type: string
description: "Name of the affected trading or production system."
- name: pagerduty_service_id
in: body
type: string
description: "PagerDuty service ID to trigger the alert on."
steps:
- name: get-incident
type: call
call: "servicenow-p1.get-incident"
with:
number: "{{incident_number}}"
- name: trigger-pagerduty
type: call
call: "pagerduty.create-incident"
with:
service_id: "{{pagerduty_service_id}}"
title: "P1: {{affected_system}} outage — {{incident_number}}"
description: "{{get-incident.description}}"
- name: open-war-room
type: call
call: "jira-p1.create-issue"
with:
project_key: "OPS"
issuetype: "Incident"
summary: "[WAR ROOM] P1: {{affected_system}} — {{incident_number}}"
description: "SNOW: {{incident_number}}\nPagerDuty: {{trigger-pagerduty.incident_id}}"
- name: alert-oncall
type: call
call: "msteams-p1.post-channel-message"
with:
channel_id: "OnCall"
text: "P1 INCIDENT: {{affected_system}} | SNOW: {{incident_number}} | PD: {{trigger-pagerduty.incident_id}} | Jira: {{open-war-room.key}}"
consumes:
- type: http
namespace: servicenow-p1
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident/{{number}}"
inputParameters:
- name: number
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: jira-p1
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-p1
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Slack Channel Message Post
▼
communications messaging slack
Posts a message to a specified Slack channel, supporting automated notifications and team communication workflows.
naftiko: "0.5"
info:
label: "Slack Channel Message Post"
description: "Posts a message to a specified Slack channel, supporting automated notifications and team communication workflows."
tags:
- communications
- messaging
- slack
capability:
exposes:
- type: mcp
namespace: slack-msg
port: 8080
tools:
- name: post-message
description: "Given a Slack channel ID and message text, post the message to that channel."
inputParameters:
- name: channel_id
in: body
type: string
description: "Slack channel ID."
- name: text
in: body
type: string
description: "Message text to post."
call: "slack-api.post-message"
with:
channel: "{{channel_id}}"
text: "{{text}}"
consumes:
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Slack IT Support Ticket Creation
▼
it-support automation slack servicenow
Converts Slack IT support requests into ServiceNow incidents, assigns priority based on keywords, and sends confirmation back to the requester in Slack.
naftiko: "0.5"
info:
label: "Slack IT Support Ticket Creation"
description: "Converts Slack IT support requests into ServiceNow incidents, assigns priority based on keywords, and sends confirmation back to the requester in Slack."
tags:
- it-support
- automation
- slack
- servicenow
capability:
exposes:
- type: mcp
namespace: it-support
port: 8080
tools:
- name: create-support-ticket
description: "Given a Slack message and user, create a ServiceNow incident and confirm back in Slack."
inputParameters:
- name: message_text
in: body
type: string
description: "IT support request message text."
- name: requester_email
in: body
type: string
description: "Email of the Slack user requesting support."
- name: channel_id
in: body
type: string
description: "Slack channel ID where the request was made."
steps:
- name: create-incident
type: call
call: "snow-support.create-incident"
with:
short_description: "{{message_text}}"
caller_id: "{{requester_email}}"
category: "inquiry"
- name: confirm-in-slack
type: call
call: "slack-support.post-message"
with:
channel: "{{channel_id}}"
text: "IT Support ticket created: {{create-incident.number}} | {{message_text}}"
consumes:
- type: http
namespace: snow-support
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-support
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Client Revenue Attribution Report
▼
finance revenue snowflake salesforce tableau
Calculates client revenue attribution from Snowflake, updates Salesforce account records, and refreshes the Tableau revenue dashboard.
naftiko: "0.5"
info:
label: "Snowflake Client Revenue Attribution Report"
description: "Calculates client revenue attribution from Snowflake, updates Salesforce account records, and refreshes the Tableau revenue dashboard."
tags:
- finance
- revenue
- snowflake
- salesforce
- tableau
capability:
exposes:
- type: mcp
namespace: revenue-attribution
port: 8080
tools:
- name: run-revenue-attribution
description: "Given a fiscal period, calculate revenue attribution and update downstream systems."
inputParameters:
- name: fiscal_period
in: body
type: string
description: "Fiscal period (e.g., 2026-Q1)."
steps:
- name: calculate-attribution
type: call
call: "snowflake-rev.execute-query"
with:
statement: "CALL FINANCE.CALCULATE_REVENUE_ATTRIBUTION('{{fiscal_period}}')"
- name: update-salesforce
type: call
call: "sfdc-rev.update-accounts"
with:
period: "{{fiscal_period}}"
data: "{{calculate-attribution.results}}"
- name: refresh-dashboard
type: call
call: "tableau-rev.trigger-refresh"
with:
datasource_id: "$secrets.tableau_revenue_datasource_id"
consumes:
- type: http
namespace: snowflake-rev
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: sfdc-rev
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/composite/sobjects"
operations:
- name: update-accounts
method: PATCH
- type: http
namespace: tableau-rev
baseUri: "https://tableau.morganstanley.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasources
path: "/sites/default/datasources/{{datasource_id}}/refresh"
inputParameters:
- name: datasource_id
in: path
operations:
- name: trigger-refresh
method: POST
Snowflake Data Quality Alert Workflow
▼
data-engineering data-quality snowflake jira slack
Runs data quality checks in Snowflake, creates a Jira ticket for data engineering when thresholds are breached, and notifies the data platform team via Slack.
naftiko: "0.5"
info:
label: "Snowflake Data Quality Alert Workflow"
description: "Runs data quality checks in Snowflake, creates a Jira ticket for data engineering when thresholds are breached, and notifies the data platform team via Slack."
tags:
- data-engineering
- data-quality
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: dq-alert
port: 8080
tools:
- name: run-data-quality-check
description: "Given a Snowflake table and quality rule, run the check and create alerts if thresholds are breached."
inputParameters:
- name: table_name
in: body
type: string
description: "Fully qualified Snowflake table name."
