Visa Capabilities
Naftiko 0.5 capability definitions for Visa - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Anthropic Regulatory Document Analysis
▼
ai compliance anthropic sharepoint regulation
Uses Anthropic to analyze incoming regulatory compliance documents and payments industry guidelines, extracting obligations and action items stored in SharePoint for compliance teams.
naftiko: "0.5"
info:
label: "Anthropic Regulatory Document Analysis"
description: "Uses Anthropic to analyze incoming regulatory compliance documents and payments industry guidelines, extracting obligations and action items stored in SharePoint for compliance teams."
tags:
- ai
- compliance
- anthropic
- sharepoint
- regulation
capability:
exposes:
- type: mcp
namespace: regulatory-analysis
port: 8080
tools:
- name: analyze-regulatory-document
description: "Given a regulatory document text, use Anthropic to extract compliance obligations, deadlines, and required actions, then store the structured analysis in SharePoint."
inputParameters:
- name: document_text
in: body
type: string
description: "The full text of the regulatory document to analyze."
- name: document_title
in: body
type: string
description: "Title of the regulatory document."
- name: sharepoint_site_id
in: body
type: string
description: "SharePoint site ID for the compliance document library."
- name: regulation_type
in: body
type: string
description: "Type of regulation (e.g., PCI-DSS, GDPR, AML, Basel-III)."
steps:
- name: analyze-document
type: call
call: "anthropic.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 2048
prompt: "Analyze this {{regulation_type}} regulatory document. Extract: 1) Key compliance obligations (bulleted list), 2) Applicable deadlines, 3) Required actions for Visa as a payment network. Be specific and concise. Document: {{document_text}}"
- name: store-analysis
type: call
call: "sharepoint-compliance.upload-file"
with:
site_id: "{{sharepoint_site_id}}"
folder_path: "ComplianceAnalysis/{{regulation_type}}"
file_name: "{{document_title}}_analysis.txt"
content: "{{analyze-document.content}}"
consumes:
- type: http
namespace: anthropic
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: sharepoint-compliance
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{folder_path}}/{{file_name}}:/content"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
- name: file_name
in: path
operations:
- name: upload-file
method: PUT
AWS Cloud Cost Anomaly Response
▼
cloud finops aws servicenow cost-management
Detects AWS cost anomalies across Visa's cloud accounts and creates ServiceNow FinOps tasks for the cloud engineering team to investigate and optimize.
naftiko: "0.5"
info:
label: "AWS Cloud Cost Anomaly Response"
description: "Detects AWS cost anomalies across Visa's cloud accounts and creates ServiceNow FinOps tasks for the cloud engineering team to investigate and optimize."
tags:
- cloud
- finops
- aws
- servicenow
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-aws-cost-anomaly
description: "Given an AWS account ID and billing period, detect cost anomalies and create a ServiceNow FinOps task when spend exceeds budget. Use for proactive cloud cost governance."
inputParameters:
- name: account_id
in: body
type: string
description: "The AWS account ID to check."
- name: time_period_start
in: body
type: string
description: "Start date for cost analysis in YYYY-MM-DD format."
- name: time_period_end
in: body
type: string
description: "End date for cost analysis in YYYY-MM-DD format."
steps:
- name: get-cost-data
type: call
call: "aws-cost.get-cost-and-usage"
with:
account_id: "{{account_id}}"
start: "{{time_period_start}}"
end: "{{time_period_end}}"
- name: create-finops-task
type: call
call: "servicenow-cloud.create-task"
with:
short_description: "AWS cost anomaly: account {{account_id}} — {{time_period_start}} to {{time_period_end}}"
description: "Total spend: {{get-cost-data.total_cost}}. Review for budget variances and optimization opportunities."
assignment_group: "Cloud_FinOps"
consumes:
- type: http
namespace: aws-cost
baseUri: "https://ce.us-east-1.amazonaws.com"
authentication:
type: bearer
token: "$secrets.aws_access_token"
resources:
- name: cost-and-usage
path: "/GetCostAndUsage"
operations:
- name: get-cost-and-usage
method: POST
- type: http
namespace: servicenow-cloud
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Confluence Payment Spec Lookup
▼
documentation confluence api-specs
Retrieves payment API specification documentation from Confluence.
naftiko: "0.5"
info:
label: "Confluence Payment Spec Lookup"
description: "Retrieves payment API specification documentation from Confluence."
tags:
- documentation
- confluence
- api-specs
capability:
exposes:
- type: mcp
namespace: confluence_payment_s
port: 8080
tools:
- name: query-data
description: "Retrieves payment API specification documentation from Confluence."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
CrowdStrike Endpoint Threat Response
▼
security crowdstrike servicenow pagerduty endpoint-security incident-response
When CrowdStrike detects a critical threat on a Visa endpoint, automatically contains the device, creates a ServiceNow security incident, and pages the SOC via PagerDuty.
naftiko: "0.5"
info:
label: "CrowdStrike Endpoint Threat Response"
description: "When CrowdStrike detects a critical threat on a Visa endpoint, automatically contains the device, creates a ServiceNow security incident, and pages the SOC via PagerDuty."
tags:
- security
- crowdstrike
- servicenow
- pagerduty
- endpoint-security
- incident-response
capability:
exposes:
- type: mcp
namespace: endpoint-threat-response
port: 8080
tools:
- name: respond-to-endpoint-threat
description: "Given a CrowdStrike device ID and detection ID, contain the device, create a P1 ServiceNow security incident, and trigger PagerDuty for SOC response."
inputParameters:
- name: device_id
in: body
type: string
description: "CrowdStrike device ID of the compromised endpoint."
- name: detection_id
in: body
type: string
description: "CrowdStrike detection ID for the threat."
- name: hostname
in: body
type: string
description: "Hostname of the affected endpoint."
- name: threat_name
in: body
type: string
description: "Name or type of the detected threat."
steps:
- name: contain-device
type: call
call: "crowdstrike-contain.contain-host"
with:
device_id: "{{device_id}}"
- name: create-security-incident
type: call
call: "servicenow-cso.create-incident"
with:
short_description: "Endpoint threat: {{threat_name}} on {{hostname}}"
description: "CrowdStrike detection {{detection_id}}: {{threat_name}} on {{hostname}} (device {{device_id}}). Host contained automatically."
category: "security"
urgency: "1"
impact: "1"
- name: page-soc
type: call
call: "pagerduty-soc.create-incident"
with:
title: "Endpoint threat: {{threat_name}} — {{hostname}}"
body: "ServiceNow: {{create-security-incident.number}}. CrowdStrike detection: {{detection_id}}. Host isolated."
service_id: "SOC_SERVICE_ID"
consumes:
- type: http
namespace: crowdstrike-contain
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: device-actions
path: "/devices/entities/devices-actions/v2"
operations:
- name: contain-host
method: POST
- type: http
namespace: servicenow-cso
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty-soc
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
Datadog API Gateway Health
▼
observability datadog api-gateway
Returns health status and error rates for Visa API gateway from Datadog.
naftiko: "0.5"
info:
label: "Datadog API Gateway Health"
description: "Returns health status and error rates for Visa API gateway from Datadog."
tags:
- observability
- datadog
- api-gateway
capability:
exposes:
- type: mcp
namespace: datadog_api_gateway_
port: 8080
tools:
- name: query-data
description: "Returns health status and error rates for Visa API gateway from Datadog."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Datadog Infrastructure Health Digest
▼
observability datadog microsoft-teams reporting infrastructure
Generates a daily Datadog infrastructure health digest for Visa's payment processing clusters and posts the summary to the platform engineering Teams channel.
naftiko: "0.5"
info:
label: "Datadog Infrastructure Health Digest"
description: "Generates a daily Datadog infrastructure health digest for Visa's payment processing clusters and posts the summary to the platform engineering Teams channel."
tags:
- observability
- datadog
- microsoft-teams
- reporting
- infrastructure
capability:
exposes:
- type: mcp
namespace: infra-health-digest
port: 8080
tools:
- name: digest-infrastructure-health
description: "Fetch Datadog host and monitor summary for payment processing infrastructure and post a daily health digest to the platform Teams channel."
inputParameters:
- name: environment_tag
in: body
type: string
description: "Datadog environment tag to filter (e.g., env:production,service:payment-auth)."