- name: quality_rule
in: body
type: string
description: "SQL expression for the data quality check."
steps:
- name: run-check
type: call
call: "snowflake-dq.execute-query"
with:
statement: "SELECT COUNT(*) as violations FROM {{table_name}} WHERE {{quality_rule}}"
- name: create-ticket
type: call
call: "jira-dq.create-issue"
with:
project_key: "DATA"
issuetype: "Bug"
summary: "Data quality violation: {{table_name}}"
description: "Rule: {{quality_rule}}\nViolations: {{run-check.violations}}"
- name: notify-team
type: call
call: "slack-data.post-message"
with:
channel: "$secrets.data_platform_channel"
text: "DQ Alert: {{run-check.violations}} violations in {{table_name}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-dq
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: jira-dq
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-data
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Snowflake Financial Data Pipeline Monitor
▼
data analytics snowflake servicenow microsoft-teams pipeline-monitoring
Monitors Snowflake task execution history for financial data pipeline failures, creates ServiceNow incidents for repeated failures, and posts a pipeline health digest to the Data Engineering Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Snowflake Financial Data Pipeline Monitor"
description: "Monitors Snowflake task execution history for financial data pipeline failures, creates ServiceNow incidents for repeated failures, and posts a pipeline health digest to the Data Engineering Microsoft Teams channel."
tags:
- data
- analytics
- snowflake
- servicenow
- microsoft-teams
- pipeline-monitoring
capability:
exposes:
- type: mcp
namespace: data-pipeline-ops
port: 8080
tools:
- name: monitor-financial-pipelines
description: "Given a Snowflake warehouse name and failure threshold, check task execution history for the last 24 hours, open ServiceNow incidents for failing tasks, and post a digest to the DataEngineering Teams channel."
inputParameters:
- name: warehouse_name
in: body
type: string
description: "Snowflake warehouse name to monitor task history for."
- name: failure_threshold
in: body
type: integer
description: "Number of task failures in 24 hours that triggers a ServiceNow incident."
steps:
- name: get-task-failures
type: call
call: "snowflake-pipeline.query-task-history"
with:
warehouse: "{{warehouse_name}}"
state: "FAILED"
- name: create-snow-incident
type: call
call: "servicenow-data.create-incident"
with:
short_description: "Snowflake pipeline failures: {{warehouse_name}} — {{get-task-failures.failure_count}} failures"
category: "data_engineering"
urgency: "2"
- name: post-digest
type: call
call: "msteams-dataeng.post-channel-message"
with:
channel_id: "DataEngineering"
text: "Pipeline monitor: {{get-task-failures.failure_count}} task failures in {{warehouse_name}}. SNOW: {{create-snow-incident.number}}"
consumes:
- type: http
namespace: snowflake-pipeline
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/PROD/schemas/FINANCE/tasks/executions"
inputParameters:
- name: warehouse
in: query
- name: state
in: query
operations:
- name: query-task-history
method: GET
- type: http
namespace: servicenow-data
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-dataeng
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Snowflake Query Execution
▼
data analytics snowflake
Executes a read-only SQL query against Morgan Stanley's Snowflake data warehouse and returns the result set for analytics and reporting purposes.
naftiko: "0.5"
info:
label: "Snowflake Query Execution"
description: "Executes a read-only SQL query against Morgan Stanley's Snowflake data warehouse and returns the result set for analytics and reporting purposes."
tags:
- data
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: snowflake-query
port: 8080
tools:
- name: run-query
description: "Given a SQL SELECT statement, execute it against Snowflake and return the result set. Only read-only queries are permitted."
inputParameters:
- name: sql_statement
in: body
type: string
description: "SQL SELECT statement to execute."
- name: warehouse
in: body
type: string
description: "Snowflake warehouse name to use for compute."
call: "snowflake-sql.execute-statement"
with:
statement: "{{sql_statement}}"
warehouse: "{{warehouse}}"
consumes:
- type: http
namespace: snowflake-sql
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
Snowflake Regulatory Capital Report
▼
regulatory capital snowflake microsoft-teams confluence
Executes regulatory capital calculations in Snowflake, generates a formatted report, and distributes to stakeholders via Microsoft Teams and Confluence.
naftiko: "0.5"
info:
label: "Snowflake Regulatory Capital Report"
description: "Executes regulatory capital calculations in Snowflake, generates a formatted report, and distributes to stakeholders via Microsoft Teams and Confluence."
tags:
- regulatory
- capital
- snowflake
- microsoft-teams
- confluence
capability:
exposes:
- type: mcp
namespace: reg-capital
port: 8080
tools:
- name: generate-capital-report
description: "Given a reporting date, run capital calculations in Snowflake and distribute the report."
inputParameters:
- name: reporting_date
in: body
type: string
description: "Reporting date in YYYY-MM-DD format."
steps:
- name: run-calculations
type: call
call: "snowflake-cap.execute-query"
with:
statement: "CALL REGULATORY.CALCULATE_CAPITAL_RATIOS('{{reporting_date}}')"
- name: publish-report
type: call
call: "confluence-cap.create-page"
with:
space: "REGULATORY"
title: "Capital Report - {{reporting_date}}"
body: "CET1 Ratio: {{run-calculations.cet1_ratio}}\nTier 1: {{run-calculations.tier1_ratio}}\nTotal Capital: {{run-calculations.total_capital_ratio}}"
- name: notify-stakeholders
type: call
call: "teams-cap.send-message"
with:
channel_id: "$secrets.regulatory_teams_channel"
text: "Regulatory Capital Report for {{reporting_date}} published. CET1: {{run-calculations.cet1_ratio}}%. View in Confluence."
consumes:
- type: http
namespace: snowflake-cap
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence-cap
baseUri: "https://morganstanley.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: teams-cap
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/$secrets.regulatory_team_id/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: send-message
method: POST
Snowflake Risk Metrics Snapshot
▼
finance risk-management snowflake microsoft-teams market-risk reporting
Queries Snowflake for daily market risk metrics (VaR, CVaR), validates results against expected ranges, and posts the risk snapshot to the Risk Management Microsoft Teams channel with exception alerts.
naftiko: "0.5"
info:
label: "Snowflake Risk Metrics Snapshot"
description: "Queries Snowflake for daily market risk metrics (VaR, CVaR), validates results against expected ranges, and posts the risk snapshot to the Risk Management Microsoft Teams channel with exception alerts."
tags:
- finance
- risk-management
- snowflake
- microsoft-teams
- market-risk
- reporting
capability:
exposes:
- type: mcp
namespace: risk-reporting
port: 8080
tools:
- name: publish-risk-snapshot
description: "Given a reporting date, query Snowflake for VaR and CVaR metrics, flag any values outside expected ranges, and post the daily risk snapshot to the RiskManagement Teams channel."
inputParameters:
- name: reporting_date
in: body
type: string
description: "Date for the risk metrics snapshot in ISO 8601 format."
- name: var_limit_usd
in: body
type: number
description: "Value-at-Risk limit in USD. Breaches trigger exception flags."
steps:
- name: query-risk-metrics
type: call
call: "snowflake-risk.run-var-query"
with:
as_of_date: "{{reporting_date}}"
- name: post-snapshot
type: call
call: "msteams-risk.post-channel-message"
with:
channel_id: "RiskManagement"
text: "Risk snapshot {{reporting_date}}: VaR ${{query-risk-metrics.var_usd}} | CVaR ${{query-risk-metrics.cvar_usd}} | Limit ${{var_limit_usd}} | Status: {{query-risk-metrics.breach_status}}"
consumes:
- type: http
namespace: snowflake-risk
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
inputParameters:
- name: as_of_date
in: query
operations:
- name: run-var-query
method: POST
- type: http
namespace: msteams-risk
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Splunk Search Query
▼
security logging splunk
Submits a Splunk search query and returns matching events, supporting security investigation and log analysis for the technology infrastructure team.
naftiko: "0.5"
info:
label: "Splunk Search Query"
description: "Submits a Splunk search query and returns matching events, supporting security investigation and log analysis for the technology infrastructure team."
tags:
- security
- logging
- splunk
capability:
exposes:
- type: mcp
namespace: splunk-search
port: 8080
tools:
- name: run-search
description: "Given a Splunk search query string and time range, submit the search and return matching events."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk SPL search query."
- name: earliest_time
in: body
type: string
description: "Earliest time for the search range (e.g., -24h)."
call: "splunk-api.create-search"
with:
search: "{{search_query}}"
earliest_time: "{{earliest_time}}"
consumes:
- type: http
namespace: splunk-api
baseUri: "https://splunk.morganstanley.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: searches
path: "/search/jobs"
operations:
- name: create-search
method: POST
Tableau Financial Dashboard Refresh
▼
data analytics tableau microsoft-teams reporting finance
Triggers a Tableau datasource refresh for financial dashboards, monitors completion status, and posts the refresh result to the Finance Analytics Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Tableau Financial Dashboard Refresh"
description: "Triggers a Tableau datasource refresh for financial dashboards, monitors completion status, and posts the refresh result to the Finance Analytics Microsoft Teams channel."
tags:
- data
- analytics
- tableau
- microsoft-teams
- reporting
- finance
capability:
exposes:
- type: mcp
namespace: finance-analytics
port: 8080
tools:
- name: refresh-financial-dashboard
description: "Given a Tableau datasource ID for financial reporting, trigger a refresh and notify the Finance Analytics Teams channel when complete. Use when stakeholders need fresh data outside the scheduled refresh."
inputParameters:
- name: datasource_id
in: body
type: string
description: "Tableau datasource ID to trigger refresh for."
- name: dashboard_name
in: body
type: string
description: "Human-readable dashboard name for the Teams notification."
steps:
- name: trigger-refresh
type: call
call: "tableau-finance.refresh-datasource"
with:
datasource_id: "{{datasource_id}}"
- name: notify-finance-analytics
type: call
call: "msteams-fin-analytics.post-channel-message"
with:
channel_id: "FinanceAnalytics"
text: "Dashboard refresh triggered: {{dashboard_name}} ({{datasource_id}}). Job ID: {{trigger-refresh.job_id}}"
consumes:
- type: http
namespace: tableau-finance
baseUri: "https://prod-useast-a.online.tableau.com/api/3.21"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasource-refreshes
path: "/sites/{{datasource_id}}/datasources/{{datasource_id}}/refresh"
inputParameters:
- name: datasource_id
in: path
operations:
- name: refresh-datasource
method: POST
- type: http
namespace: msteams-fin-analytics
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Tableau Workbook Status Check
▼
reporting visualization tableau
Returns the current status, owner, and last published date for a Tableau workbook, supporting dashboard governance and monitoring.
naftiko: "0.5"
info:
label: "Tableau Workbook Status Check"
description: "Returns the current status, owner, and last published date for a Tableau workbook, supporting dashboard governance and monitoring."
tags:
- reporting
- visualization
- tableau
capability:
exposes:
- type: mcp
namespace: tableau-status
port: 8080
tools:
- name: get-workbook-status
description: "Given a Tableau workbook ID, return the workbook name, owner, project, and last updated timestamp."