- name: platform_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for platform engineering."
steps:
- name: get-host-status
type: call
call: "datadog-infra.list-hosts"
with:
filter: "{{environment_tag}}"
- name: get-monitor-summary
type: call
call: "datadog-infra.get-monitor-summary"
with:
tags: "{{environment_tag}}"
- name: post-digest
type: call
call: "msteams-platform.post-message"
with:
channel_id: "{{platform_channel_id}}"
text: "Infrastructure Health ({{environment_tag}}): {{get-host-status.total_matching}} hosts. Monitors — OK: {{get-monitor-summary.ok_count}}, Warn: {{get-monitor-summary.warn_count}}, Critical: {{get-monitor-summary.critical_count}}."
consumes:
- type: http
namespace: datadog-infra
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: hosts
path: "/hosts"
operations:
- name: list-hosts
method: GET
- name: monitor-summary
path: "/monitor/summary"
operations:
- name: get-monitor-summary
method: GET
- type: http
namespace: msteams-platform
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Datadog Payment Latency Check
▼
observability datadog payments
Returns current payment processing latency metrics from Datadog APM.
naftiko: "0.5"
info:
label: "Datadog Payment Latency Check"
description: "Returns current payment processing latency metrics from Datadog APM."
tags:
- observability
- datadog
- payments
capability:
exposes:
- type: mcp
namespace: datadog_payment_late
port: 8080
tools:
- name: query-data
description: "Returns current payment processing latency metrics from Datadog APM."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Datadog Payment Processing SLO Monitor
▼
observability datadog servicenow slo payment-processing incident-response
Monitors Datadog SLOs for Visa's payment authorization and settlement services and creates P1 ServiceNow incidents when SLO compliance drops below the defined threshold.
naftiko: "0.5"
info:
label: "Datadog Payment Processing SLO Monitor"
description: "Monitors Datadog SLOs for Visa's payment authorization and settlement services and creates P1 ServiceNow incidents when SLO compliance drops below the defined threshold."
tags:
- observability
- datadog
- servicenow
- slo
- payment-processing
- incident-response
capability:
exposes:
- type: mcp
namespace: payment-slo-monitor
port: 8080
tools:
- name: check-payment-slo-compliance
description: "Fetch SLO compliance data from Datadog for payment processing services and create a P1 ServiceNow incident if compliance drops below the threshold. Use for continuous payment SLO monitoring."
inputParameters:
- name: slo_id
in: body
type: string
description: "The Datadog SLO ID for the payment service to check."
- name: compliance_threshold
in: body
type: number
description: "Minimum acceptable SLO compliance percentage (e.g., 99.9)."
- name: timeframe
in: body
type: string
description: "Compliance check window: 7d, 30d."
steps:
- name: get-slo-status
type: call
call: "datadog.get-slo-history"
with:
slo_id: "{{slo_id}}"
timeframe: "{{timeframe}}"
- name: create-p1-incident
type: call
call: "servicenow-slo.create-incident"
with:
short_description: "Payment SLO breach: {{slo_id}} below {{compliance_threshold}}%"
description: "Datadog SLO {{slo_id}} compliance dropped to {{get-slo-status.overall_compliance}}%, below threshold of {{compliance_threshold}}%. Immediate remediation required."
urgency: "1"
impact: "1"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slo-history
path: "/slo/history"
operations:
- name: get-slo-history
method: GET
- type: http
namespace: servicenow-slo
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Employee Offboarding and Access Revocation
▼
hr offboarding workday okta azure-ad servicenow
When an employee departure is recorded in Workday, deactivates the Okta account, disables Azure AD access, and closes open ServiceNow tickets.
naftiko: "0.5"
info:
label: "Employee Offboarding and Access Revocation"
description: "When an employee departure is recorded in Workday, deactivates the Okta account, disables Azure AD access, and closes open ServiceNow tickets."
tags:
- hr
- offboarding
- workday
- okta
- azure-ad
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: "Given a Workday employee ID and last day, deactivate Okta and Azure AD accounts, close open ServiceNow tickets, and notify the manager via Teams."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the departing employee."
- name: last_day
in: body
type: string
description: "Last working day in YYYY-MM-DD format."
- name: manager_upn
in: body
type: string
description: "UPN of the departing employee's manager."
steps:
- name: get-employee
type: call
call: "workday-off.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: deactivate-okta
type: call
call: "okta-off.deactivate-user"
with:
login: "{{get-employee.work_email}}"
- name: disable-azure-ad
type: call
call: "azuread.disable-user"
with:
user_id: "{{get-employee.azure_object_id}}"
- name: notify-manager
type: call
call: "msteams-off.send-message"
with:
recipient_upn: "{{manager_upn}}"
text: "Offboarding complete for {{get-employee.full_name}} (last day: {{last_day}}). Okta and Azure AD accounts disabled."
consumes:
- type: http
namespace: workday-off
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-off
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{login}}/lifecycle/deactivate"
inputParameters:
- name: login
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: azuread
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_id}}"
inputParameters:
- name: user_id
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: msteams-off
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Employee Onboarding Orchestrator
▼
hr onboarding workday servicenow okta microsoft-teams
On new hire creation in Workday, opens a ServiceNow onboarding ticket, provisions an Okta account with appropriate security groups, and sends a Microsoft Teams welcome message.
naftiko: "0.5"
info:
label: "Employee Onboarding Orchestrator"
description: "On new hire creation in Workday, opens a ServiceNow onboarding ticket, provisions an Okta account with appropriate security groups, and sends a Microsoft Teams welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full onboarding sequence across ServiceNow, Okta, and Microsoft Teams."
inputParameters:
- name: workday_employee_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "The employee start date in YYYY-MM-DD format."