inputParameters:
- name: workbook_id
in: body
type: string
description: "Tableau Server workbook ID."
call: "tableau-api.get-workbook"
with:
id: "{{workbook_id}}"
outputParameters:
- name: name
type: string
mapping: "$.workbook.name"
- name: owner
type: string
mapping: "$.workbook.owner.name"
consumes:
- type: http
namespace: tableau-api
baseUri: "https://tableau.morganstanley.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: workbooks
path: "/sites/default/workbooks/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-workbook
method: GET
Terraform Drift Detection Remediation
▼
infrastructure iac terraform jira slack
Detects infrastructure drift via Terraform Cloud, creates a Jira remediation ticket, and alerts the platform engineering team via Slack.
naftiko: "0.5"
info:
label: "Terraform Drift Detection Remediation"
description: "Detects infrastructure drift via Terraform Cloud, creates a Jira remediation ticket, and alerts the platform engineering team via Slack."
tags:
- infrastructure
- iac
- terraform
- jira
- slack
capability:
exposes:
- type: mcp
namespace: tf-drift
port: 8080
tools:
- name: handle-terraform-drift
description: "Given a Terraform workspace ID, check for drift, create a Jira ticket, and notify the platform team."
inputParameters:
- name: workspace_id
in: body
type: string
description: "Terraform Cloud workspace ID."
steps:
- name: check-drift
type: call
call: "terraform-api.get-workspace-status"
with:
workspace_id: "{{workspace_id}}"
- name: create-remediation-ticket
type: call
call: "jira-infra.create-issue"
with:
project_key: "PLATFORM"
issuetype: "Bug"
summary: "Terraform drift: {{check-drift.workspace_name}}"
description: "Workspace: {{check-drift.workspace_name}}\nResources drifted: {{check-drift.drift_count}}"
- name: notify-team
type: call
call: "slack-platform.post-message"
with:
channel: "$secrets.platform_slack_channel"
text: "Terraform Drift: {{check-drift.workspace_name}} | {{check-drift.drift_count}} resources | Jira: {{create-remediation-ticket.key}}"
consumes:
- type: http
namespace: terraform-api
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/workspaces/{{workspace_id}}"
inputParameters:
- name: workspace_id
in: path
operations:
- name: get-workspace-status
method: GET
- type: http
namespace: jira-infra
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-platform
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Trade Surveillance Alert to Compliance Case
▼
compliance finance refinitiv salesforce snowflake microsoft-teams trade-surveillance
When a Refinitiv World-Check alert is generated for a potential regulatory breach, creates a Salesforce compliance case, logs the alert in Snowflake for audit, and notifies the Compliance Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Trade Surveillance Alert to Compliance Case"
description: "When a Refinitiv World-Check alert is generated for a potential regulatory breach, creates a Salesforce compliance case, logs the alert in Snowflake for audit, and notifies the Compliance Microsoft Teams channel."
tags:
- compliance
- finance
- refinitiv
- salesforce
- snowflake
- microsoft-teams
- trade-surveillance
capability:
exposes:
- type: mcp
namespace: compliance-ops
port: 8080
tools:
- name: handle-trade-alert
description: "Given a Refinitiv World-Check alert ID and trade details, create a Salesforce compliance case, log the alert to Snowflake for regulatory audit trail, and notify the Compliance Teams channel."
inputParameters:
- name: alert_id
in: body
type: string
description: "Refinitiv World-Check alert identifier."
- name: trader_id
in: body
type: string
description: "Internal trader identifier associated with the alert."
- name: trade_date
in: body
type: string
description: "Date of the flagged trade in ISO 8601 format."
steps:
- name: get-alert
type: call
call: "refinitiv.get-alert"
with:
alert_id: "{{alert_id}}"
- name: create-compliance-case
type: call
call: "salesforce-compliance.create-case"
with:
subject: "Trade surveillance alert: {{alert_id}} — Trader {{trader_id}}"
description: "Alert type: {{get-alert.alert_type}}\nRisk score: {{get-alert.risk_score}}\nTrade date: {{trade_date}}"
priority: "High"
- name: log-audit-trail
type: call
call: "snowflake-audit.insert-record"
with:
table: "COMPLIANCE.TRADE_ALERTS"
alert_id: "{{alert_id}}"
case_id: "{{create-compliance-case.case_number}}"
trader_id: "{{trader_id}}"
- name: notify-compliance
type: call
call: "msteams-compliance.post-channel-message"
with:
channel_id: "Compliance"
text: "Trade alert {{alert_id}}: Risk score {{get-alert.risk_score}} | Salesforce case: {{create-compliance-case.case_number}} | Trader: {{trader_id}}"
consumes:
- type: http
namespace: refinitiv
baseUri: "https://api.thomsonreuters.com/worldcheck/v1"
authentication:
type: bearer
token: "$secrets.refinitiv_token"
resources:
- name: alerts
path: "/alerts/{{alert_id}}"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert
method: GET
- type: http
namespace: salesforce-compliance
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: snowflake-audit
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
- type: http
namespace: msteams-compliance
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{channel_id}}/channels/General/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Wealth Advisor Client Briefing Generator
▼
wealth-management ai snowflake anthropic microsoft-teams
Pulls client portfolio data from Snowflake, generates a meeting briefing using Anthropic Claude, and delivers it to the advisor via Microsoft Teams before scheduled client meetings.
naftiko: "0.5"
info:
label: "Wealth Advisor Client Briefing Generator"
description: "Pulls client portfolio data from Snowflake, generates a meeting briefing using Anthropic Claude, and delivers it to the advisor via Microsoft Teams before scheduled client meetings."
tags:
- wealth-management
- ai
- snowflake
- anthropic
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: client-briefing
port: 8080
tools:
- name: generate-client-briefing
description: "Given a client account ID, pull portfolio data from Snowflake, generate a briefing with Claude, and send to the advisor via Teams."
inputParameters:
- name: client_account_id
in: body
type: string
description: "Client portfolio account identifier."