- name: job_role
in: body
type: string
description: "The employee job role determining Okta group membership."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{workday_employee_id}}"
- name: open-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-employee.full_name}}"
category: "hr_onboarding"
assigned_group: "IT_Onboarding"
- name: provision-okta
type: call
call: "okta.create-user"
with:
email: "{{get-employee.work_email}}"
first_name: "{{get-employee.first_name}}"
last_name: "{{get-employee.last_name}}"
department: "{{get-employee.department}}"
- name: send-welcome
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{get-employee.work_email}}"
text: "Welcome to Visa, {{get-employee.first_name}}! Your IT onboarding ticket is {{open-ticket.number}} and your Okta account is ready."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Fraud Alert Investigation Handler
▼
security fraud splunk crowdstrike servicenow pagerduty incident-response
When a Splunk fraud detection alert fires, creates a CrowdStrike investigation, opens a P1 ServiceNow security incident, and pages the fraud operations team via PagerDuty.
naftiko: "0.5"
info:
label: "Fraud Alert Investigation Handler"
description: "When a Splunk fraud detection alert fires, creates a CrowdStrike investigation, opens a P1 ServiceNow security incident, and pages the fraud operations team via PagerDuty."
tags:
- security
- fraud
- splunk
- crowdstrike
- servicenow
- pagerduty
- incident-response
capability:
exposes:
- type: mcp
namespace: fraud-ops
port: 8080
tools:
- name: handle-fraud-alert
description: "Given a Splunk fraud alert ID and affected account or entity, create a CrowdStrike detection, open a P1 ServiceNow security incident, and trigger PagerDuty for the fraud ops team."
inputParameters:
- name: alert_id
in: body
type: string
description: "The Splunk alert ID or correlation search ID."
- name: entity_id
in: body
type: string
description: "The affected account, card, or entity identifier."
- name: fraud_type
in: body
type: string
description: "Type of fraud detected (e.g., account_takeover, card_not_present, identity_theft)."
- name: severity
in: body
type: string
description: "Alert severity: critical, high, or medium."
steps:
- name: get-alert-details
type: call
call: "splunk.get-alert-results"
with:
alert_id: "{{alert_id}}"
- name: create-cs-detection
type: call
call: "crowdstrike.create-detection"
with:
hostname: "fraud-ops-investigation"
description: "Fraud event {{fraud_type}} for entity {{entity_id}}. Splunk alert: {{alert_id}}."
- name: create-p1-incident
type: call
call: "servicenow-fraud.create-incident"
with:
short_description: "[{{severity}}] Fraud alert: {{fraud_type}} — entity {{entity_id}}"
description: "Splunk alert {{alert_id}} detected {{fraud_type}} for {{entity_id}}. CrowdStrike detection: {{create-cs-detection.detection_id}}. Details: {{get-alert-details.results}}"
category: "fraud_investigation"
urgency: "1"
- name: page-fraud-team
type: call
call: "pagerduty.create-incident"
with:
title: "Fraud Alert: {{fraud_type}} — {{entity_id}}"
body: "ServiceNow: {{create-p1-incident.number}}. CrowdStrike: {{create-cs-detection.detection_id}}. Splunk: {{alert_id}}."
service_id: "FRAUD_OPS_SERVICE"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.visa.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: alert-results
path: "/search/jobs/{{alert_id}}/results"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert-results
method: GET
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: detections
path: "/detects/entities/detects/v2"
operations:
- name: create-detection
method: PATCH
- type: http
namespace: servicenow-fraud
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
GitHub CI/CD Pipeline Failure Handler
▼
devops cicd github jira microsoft-teams datadog
When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts an alert to the engineering Microsoft Teams channel, and marks a Datadog deployment event.
naftiko: "0.5"
info:
label: "GitHub CI/CD Pipeline Failure Handler"
description: "When a GitHub Actions pipeline fails on a protected branch, creates a Jira bug, posts an alert to the engineering Microsoft Teams channel, and marks a Datadog deployment event."
tags:
- devops
- cicd
- github
- jira
- microsoft-teams
- datadog
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions run ID and repository, create a Jira bug, post a Teams alert, and create a Datadog deployment event. Use when a protected-branch pipeline fails."
inputParameters:
- name: run_id
in: body
type: string
description: "The GitHub Actions workflow run ID."
- name: repository
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: branch
in: body
type: string
description: "The branch name where the pipeline failed."
- name: workflow_name
in: body
type: string
description: "The name of the failed workflow."
steps:
- name: get-run
type: call
call: "github.get-workflow-run"
with:
repo: "{{repository}}"
run_id: "{{run_id}}"
- name: create-bug
type: call
call: "jira.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{repository}} / {{branch}} — {{workflow_name}}"
description: "Run {{run_id}} failed. URL: {{get-run.html_url}}"
- name: post-teams-alert
type: call
call: "msteams-eng.post-message"
with:
channel_id: "engineering-alerts"
text: "Pipeline Failure: {{repository}} | Branch: {{branch}} | Jira: {{create-bug.key}} | Run: {{get-run.html_url}}"
- name: create-dd-event
type: call
call: "datadog-deploy.create-event"
with:
title: "CI Failure: {{repository}} / {{branch}}"
text: "Pipeline {{run_id}} failed. Jira: {{create-bug.key}}"
alert_type: "error"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflow-runs
path: "/repos/{{repo}}/actions/runs/{{run_id}}"
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams-eng
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
- type: http
namespace: datadog-deploy
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
GitHub Dependabot Critical Vulnerability Triage
▼
security github servicenow vulnerability dependency-management pci-dss
Monitors GitHub Dependabot critical vulnerability alerts across Visa's payment platform repositories and creates ServiceNow security incidents for immediate remediation.
naftiko: "0.5"
info:
label: "GitHub Dependabot Critical Vulnerability Triage"
description: "Monitors GitHub Dependabot critical vulnerability alerts across Visa's payment platform repositories and creates ServiceNow security incidents for immediate remediation."
tags:
- security
- github
- servicenow
- vulnerability
- dependency-management
- pci-dss
capability:
exposes:
- type: mcp
namespace: vuln-triage
port: 8080
tools:
- name: triage-critical-vulnerability
description: "Given a GitHub repository and Dependabot alert number, create a ServiceNow security incident for critical vulnerability tracking and assign it to the platform security team."
inputParameters:
- name: repository
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: alert_number
in: body
type: integer
description: "Dependabot alert number."
steps:
- name: get-alert
type: call
call: "github-dep.get-dependabot-alert"
with:
repo: "{{repository}}"
alert_number: "{{alert_number}}"
- name: create-snow-incident
type: call
call: "servicenow-dep.create-incident"
with:
short_description: "Critical vulnerability: {{get-alert.security_advisory.cve_id}} in {{repository}}"
description: "Package: {{get-alert.dependency.package.name}}. CVE: {{get-alert.security_advisory.cve_id}}. CVSS: {{get-alert.security_advisory.cvss_score}}. Requires remediation within SLA."
category: "security"
urgency: "1"
consumes:
- type: http
namespace: github-dep
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dependabot-alerts
path: "/repos/{{repo}}/dependabot/alerts/{{alert_number}}"
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: servicenow-dep
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
GitHub Payment Service Release Lookup
▼
devops github releases
Returns the latest release details for a Visa payment service repository.
naftiko: "0.5"
info:
label: "GitHub Payment Service Release Lookup"
description: "Returns the latest release details for a Visa payment service repository."
tags:
- devops
- github
- releases
capability:
exposes:
- type: mcp
namespace: github_payment_servi
port: 8080
tools:
- name: query-data
description: "Returns the latest release details for a Visa payment service repository."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
GitHub Release Notes Publisher
▼
devops release-management github anthropic microsoft-teams servicenow
On a successful GitHub release, generates structured release notes using Anthropic and publishes them to the Microsoft Teams engineering channel and updates the ServiceNow CMDB.
naftiko: "0.5"
info:
label: "GitHub Release Notes Publisher"
description: "On a successful GitHub release, generates structured release notes using Anthropic and publishes them to the Microsoft Teams engineering channel and updates the ServiceNow CMDB."
tags:
- devops
- release-management
- github
- anthropic
- microsoft-teams
- servicenow
capability:
exposes:
- type: mcp
namespace: release-management
port: 8080
tools:
- name: publish-release-notes
description: "Given a GitHub release tag and repository, generate formatted release notes via Anthropic, post to Teams, and update the ServiceNow CMDB CI record."
inputParameters:
- name: repository
in: body
type: string
description: "GitHub repository in owner/repo format."