- name: advisor_upn
in: body
type: string
description: "Advisor Microsoft Teams UPN."
steps:
- name: get-portfolio-data
type: call
call: "snowflake-wm.execute-query"
with:
statement: "SELECT account_name, total_aum, ytd_return, asset_allocation_summary FROM wealth.client_portfolios WHERE account_id = '{{client_account_id}}'"
- name: generate-briefing
type: call
call: "anthropic-wm.create-message"
with:
model: "claude-3-5-sonnet-20241022"
content: "Generate a concise client meeting briefing for account {{client_account_id}}: AUM {{get-portfolio-data.total_aum}}, YTD return {{get-portfolio-data.ytd_return}}. Include talking points and portfolio recommendations."
- name: deliver-briefing
type: call
call: "teams-wm.send-message"
with:
recipient_upn: "{{advisor_upn}}"
text: "Client Briefing - {{get-portfolio-data.account_name}}\n\n{{generate-briefing.text}}"
consumes:
- type: http
namespace: snowflake-wm
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: anthropic-wm
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: teams-wm
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Workday Benefits Enrollment Reminder
▼
hr benefits workday microsoft-teams snowflake
Queries Workday for employees with pending benefits elections, sends personalized Microsoft Teams reminders, and logs outreach to Snowflake for HR analytics.
naftiko: "0.5"
info:
label: "Workday Benefits Enrollment Reminder"
description: "Queries Workday for employees with pending benefits elections, sends personalized Microsoft Teams reminders, and logs outreach to Snowflake for HR analytics."
tags:
- hr
- benefits
- workday
- microsoft-teams
- snowflake
capability:
exposes:
- type: mcp
namespace: benefits-reminder
port: 8080
tools:
- name: send-enrollment-reminders
description: "Given an enrollment period ID, find employees with pending elections, send Teams reminders, and log outreach."
inputParameters:
- name: enrollment_period_id
in: body
type: string
description: "Workday benefits enrollment period identifier."
steps:
- name: get-pending-enrollments
type: call
call: "workday-benefits.get-pending"
with:
period_id: "{{enrollment_period_id}}"
- name: send-reminder
type: call
call: "teams-hr.send-message"
with:
recipient_upn: "{{get-pending-enrollments.employee_email}}"
text: "Reminder: Your benefits enrollment for {{enrollment_period_id}} is pending. Please complete your elections in Workday by the deadline."
- name: log-outreach
type: call
call: "snowflake-hr.insert-record"
with:
table: "HR.BENEFITS_OUTREACH_LOG"
period_id: "{{enrollment_period_id}}"
employee_count: "{{get-pending-enrollments.count}}"
consumes:
- type: http
namespace: workday-benefits
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: enrollments
path: "/morganstanley/benefits/enrollments"
operations:
- name: get-pending
method: GET
- type: http
namespace: teams-hr
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: snowflake-hr
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
Workday Compensation Change Approval
▼
hr compensation workday jira microsoft-teams snowflake approval
When a compensation change proposal is submitted in Workday, creates a Jira approval task for the HR business partner, notifies the approver via Microsoft Teams, and logs the proposal to Snowflake for compensation audit.
naftiko: "0.5"
info:
label: "Workday Compensation Change Approval"
description: "When a compensation change proposal is submitted in Workday, creates a Jira approval task for the HR business partner, notifies the approver via Microsoft Teams, and logs the proposal to Snowflake for compensation audit."
tags:
- hr
- compensation
- workday
- jira
- microsoft-teams
- snowflake
- approval
capability:
exposes:
- type: mcp
namespace: compensation-approvals
port: 8080
tools:
- name: route-compensation-change
description: "Given a Workday compensation change proposal ID, create a Jira approval task for the HR business partner, notify them via Teams direct message, and log the proposal details to Snowflake."
inputParameters:
- name: proposal_id
in: body
type: string
description: "Workday compensation change proposal identifier."
- name: approver_employee_id
in: body
type: string
description: "Workday employee ID of the HR business partner approver."
steps:
- name: get-proposal
type: call
call: "workday-comp.get-proposal"
with:
proposal_id: "{{proposal_id}}"
- name: create-approval-task
type: call
call: "jira-comp.create-issue"
with:
project_key: "HR"
issuetype: "Task"
summary: "Compensation change approval: {{get-proposal.employee_name}} — {{get-proposal.change_amount}}"
description: "Proposal: {{proposal_id}}\nEmployee: {{get-proposal.employee_name}}\nChange: {{get-proposal.change_amount}}\nEffective: {{get-proposal.effective_date}}"
- name: notify-approver
type: call
call: "msteams-comp.send-message"
with:
recipient_upn: "{{approver_employee_id}}"
text: "Compensation approval required: {{get-proposal.employee_name}} — change of {{get-proposal.change_amount}}. Jira: {{create-approval-task.key}}"
- name: log-proposal
type: call
call: "snowflake-comp.insert-record"
with:
table: "HR.COMPENSATION_PROPOSALS"
proposal_id: "{{proposal_id}}"
jira_key: "{{create-approval-task.key}}"
status: "PENDING_APPROVAL"
consumes:
- type: http
namespace: workday-comp
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: compensation-proposals
path: "/morganstanley/compensationProposals/{{proposal_id}}"
inputParameters:
- name: proposal_id
in: path
operations:
- name: get-proposal
method: GET
- type: http
namespace: jira-comp
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-comp
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user-mail
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: snowflake-comp
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: sql-statements
path: "/statements"
operations:
- name: insert-record
method: POST
Workday Compensation Review to Snowflake Analytics
▼
hr compensation workday snowflake tableau
Extracts compensation review data from Workday, loads it into Snowflake for benchmarking analytics, and refreshes the Tableau compensation dashboard.
naftiko: "0.5"
info:
label: "Workday Compensation Review to Snowflake Analytics"
description: "Extracts compensation review data from Workday, loads it into Snowflake for benchmarking analytics, and refreshes the Tableau compensation dashboard."
tags:
- hr
- compensation
- workday
- snowflake
- tableau
capability:
exposes:
- type: mcp
namespace: comp-analytics
port: 8080
tools:
- name: sync-compensation-data
description: "Extract compensation review cycle data from Workday, load to Snowflake, and refresh the Tableau dashboard."
inputParameters:
- name: review_cycle_id
in: body
type: string
description: "Workday compensation review cycle identifier."
steps:
- name: extract-comp-data
type: call
call: "workday-comp.get-review-data"
with:
cycle_id: "{{review_cycle_id}}"
- name: load-to-snowflake
type: call
call: "snowflake-comp.execute-statement"
with:
statement: "CALL HR_ANALYTICS.LOAD_COMP_REVIEW('{{review_cycle_id}}')"
- name: refresh-tableau
type: call
call: "tableau-comp.trigger-extract-refresh"
with:
datasource_id: "$secrets.tableau_comp_datasource_id"
consumes:
- type: http
namespace: workday-comp
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: compensation
path: "/morganstanley/compensation/reviews/{{cycle_id}}"
inputParameters:
- name: cycle_id
in: path
operations:
- name: get-review-data
method: GET
- type: http
namespace: snowflake-comp
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: tableau-comp
baseUri: "https://tableau.morganstanley.com/api/3.19"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasources
path: "/sites/default/datasources/{{datasource_id}}/refresh"
inputParameters:
- name: datasource_id
in: path
operations:
- name: trigger-extract-refresh
method: POST
Workday Employee Directory Lookup
▼
hr directory workday
Looks up an employee's profile details from Workday including department, manager, location, and job title for internal directory queries.
naftiko: "0.5"
info:
label: "Workday Employee Directory Lookup"
description: "Looks up an employee's profile details from Workday including department, manager, location, and job title for internal directory queries."
tags:
- hr
- directory
- workday
capability:
exposes:
- type: mcp
namespace: employee-directory
port: 8080
tools:
- name: lookup-employee
description: "Given a Workday employee ID, return their full name, department, job title, manager, and office location."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
call: "workday-dir.get-worker"
with:
worker_id: "{{employee_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.full_name"
- name: department
type: string
mapping: "$.department"
- name: job_title
type: string
mapping: "$.job_title"
consumes:
- type: http
namespace: workday-dir
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/morganstanley/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Workday Headcount Snapshot for Finance
▼
hr finance workday tableau reporting headcount
Exports Workday headcount by department and cost center and pushes the dataset to Tableau for executive workforce cost dashboards.
naftiko: "0.5"
info:
label: "Workday Headcount Snapshot for Finance"
description: "Exports Workday headcount by department and cost center and pushes the dataset to Tableau for executive workforce cost dashboards."
tags:
- hr
- finance
- workday
- tableau
- reporting
- headcount
capability:
exposes:
- type: mcp
namespace: hr-finance-reporting
port: 8080
tools:
- name: publish-headcount-snapshot
description: "Export current Workday headcount by department and cost center, and publish the data to a Tableau datasource for executive workforce cost analysis."
inputParameters:
- name: as_of_date
in: body
type: string
description: "Effective date for the headcount snapshot in ISO 8601 format."
- name: tableau_datasource_id
in: body
type: string
description: "Tableau datasource ID to publish headcount data to."
steps:
- name: export-headcount
type: call
call: "workday-headcount.export-workers"
with:
as_of_date: "{{as_of_date}}"
- name: publish-to-tableau
type: call
call: "tableau.publish-datasource"
with:
datasource_id: "{{tableau_datasource_id}}"
data: "{{export-headcount.rows}}"
consumes:
- type: http
namespace: workday-headcount
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: worker-exports
path: "/morganstanley/workers/export"
inputParameters:
- name: as_of_date
in: query
operations:
- name: export-workers
method: GET
- type: http
namespace: tableau
baseUri: "https://prod-useast-a.online.tableau.com/api/3.21"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasources
path: "/sites/{{tableau_datasource_id}}/datasources"
inputParameters:
- name: tableau_datasource_id
in: path
operations:
- name: publish-datasource
method: POST
Workday Job Requisition to Salesforce Recruiting
▼
hr recruiting workday salesforce linkedin talent-acquisition
Fetches approved job requisitions from Workday Recruiting, creates corresponding Salesforce opportunity records for recruiting pipeline tracking, and publishes job postings to LinkedIn.
naftiko: "0.5"
info:
label: "Workday Job Requisition to Salesforce Recruiting"
description: "Fetches approved job requisitions from Workday Recruiting, creates corresponding Salesforce opportunity records for recruiting pipeline tracking, and publishes job postings to LinkedIn."
tags:
- hr
- recruiting
- workday
- salesforce
- linkedin
- talent-acquisition
capability:
exposes:
- type: mcp
namespace: talent-pipeline
port: 8080
tools:
- name: sync-requisitions-to-salesforce
description: "Given a Workday requisition status filter, fetch approved requisitions, create Salesforce opportunity records for each, and publish job postings to LinkedIn."
inputParameters:
- name: requisition_status
in: body
type: string
description: "Workday requisition status to filter by, e.g. 'Approved'."