- name: release_tag
in: body
type: string
description: "The GitHub release tag (e.g., v3.1.0)."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel for release notes."
- name: cmdb_ci_id
in: body
type: string
description: "ServiceNow CMDB application CI sys_id to update."
steps:
- name: get-release
type: call
call: "github-release.get-release"
with:
repo: "{{repository}}"
tag: "{{release_tag}}"
- name: format-notes
type: call
call: "anthropic-notes.create-message"
with:
model: "claude-opus-4-5"
max_tokens: 512
prompt: "Format these GitHub release notes for a payments technology audience. Be concise, highlight security fixes prominently, and use bullet points: {{get-release.body}}"
- name: post-to-teams
type: call
call: "msteams-release.post-message"
with:
channel_id: "{{teams_channel_id}}"
text: "Release {{release_tag}} for {{repository}}: {{format-notes.content}}"
- name: update-cmdb
type: call
call: "servicenow-cmdb.update-ci"
with:
sys_id: "{{cmdb_ci_id}}"
version: "{{release_tag}}"
consumes:
- type: http
namespace: github-release
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: releases
path: "/repos/{{repo}}/releases/tags/{{tag}}"
inputParameters:
- name: repo
in: path
- name: tag
in: path
operations:
- name: get-release
method: GET
- type: http
namespace: anthropic-notes
baseUri: "https://api.anthropic.com/v1"
authentication:
type: apikey
key: "x-api-key"
value: "$secrets.anthropic_api_key"
placement: header
resources:
- name: messages
path: "/messages"
operations:
- name: create-message
method: POST
- type: http
namespace: msteams-release
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow-cmdb
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb-ci
path: "/table/cmdb_ci_appl/{{sys_id}}"
inputParameters:
- name: sys_id
in: path
operations:
- name: update-ci
method: PATCH
Jira Compliance Ticket Lookup
▼
compliance jira pci
Returns status and details of a PCI compliance Jira ticket.
naftiko: "0.5"
info:
label: "Jira Compliance Ticket Lookup"
description: "Returns status and details of a PCI compliance Jira ticket."
tags:
- compliance
- jira
- pci
capability:
exposes:
- type: mcp
namespace: jira_compliance_tick
port: 8080
tools:
- name: query-data
description: "Returns status and details of a PCI compliance Jira ticket."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Jira Sprint Velocity and Delivery Report
▼
devops jira microsoft-teams reporting agile
Pulls sprint completion metrics from Jira and posts a delivery velocity digest to the product engineering Microsoft Teams channel at the end of each sprint.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity and Delivery Report"
description: "Pulls sprint completion metrics from Jira and posts a delivery velocity digest to the product engineering Microsoft Teams channel at the end of each sprint."
tags:
- devops
- jira
- microsoft-teams
- reporting
- agile
capability:
exposes:
- type: mcp
namespace: agile-reporting
port: 8080
tools:
- name: digest-sprint-delivery
description: "Given a Jira board ID and sprint ID, fetch sprint velocity metrics and post a delivery digest to the product engineering Teams channel."
inputParameters:
- name: board_id
in: body
type: string
description: "Jira board ID."
- name: sprint_id
in: body
type: string
description: "Jira sprint ID to report on."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for the sprint digest."
steps:
- name: get-sprint-data
type: call
call: "jira.get-sprint"
with:
board_id: "{{board_id}}"
sprint_id: "{{sprint_id}}"
- name: post-digest
type: call
call: "msteams-product.post-message"
with:
channel_id: "{{teams_channel_id}}"
text: "Sprint Digest: {{get-sprint-data.name}}. Done: {{get-sprint-data.issues_done}}, Incomplete: {{get-sprint-data.issues_not_done}}, Velocity: {{get-sprint-data.story_points_completed}} pts."
consumes:
- type: http
namespace: jira
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_token"
resources:
- name: sprints
path: "/board/{{board_id}}/sprint/{{sprint_id}}"
inputParameters:
- name: board_id
in: path
- name: sprint_id
in: path
operations:
- name: get-sprint
method: GET
- type: http
namespace: msteams-product
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
LinkedIn Executive Thought Leadership Tracker
▼
marketing linkedin microsoft-teams social-media reporting communications
Fetches LinkedIn engagement analytics for Visa executive thought leadership posts and delivers a weekly performance digest to the communications team via Microsoft Teams.
naftiko: "0.5"
info:
label: "LinkedIn Executive Thought Leadership Tracker"
description: "Fetches LinkedIn engagement analytics for Visa executive thought leadership posts and delivers a weekly performance digest to the communications team via Microsoft Teams."
tags:
- marketing
- linkedin
- microsoft-teams
- social-media
- reporting
- communications
capability:
exposes:
- type: mcp
namespace: exec-comms-reporting
port: 8080
tools:
- name: digest-linkedin-engagement
description: "Fetch LinkedIn organic post analytics for a given organization and post a weekly engagement digest to the communications Teams channel."
inputParameters:
- name: organization_id
in: body
type: string
description: "LinkedIn organization URN for Visa's company page."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for the communications team."
steps:
- name: get-post-analytics
type: call
call: "linkedin.get-organization-follower-stats"
with:
organization_id: "{{organization_id}}"
- name: post-digest
type: call
call: "msteams-comms.post-message"
with:
channel_id: "{{teams_channel_id}}"
text: "LinkedIn Weekly Digest (Visa): Total followers {{get-post-analytics.followerCount}}. Organic impressions this week: {{get-post-analytics.impressionCount}}. Engagement rate: {{get-post-analytics.engagementRate}}%."
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: organization-stats
path: "/organizationalEntityFollowerStatistics"
operations:
- name: get-organization-follower-stats
method: GET
- type: http
namespace: msteams-comms
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Okta Application Provisioning for New Role
▼
identity hr okta workday access-management role-change
When an employee changes roles in Workday, updates their Okta group memberships to provision access for new applications and deprovision access for previous role applications.
naftiko: "0.5"
info:
label: "Okta Application Provisioning for New Role"
description: "When an employee changes roles in Workday, updates their Okta group memberships to provision access for new applications and deprovision access for previous role applications."
tags:
- identity
- hr
- okta
- workday
- access-management
- role-change
capability:
exposes:
- type: mcp
namespace: role-based-provisioning
port: 8080
tools:
- name: reprovision-access-for-role-change
description: "Given a Workday employee ID, new role group ID, and previous role group ID in Okta, remove the employee from the old group and add them to the new group to align application access with their new role."
inputParameters:
- name: employee_email
in: body
type: string
description: "Work email address of the employee changing roles."
- name: new_role_group_id
in: body
type: string
description: "Okta group ID for the new role's application access."
- name: previous_role_group_id
in: body
type: string
description: "Okta group ID for the previous role's application access."
steps:
- name: get-okta-user
type: call
call: "okta-user.get-user"
with:
login: "{{employee_email}}"
- name: remove-old-group
type: call
call: "okta-groups-remove.remove-user-from-group"
with:
group_id: "{{previous_role_group_id}}"
user_id: "{{get-okta-user.id}}"
- name: add-new-group
type: call
call: "okta-groups-add.add-user-to-group"
with:
group_id: "{{new_role_group_id}}"
user_id: "{{get-okta-user.id}}"
consumes:
- type: http
namespace: okta-user
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: users
path: "/users/{{login}}"
inputParameters:
- name: login
in: path
operations:
- name: get-user
method: GET
- type: http
namespace: okta-groups-remove
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_id}}/users/{{user_id}}"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: remove-user-from-group
method: DELETE
- type: http
namespace: okta-groups-add
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_id}}/users/{{user_id}}"
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: add-user-to-group
method: PUT
Okta Payment System Access Check
▼
security okta access-management
Returns user access permissions for payment processing systems from Okta.
naftiko: "0.5"
info:
label: "Okta Payment System Access Check"
description: "Returns user access permissions for payment processing systems from Okta."
tags:
- security
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: okta_payment_system_
port: 8080
tools:
- name: query-data
description: "Returns user access permissions for payment processing systems from Okta."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Okta Privileged Access Review
▼
identity security okta microsoft-teams access-management compliance
Queries Okta for users with privileged application assignments and generates a quarterly access review report delivered to the CISO team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Okta Privileged Access Review"
description: "Queries Okta for users with privileged application assignments and generates a quarterly access review report delivered to the CISO team via Microsoft Teams."
tags:
- identity
- security
- okta
- microsoft-teams
- access-management
- compliance
capability:
exposes:
- type: mcp
namespace: privileged-access-review
port: 8080
tools:
- name: run-privileged-access-review
description: "Fetch Okta users with privileged application group memberships and post an access review summary to the CISO Teams channel. Use for quarterly compliance reviews."
inputParameters:
- name: privileged_group_id
in: body
type: string
description: "Okta group ID representing privileged application access."
- name: ciso_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for the CISO team."
steps:
- name: get-privileged-users
type: call
call: "okta.list-group-members"
with:
group_id: "{{privileged_group_id}}"
- name: post-review-report
type: call
call: "msteams-ciso.post-message"
with:
channel_id: "{{ciso_channel_id}}"
text: "Privileged Access Review: {{get-privileged-users.total}} users in privileged group {{privileged_group_id}}. Review and certify access in Okta."
consumes:
- type: http
namespace: okta
baseUri: "https://visa.okta.com/api/v1"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.okta_token"
placement: header
resources:
- name: group-members
path: "/groups/{{group_id}}/users"
inputParameters:
- name: group_id
in: path
operations:
- name: list-group-members
method: GET
- type: http
namespace: msteams-ciso
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Oracle ERP Purchase Order Lookup
▼
finance procurement oracle purchase-order
Looks up an Oracle ERP purchase order by number and returns structured header status, supplier details, and line item amounts.
naftiko: "0.5"
info:
label: "Oracle ERP Purchase Order Lookup"
description: "Looks up an Oracle ERP purchase order by number and returns structured header status, supplier details, and line item amounts."
tags:
- finance
- procurement
- oracle
- purchase-order
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: "Look up an Oracle Cloud ERP purchase order by PO number. Returns status, supplier name, total value, and currency. Use for procurement status checks and invoice validation."
inputParameters:
- name: po_number
in: body
type: string
description: "The Oracle purchase order number."
call: "oracle-po.get-purchase-order"
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: supplier
type: string
mapping: "$.supplier.SupplierName"
- name: total_amount
type: string
mapping: "$.orderAmount"
- name: currency
type: string
mapping: "$.currencyCode"
consumes:
- type: http
namespace: oracle-po
baseUri: "https://visa.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: purchase-orders
path: "/purchaseOrders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-purchase-order
method: GET
Oracle Period-Close Financial Checklist
▼
finance period-close oracle servicenow reporting
At month end, queries Oracle ERP for open AP items and journal entries requiring action, then creates a period-close ServiceNow task for the finance controller team.
naftiko: "0.5"
info:
label: "Oracle Period-Close Financial Checklist"
description: "At month end, queries Oracle ERP for open AP items and journal entries requiring action, then creates a period-close ServiceNow task for the finance controller team."
tags:
- finance
- period-close
- oracle
- servicenow
- reporting
capability:
exposes:
- type: mcp
namespace: finance-period-close
port: 8080
tools:
- name: run-period-close-checklist
description: "Given a fiscal period and Oracle ledger ID, fetch open AP and pending journal items, then create a ServiceNow period-close task for the finance team."
inputParameters:
- name: fiscal_period
in: body
type: string
description: "Fiscal period in YYYYMM format."
- name: ledger_id
in: body
type: string
description: "Oracle General Ledger ledger ID."
- name: finance_group
in: body
type: string
description: "ServiceNow assignment group for the finance controller team."
steps:
- name: get-open-ap
type: call
call: "oracle-payables.get-open-invoices"
with:
fiscal_period: "{{fiscal_period}}"
ledger_id: "{{ledger_id}}"
- name: create-close-task
type: call
call: "servicenow-period.create-task"
with:
short_description: "Period close: {{fiscal_period}} — {{get-open-ap.count}} open AP items"
description: "Oracle ERP open AP items for period {{fiscal_period}}: {{get-open-ap.count}} invoices totaling {{get-open-ap.total_amount}} {{get-open-ap.currency}}. Clear before period close."
assignment_group: "{{finance_group}}"
consumes:
- type: http
namespace: oracle-payables
baseUri: "https://visa.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: invoices
path: "/invoices"
operations:
- name: get-open-invoices
method: GET
- type: http
namespace: servicenow-period
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
PagerDuty Incident Escalation to ServiceNow
▼
itsm incident-response pagerduty servicenow microsoft-teams escalation
When a PagerDuty incident escalates to a critical severity, automatically creates a corresponding ServiceNow P1 incident and notifies the incident commander via Microsoft Teams.
naftiko: "0.5"
info:
label: "PagerDuty Incident Escalation to ServiceNow"
description: "When a PagerDuty incident escalates to a critical severity, automatically creates a corresponding ServiceNow P1 incident and notifies the incident commander via Microsoft Teams."
tags:
- itsm
- incident-response
- pagerduty
- servicenow
- microsoft-teams
- escalation
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-pagerduty-incident
description: "Given a PagerDuty incident ID, fetch its details, create a P1 ServiceNow incident, and notify the incident commander via Teams. Use when on-call escalation reaches critical severity."
inputParameters:
- name: pagerduty_incident_id
in: body
type: string
description: "The PagerDuty incident ID to escalate."
- name: incident_commander_upn
in: body
type: string
description: "UPN of the incident commander to notify via Teams."
steps:
- name: get-pd-incident
type: call
call: "pagerduty.get-incident"
with:
incident_id: "{{pagerduty_incident_id}}"
- name: create-snow-incident
type: call
call: "servicenow-p1.create-incident"
with:
short_description: "P1 Escalation: {{get-pd-incident.title}}"
description: "PagerDuty incident {{pagerduty_incident_id}} escalated. Service: {{get-pd-incident.service.name}}. Status: {{get-pd-incident.status}}."
urgency: "1"
impact: "1"
- name: notify-ic
type: call
call: "msteams-ic.send-message"
with:
recipient_upn: "{{incident_commander_upn}}"
text: "P1 Incident Escalated: {{get-pd-incident.title}}. ServiceNow: {{create-snow-incident.number}}. PagerDuty: {{pagerduty_incident_id}}. Bridge required immediately."
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: apikey
key: "Authorization"
value: "$secrets.pagerduty_token"
placement: header
resources:
- name: incidents
path: "/incidents/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: servicenow-p1
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-ic
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
PagerDuty Payment On-Call Lookup
▼
operations pagerduty payments
Returns the current on-call engineer for payment processing services.
naftiko: "0.5"
info:
label: "PagerDuty Payment On-Call Lookup"
description: "Returns the current on-call engineer for payment processing services."
tags:
- operations
- pagerduty
- payments
capability:
exposes:
- type: mcp
namespace: pagerduty_payment_on
port: 8080
tools:
- name: query-data
description: "Returns the current on-call engineer for payment processing services."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Salesforce Account NPS Update
▼
crm customer-success salesforce nps reporting
Updates Salesforce account records with the latest NPS survey scores and verbatim comments to enable account teams to identify at-risk relationships.
naftiko: "0.5"
info:
label: "Salesforce Account NPS Update"
description: "Updates Salesforce account records with the latest NPS survey scores and verbatim comments to enable account teams to identify at-risk relationships."
tags:
- crm
- customer-success
- salesforce
- nps
- reporting
capability:
exposes:
- type: mcp
namespace: crm-nps
port: 8080
tools:
- name: update-account-nps
description: "Given a Salesforce account ID, NPS score, and comment, update the account record with the latest survey result. Use after NPS surveys are completed by banking or merchant partners."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID (18-character)."
- name: nps_score
in: body
type: integer
description: "The NPS score (0–10)."
- name: nps_comment
in: body
type: string
description: "Verbatim NPS comment from the partner."
- name: survey_date
in: body
type: string
description: "Date of the NPS survey in YYYY-MM-DD format."
call: "salesforce-nps.update-account"
with:
account_id: "{{account_id}}"
nps_score__c: "{{nps_score}}"
nps_comment__c: "{{nps_comment}}"
nps_date__c: "{{survey_date}}"
consumes:
- type: http
namespace: salesforce-nps
baseUri: "https://visa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
Salesforce Issuer Account Lookup
▼
payments salesforce issuers
Returns issuer bank account details from Salesforce including relationship tier and volume.
naftiko: "0.5"
info:
label: "Salesforce Issuer Account Lookup"
description: "Returns issuer bank account details from Salesforce including relationship tier and volume."
tags:
- payments
- salesforce
- issuers
capability:
exposes:
- type: mcp
namespace: salesforce_issuer_ac
port: 8080
tools:
- name: query-data
description: "Returns issuer bank account details from Salesforce including relationship tier and volume."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Salesforce Issuer Relationship Health Dashboard Sync
▼
crm salesforce snowflake customer-success data-enrichment payments
Enriches Salesforce issuer account records with transaction health scores from Snowflake to provide account managers with a real-time view of relationship health.
naftiko: "0.5"
info:
label: "Salesforce Issuer Relationship Health Dashboard Sync"
description: "Enriches Salesforce issuer account records with transaction health scores from Snowflake to provide account managers with a real-time view of relationship health."
tags:
- crm
- salesforce
- snowflake
- customer-success
- data-enrichment
- payments
capability:
exposes:
- type: mcp
namespace: issuer-health-sync
port: 8080
tools:
- name: sync-issuer-health-score
description: "Given a Salesforce account ID and issuer BIN range, query Snowflake for transaction health KPIs and update the Salesforce account with a calculated health score."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce issuer account ID (18-character)."
- name: bin_range
in: body
type: string
description: "Bank Identification Number (BIN) range for the issuer."
steps:
- name: get-transaction-kpis
type: call
call: "snowflake-issuer.execute-query"
with:
statement: "SELECT avg_approval_rate, decline_rate, dispute_rate, transaction_volume FROM payments.issuer_health WHERE bin_range = '{{bin_range}}' AND report_date = CURRENT_DATE"
- name: update-sf-account
type: call
call: "salesforce-issuers.update-account"
with:
account_id: "{{account_id}}"
approval_rate__c: "{{get-transaction-kpis.avg_approval_rate}}"
decline_rate__c: "{{get-transaction-kpis.decline_rate}}"
dispute_rate__c: "{{get-transaction-kpis.dispute_rate}}"
consumes:
- type: http
namespace: snowflake-issuer
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: salesforce-issuers
baseUri: "https://visa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
Salesforce Partner Opportunity Sync
▼
crm sales salesforce oracle microsoft-teams partner-management
When a Salesforce partner opportunity reaches Closed Won, creates a corresponding Oracle ERP project record and sends a Microsoft Teams notification to the partner success team.
naftiko: "0.5"
info:
label: "Salesforce Partner Opportunity Sync"
description: "When a Salesforce partner opportunity reaches Closed Won, creates a corresponding Oracle ERP project record and sends a Microsoft Teams notification to the partner success team."
tags:
- crm
- sales
- salesforce
- oracle
- microsoft-teams
- partner-management
capability:
exposes:
- type: mcp
namespace: crm-partner-sync
port: 8080
tools:
- name: sync-partner-opportunity
description: "Given a Salesforce opportunity ID, fetch deal details, create a project in Oracle ERP, and notify the partner success Teams channel."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce opportunity record ID (18-character)."
- name: partner_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for the partner success team."
steps:
- name: get-opportunity
type: call
call: "salesforce.get-opportunity"
with:
opportunity_id: "{{opportunity_id}}"
- name: create-oracle-project
type: call
call: "oracle-projects.create-project"
with:
project_name: "{{get-opportunity.Name}}"
customer_name: "{{get-opportunity.Account.Name}}"
amount: "{{get-opportunity.Amount}}"
- name: notify-team
type: call
call: "msteams-partner.post-message"
with:
channel_id: "{{partner_channel_id}}"
text: "Partner deal closed: {{get-opportunity.Name}} ({{get-opportunity.Amount}} {{get-opportunity.CurrencyIsoCode}}). Oracle project created: {{create-oracle-project.project_id}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://visa.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: oracle-projects
baseUri: "https://visa.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: projects
path: "/projects"
operations:
- name: create-project
method: POST
- type: http
namespace: msteams-partner
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Salesforce Partner Program Lookup
▼
payments salesforce partners
Returns partner program tier, status, and integration details from Salesforce.
naftiko: "0.5"
info:
label: "Salesforce Partner Program Lookup"
description: "Returns partner program tier, status, and integration details from Salesforce."
tags:
- payments
- salesforce
- partners
capability:
exposes:
- type: mcp
namespace: salesforce_partner_p
port: 8080
tools:
- name: query-data
description: "Returns partner program tier, status, and integration details from Salesforce."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
ServiceNow Change Management for Payment Infrastructure
▼
itsm change-management servicenow payment-infrastructure approval
Submits and routes change requests for Visa payment infrastructure modifications through the CAB approval workflow in ServiceNow.
naftiko: "0.5"
info:
label: "ServiceNow Change Management for Payment Infrastructure"
description: "Submits and routes change requests for Visa payment infrastructure modifications through the CAB approval workflow in ServiceNow."
tags:
- itsm
- change-management
- servicenow
- payment-infrastructure
- approval
capability:
exposes:
- type: mcp
namespace: payment-change-mgmt
port: 8080
tools:
- name: submit-payment-infrastructure-change
description: "Given a change description and maintenance window, create a ServiceNow change request for a payment infrastructure modification and assign to the CAB for review."
inputParameters:
- name: change_description
in: body
type: string
description: "Description of the proposed payment infrastructure change."
- name: risk_level
in: body
type: string
description: "Change risk level: low, medium, high, or critical."
- name: scheduled_start
in: body
type: string
description: "Planned start datetime in ISO 8601 format."
- name: scheduled_end
in: body
type: string
description: "Planned end datetime in ISO 8601 format."
call: "servicenow-change.create-change-request"
with:
short_description: "{{change_description}}"
risk: "{{risk_level}}"
start_date: "{{scheduled_start}}"
end_date: "{{scheduled_end}}"
assignment_group: "Payment_CAB"
outputParameters:
- name: change_number
type: string
mapping: "$.result.number"
consumes:
- type: http
namespace: servicenow-change
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: change-requests
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
ServiceNow Payment Incident Lookup
▼
operations servicenow payments
Returns the status and details of a payment processing incident from ServiceNow.
naftiko: "0.5"
info:
label: "ServiceNow Payment Incident Lookup"
description: "Returns the status and details of a payment processing incident from ServiceNow."
tags:
- operations
- servicenow
- payments
capability:
exposes:
- type: mcp
namespace: servicenow_payment_i
port: 8080
tools:
- name: query-data
description: "Returns the status and details of a payment processing incident from ServiceNow."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Cross-Border Volume Query
▼
payments snowflake cross-border
Queries cross-border transaction volumes by corridor from Snowflake.
naftiko: "0.5"
info:
label: "Snowflake Cross-Border Volume Query"
description: "Queries cross-border transaction volumes by corridor from Snowflake."
tags:
- payments
- snowflake
- cross-border
capability:
exposes:
- type: mcp
namespace: snowflake_cross_bord
port: 8080
tools:
- name: query-data
description: "Queries cross-border transaction volumes by corridor from Snowflake."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Dispute Resolution Metrics
▼
payments snowflake disputes
Queries dispute resolution time and success rate metrics from Snowflake.
naftiko: "0.5"
info:
label: "Snowflake Dispute Resolution Metrics"
description: "Queries dispute resolution time and success rate metrics from Snowflake."
tags:
- payments
- snowflake
- disputes
capability:
exposes:
- type: mcp
namespace: snowflake_dispute_re
port: 8080
tools:
- name: query-data
description: "Queries dispute resolution time and success rate metrics from Snowflake."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Fraud Metrics Query
▼
security snowflake fraud-detection
Queries Snowflake for fraud detection metrics including false positive rates.
naftiko: "0.5"
info:
label: "Snowflake Fraud Metrics Query"
description: "Queries Snowflake for fraud detection metrics including false positive rates."
tags:
- security
- snowflake
- fraud-detection
capability:
exposes:
- type: mcp
namespace: snowflake_fraud_metr
port: 8080
tools:
- name: query-data
description: "Queries Snowflake for fraud detection metrics including false positive rates."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Settlement Report Query
▼
payments snowflake settlements
Queries Snowflake for daily settlement totals by currency and network.
naftiko: "0.5"
info:
label: "Snowflake Settlement Report Query"
description: "Queries Snowflake for daily settlement totals by currency and network."
tags:
- payments
- snowflake
- settlements
capability:
exposes:
- type: mcp
namespace: snowflake_settlement
port: 8080
tools:
- name: query-data
description: "Queries Snowflake for daily settlement totals by currency and network."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Tokenization Metrics Query
▼
payments snowflake tokenization
Queries token provisioning rates and usage metrics from Snowflake.
naftiko: "0.5"
info:
label: "Snowflake Tokenization Metrics Query"
description: "Queries token provisioning rates and usage metrics from Snowflake."
tags:
- payments
- snowflake
- tokenization
capability:
exposes:
- type: mcp
namespace: snowflake_tokenizati
port: 8080
tools:
- name: query-data
description: "Queries token provisioning rates and usage metrics from Snowflake."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Snowflake Transaction Analytics Report
▼
analytics snowflake microsoft-teams reporting payments
Executes Snowflake analytics queries on Visa's transaction data and delivers a formatted daily transaction volume and approval rate report to the payments leadership Teams channel.
naftiko: "0.5"
info:
label: "Snowflake Transaction Analytics Report"
description: "Executes Snowflake analytics queries on Visa's transaction data and delivers a formatted daily transaction volume and approval rate report to the payments leadership Teams channel."
tags:
- analytics
- snowflake
- microsoft-teams
- reporting
- payments
capability:
exposes:
- type: mcp
namespace: payments-analytics
port: 8080
tools:
- name: digest-transaction-analytics
description: "Run a Snowflake transaction analytics query and post a daily volume and approval rate digest to the payments leadership Teams channel."
inputParameters:
- name: reporting_date
in: body
type: string
description: "The reporting date in YYYY-MM-DD format."
- name: region
in: body
type: string
description: "Transaction region filter (e.g., NAP, LAP, CEMEA, AP)."
- name: teams_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for the payments leadership team."
steps:
- name: run-analytics-query
type: call
call: "snowflake.execute-query"
with:
statement: "SELECT region, SUM(transaction_count) as volume, AVG(approval_rate) as approval_rate, SUM(transaction_amount_usd) as total_value FROM payments.daily_transactions WHERE transaction_date = '{{reporting_date}}' AND region = '{{region}}' GROUP BY region"
- name: post-digest
type: call
call: "msteams-payments.post-message"
with:
channel_id: "{{teams_channel_id}}"
text: "Transaction Digest ({{reporting_date}}, {{region}}): Volume {{run-analytics-query.volume}}, Approval rate {{run-analytics-query.approval_rate}}%, Total value ${{run-analytics-query.total_value}}."
consumes:
- type: http
namespace: snowflake
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams-payments
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Splunk PCI Compliance Log Audit
▼
security compliance splunk servicenow pci-dss audit
Queries Splunk for PCI-DSS required log events and generates a compliance audit report, creating a ServiceNow compliance record for the QSA review process.
naftiko: "0.5"
info:
label: "Splunk PCI Compliance Log Audit"
description: "Queries Splunk for PCI-DSS required log events and generates a compliance audit report, creating a ServiceNow compliance record for the QSA review process."
tags:
- security
- compliance
- splunk
- servicenow
- pci-dss
- audit
capability:
exposes:
- type: mcp
namespace: pci-audit
port: 8080
tools:
- name: run-pci-log-audit
description: "Query Splunk for PCI-DSS required log events over a given period, summarize findings, and create a ServiceNow compliance record for the audit trail. Use for quarterly PCI assessments."
inputParameters:
- name: audit_start
in: body
type: string
description: "Start of the audit period in ISO 8601 format."
- name: audit_end
in: body
type: string
description: "End of the audit period in ISO 8601 format."
- name: pci_scope
in: body
type: string
description: "PCI scope identifier (e.g., CDE, connected-systems)."
steps:
- name: query-logs
type: call
call: "splunk-pci.search-events"
with:
query: "index=pci_logs earliest={{audit_start}} latest={{audit_end}} scope={{pci_scope}} | stats count by event_type, host"
- name: create-compliance-record
type: call
call: "servicenow-pci.create-record"
with:
short_description: "PCI log audit: {{pci_scope}} — {{audit_start}} to {{audit_end}}"
description: "Splunk PCI audit complete. Events found: {{query-logs.total_events}}. Scope: {{pci_scope}}. Period: {{audit_start}} to {{audit_end}}."
consumes:
- type: http
namespace: splunk-pci
baseUri: "https://splunk.visa.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs/export"
operations:
- name: search-events
method: POST
- type: http
namespace: servicenow-pci
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: compliance-records
path: "/table/compliance_finding"
operations:
- name: create-record
method: POST
Splunk PCI Log Query
▼
security splunk pci-compliance
Retrieves PCI compliance audit log results from Splunk by search job ID.
naftiko: "0.5"
info:
label: "Splunk PCI Log Query"
description: "Retrieves PCI compliance audit log results from Splunk by search job ID."
tags:
- security
- splunk
- pci-compliance
capability:
exposes:
- type: mcp
namespace: splunk_pci_log_query
port: 8080
tools:
- name: query-data
description: "Retrieves PCI compliance audit log results from Splunk by search job ID."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Tableau Payment Dashboard Refresh Status
▼
analytics tableau dashboards
Returns the last refresh status and time for payment KPI dashboards.
naftiko: "0.5"
info:
label: "Tableau Payment Dashboard Refresh Status"
description: "Returns the last refresh status and time for payment KPI dashboards."
tags:
- analytics
- tableau
- dashboards
capability:
exposes:
- type: mcp
namespace: tableau_payment_dash
port: 8080
tools:
- name: query-data
description: "Returns the last refresh status and time for payment KPI dashboards."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Tableau Payment KPI Dashboard Refresh
▼
analytics tableau microsoft-teams reporting dashboards payments
Triggers a Tableau workbook refresh for Visa's executive payment KPI dashboards and notifies the business intelligence leadership team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Tableau Payment KPI Dashboard Refresh"
description: "Triggers a Tableau workbook refresh for Visa's executive payment KPI dashboards and notifies the business intelligence leadership team via Microsoft Teams."
tags:
- analytics
- tableau
- microsoft-teams
- reporting
- dashboards
- payments
capability:
exposes:
- type: mcp
namespace: payment-dashboards
port: 8080
tools:
- name: refresh-payment-kpi-dashboard
description: "Trigger a Tableau workbook refresh for a payment KPI dashboard and notify the BI leadership Teams channel on completion."
inputParameters:
- name: workbook_id
in: body
type: string
description: "The Tableau workbook LUID to refresh."
- name: site_id
in: body
type: string
description: "Tableau server site ID."
- name: notify_channel_id
in: body
type: string
description: "Microsoft Teams channel ID for BI leadership notification."
steps:
- name: trigger-refresh
type: call
call: "tableau.refresh-workbook"
with:
site_id: "{{site_id}}"
workbook_id: "{{workbook_id}}"
- name: notify-bi-leaders
type: call
call: "msteams-bi.post-message"
with:
channel_id: "{{notify_channel_id}}"
text: "Payment KPI dashboard refresh complete. Workbook: {{workbook_id}}, Job: {{trigger-refresh.job_id}}, Status: {{trigger-refresh.status}}."
consumes:
- type: http
namespace: tableau
baseUri: "https://tableau.visa.com/api/2.8"
authentication:
type: apikey
key: "X-Tableau-Auth"
value: "$secrets.tableau_token"
placement: header
resources:
- name: workbook-refresh
path: "/sites/{{site_id}}/workbooks/{{workbook_id}}/refresh"
inputParameters:
- name: site_id
in: path
- name: workbook_id
in: path
operations:
- name: refresh-workbook
method: POST
- type: http
namespace: msteams-bi
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Visa 3DS Authentication Failure Handler
▼
payments snowflake jira slack 3ds
When 3D Secure authentication failure rates spike, queries Snowflake for issuer patterns, creates a Jira ticket, and alerts the authentication team.
naftiko: "0.5"
info:
label: "Visa 3DS Authentication Failure Handler"
description: "When 3D Secure authentication failure rates spike, queries Snowflake for issuer patterns, creates a Jira ticket, and alerts the authentication team."
tags:
- payments
- snowflake
- jira
- slack
- 3ds
capability:
exposes:
- type: mcp
namespace: visa_3ds_authenticat
port: 8080
tools:
- name: handle-event
description: "When 3D Secure authentication failure rates spike, queries Snowflake for issuer patterns, creates a Jira ticket, and alerts the authentication team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Acquirer Performance Report
▼
payments snowflake salesforce slack acquirers
Generates acquirer performance reports from Snowflake, updates Salesforce account records, and posts summaries to Slack.
naftiko: "0.5"
info:
label: "Visa Acquirer Performance Report"
description: "Generates acquirer performance reports from Snowflake, updates Salesforce account records, and posts summaries to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- acquirers
capability:
exposes:
- type: mcp
namespace: visa_acquirer_perfor
port: 8080
tools:
- name: handle-event
description: "Generates acquirer performance reports from Snowflake, updates Salesforce account records, and posts summaries to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa AML Transaction Monitoring Alert
▼
compliance servicenow splunk pagerduty aml
When AML monitoring detects suspicious patterns, creates a ServiceNow investigation, queries Splunk for details, and pages the compliance team.
naftiko: "0.5"
info:
label: "Visa AML Transaction Monitoring Alert"
description: "When AML monitoring detects suspicious patterns, creates a ServiceNow investigation, queries Splunk for details, and pages the compliance team."
tags:
- compliance
- servicenow
- splunk
- pagerduty
- aml
capability:
exposes:
- type: mcp
namespace: visa_aml_transaction
port: 8080
tools:
- name: handle-event
description: "When AML monitoring detects suspicious patterns, creates a ServiceNow investigation, queries Splunk for details, and pages the compliance team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[compliance] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "compliance-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa API Rate Limit Breach Handler
▼
api-management splunk jira slack
When a partner exceeds API rate limits, logs the event in Splunk, creates a Jira ticket, and notifies the developer relations team via Slack.
naftiko: "0.5"
info:
label: "Visa API Rate Limit Breach Handler"
description: "When a partner exceeds API rate limits, logs the event in Splunk, creates a Jira ticket, and notifies the developer relations team via Slack."
tags:
- api-management
- splunk
- jira
- slack
capability:
exposes:
- type: mcp
namespace: visa_api_rate_limit_