- name: linkedin_org_id
in: body
type: string
description: "LinkedIn organization ID to publish job postings to."
steps:
- name: get-requisitions
type: call
call: "workday-talent.list-requisitions"
with:
status: "{{requisition_status}}"
- name: create-sf-opportunity
type: call
call: "salesforce-talent.create-opportunity"
with:
opportunities: "{{get-requisitions.requisitions}}"
- name: publish-linkedin-jobs
type: call
call: "linkedin-talent.create-job-posting"
with:
organization_id: "{{linkedin_org_id}}"
jobs: "{{get-requisitions.requisitions}}"
consumes:
- type: http
namespace: workday-talent
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: job-requisitions
path: "/morganstanley/jobRequisitions"
inputParameters:
- name: status
in: query
operations:
- name: list-requisitions
method: GET
- type: http
namespace: salesforce-talent
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: create-opportunity
method: POST
- type: http
namespace: linkedin-talent
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-postings
path: "/jobPostings"
operations:
- name: create-job-posting
method: POST
Workday Learning Compliance Tracker
▼
hr compliance-training workday microsoft-teams snowflake
Queries Workday Learning for employees with overdue compliance training, sends reminder emails via Microsoft Graph, and logs outreach to Snowflake for tracking.
naftiko: "0.5"
info:
label: "Workday Learning Compliance Tracker"
description: "Queries Workday Learning for employees with overdue compliance training, sends reminder emails via Microsoft Graph, and logs outreach to Snowflake for tracking."
tags:
- hr
- compliance-training
- workday
- microsoft-teams
- snowflake
capability:
exposes:
- type: mcp
namespace: compliance-training
port: 8080
tools:
- name: track-overdue-training
description: "Query Workday for overdue compliance training and send reminders via Teams."
inputParameters:
- name: training_program_id
in: body
type: string
description: "Workday training program identifier."
steps:
- name: get-overdue
type: call
call: "workday-learning.get-overdue"
with:
program_id: "{{training_program_id}}"
- name: send-reminders
type: call
call: "teams-training.send-message"
with:
recipient_upn: "{{get-overdue.employee_email}}"
text: "Action Required: Your compliance training '{{get-overdue.course_name}}' is overdue. Please complete it in Workday Learning immediately."
- name: log-outreach
type: call
call: "snowflake-training.insert-record"
with:
table: "HR.TRAINING_OUTREACH_LOG"
program_id: "{{training_program_id}}"
overdue_count: "{{get-overdue.count}}"
consumes:
- type: http
namespace: workday-learning
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: learning
path: "/morganstanley/learning/overdue"
operations:
- name: get-overdue
method: GET
- type: http
namespace: teams-training
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: snowflake-training
baseUri: "https://morganstanley.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: insert-record
method: POST
Workday Org Chart Change Propagation
▼
hr org-management workday okta servicenow microsoft-teams
When organizational changes occur in Workday, updates Okta group memberships, modifies ServiceNow assignment groups, and notifies affected managers via Microsoft Teams.
naftiko: "0.5"
info:
label: "Workday Org Chart Change Propagation"
description: "When organizational changes occur in Workday, updates Okta group memberships, modifies ServiceNow assignment groups, and notifies affected managers via Microsoft Teams."
tags:
- hr
- org-management
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: org-change
port: 8080
tools:
- name: propagate-org-change
description: "Given a Workday org change event, update Okta groups and ServiceNow assignments."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID affected by the org change."
- name: new_department
in: body
type: string
description: "New department name."
steps:
- name: get-employee
type: call
call: "workday-org.get-worker"
with:
worker_id: "{{employee_id}}"
- name: update-okta-groups
type: call
call: "okta-org.update-group-membership"
with:
user_id: "{{get-employee.work_email}}"
new_group: "{{new_department}}"
- name: update-servicenow
type: call
call: "snow-org.update-assignment"
with:
user_id: "{{get-employee.work_email}}"
new_group: "{{new_department}}"
- name: notify-manager
type: call
call: "teams-org.send-message"
with:
recipient_upn: "{{get-employee.manager_email}}"
text: "Org change processed: {{get-employee.full_name}} moved to {{new_department}}. Okta and ServiceNow updated."
consumes:
- type: http
namespace: workday-org
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/morganstanley/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-org
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: groups
path: "/groups"
operations:
- name: update-group-membership
method: PUT
- type: http
namespace: snow-org
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: users
path: "/table/sys_user"
operations:
- name: update-assignment
method: PATCH
- type: http
namespace: teams-org
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Workday Performance Goal Sync to Jira
▼
hr performance workday jira microsoft-teams
Syncs employee performance goals from Workday to Jira epics for engineering teams and notifies managers via Microsoft Teams when goals are updated.
naftiko: "0.5"
info:
label: "Workday Performance Goal Sync to Jira"
description: "Syncs employee performance goals from Workday to Jira epics for engineering teams and notifies managers via Microsoft Teams when goals are updated."
tags:
- hr
- performance
- workday
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: goal-sync
port: 8080
tools:
- name: sync-goals-to-jira
description: "Given a Workday employee ID, sync their performance goals to Jira epics and notify the manager."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
steps:
- name: get-goals
type: call
call: "workday-goals.get-employee-goals"
with:
worker_id: "{{employee_id}}"
- name: create-epic
type: call
call: "jira-goals.create-issue"
with:
project_key: "ENG"
issuetype: "Epic"
summary: "{{get-goals.goal_title}}"
description: "Workday Goal: {{get-goals.goal_description}}\nDue: {{get-goals.due_date}}"
- name: notify-manager
type: call
call: "teams-goals.send-message"
with:
recipient_upn: "{{get-goals.manager_email}}"
text: "Performance goals synced for {{get-goals.employee_name}}. Jira epic: {{create-epic.key}}"
consumes:
- type: http
namespace: workday-goals
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: goals
path: "/morganstanley/workers/{{worker_id}}/goals"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-employee-goals
method: GET
- type: http
namespace: jira-goals
baseUri: "https://morganstanley.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: teams-goals
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Workday Termination to Okta Deprovisioning
▼
hr security workday okta servicenow
When an employee termination is detected in Workday, deactivates their Okta account, revokes active sessions, and creates a ServiceNow access removal ticket.
naftiko: "0.5"
info:
label: "Workday Termination to Okta Deprovisioning"
description: "When an employee termination is detected in Workday, deactivates their Okta account, revokes active sessions, and creates a ServiceNow access removal ticket."
tags:
- hr
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: termination-deprovisioning
port: 8080
tools:
- name: process-termination
description: "Given a Workday employee ID for a terminated worker, deactivate Okta, revoke sessions, and open a ServiceNow access removal ticket."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID of the terminated worker."
steps:
- name: get-worker-details
type: call
call: "workday-term.get-worker"
with:
worker_id: "{{employee_id}}"
- name: deactivate-okta
type: call
call: "okta-term.deactivate-user"
with:
user_id: "{{get-worker-details.work_email}}"
- name: revoke-sessions
type: call
call: "okta-term.clear-sessions"
with:
user_id: "{{get-worker-details.work_email}}"
- name: create-removal-ticket
type: call
call: "snow-term.create-request"
with:
short_description: "Access removal: {{get-worker-details.full_name}} (terminated)"
description: "Employee {{employee_id}} terminated. Okta deactivated. Remove remaining access: VPN, building access, shared drives."
assignment_group: "IT_Access_Management"
consumes:
- type: http
namespace: workday-term
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/morganstanley/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-term
baseUri: "https://morganstanley.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{user_id}}/lifecycle/deactivate"
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- name: sessions
path: "/users/{{user_id}}/sessions"
inputParameters:
- name: user_id
in: path
operations:
- name: clear-sessions
method: DELETE
- type: http
namespace: snow-term
baseUri: "https://morganstanley.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
Zoom Meeting Details Lookup
▼
communications meetings zoom
Retrieves meeting details including participants, duration, and recording status for a Zoom meeting, supporting compliance recording review.
naftiko: "0.5"
info:
label: "Zoom Meeting Details Lookup"
description: "Retrieves meeting details including participants, duration, and recording status for a Zoom meeting, supporting compliance recording review."
tags:
- communications
- meetings
- zoom
capability:
exposes:
- type: mcp
namespace: zoom-meeting
port: 8080
tools:
- name: get-meeting-details
description: "Given a Zoom meeting ID, return participant count, duration, recording status, and topic."
inputParameters:
- name: meeting_id
in: body
type: string
description: "Zoom meeting ID."
call: "zoom-api.get-meeting"
with:
id: "{{meeting_id}}"
outputParameters:
- name: topic
type: string
mapping: "$.topic"
- name: duration
type: string
mapping: "$.duration"
consumes:
- type: http
namespace: zoom-api
baseUri: "https://api.zoom.us/v2"
authentication:
type: bearer
token: "$secrets.zoom_token"
resources:
- name: meetings
path: "/meetings/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-meeting
method: GET
ZoomInfo Lead Enrichment to Salesforce
▼
sales lead-enrichment zoominfo salesforce slack
Enriches Salesforce leads with ZoomInfo company and contact data, updates the lead record, and notifies the assigned sales representative via Slack.
naftiko: "0.5"
info:
label: "ZoomInfo Lead Enrichment to Salesforce"
description: "Enriches Salesforce leads with ZoomInfo company and contact data, updates the lead record, and notifies the assigned sales representative via Slack."
tags:
- sales
- lead-enrichment
- zoominfo
- salesforce
- slack
capability:
exposes:
- type: mcp
namespace: lead-enrichment
port: 8080
tools:
- name: enrich-salesforce-lead
description: "Given a Salesforce lead ID, enrich with ZoomInfo data, update the lead, and notify the sales rep via Slack."
inputParameters:
- name: lead_id
in: body
type: string
description: "Salesforce lead record ID."
steps:
- name: get-lead
type: call
call: "sfdc-lead.get-lead"
with:
id: "{{lead_id}}"
- name: enrich-from-zoominfo
type: call
call: "zoominfo-api.enrich-contact"
with:
email: "{{get-lead.email}}"
company: "{{get-lead.company}}"
- name: update-lead
type: call
call: "sfdc-lead.update-lead"
with:
id: "{{lead_id}}"
title: "{{enrich-from-zoominfo.job_title}}"
phone: "{{enrich-from-zoominfo.direct_phone}}"
company_revenue: "{{enrich-from-zoominfo.company_revenue}}"
- name: notify-rep
type: call
call: "slack-sales.post-message"
with:
channel: "$secrets.sales_slack_channel"
text: "Lead enriched: {{get-lead.name}} at {{get-lead.company}} | Revenue: {{enrich-from-zoominfo.company_revenue}} | Title: {{enrich-from-zoominfo.job_title}}"
consumes:
- type: http
namespace: sfdc-lead
baseUri: "https://morganstanley.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: leads
path: "/sobjects/Lead/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-lead
method: GET
- name: update-lead
method: PATCH
- type: http
namespace: zoominfo-api
baseUri: "https://api.zoominfo.com"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: contacts
path: "/enrich/contact"
operations:
- name: enrich-contact
method: POST
- type: http
namespace: slack-sales
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_bot_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST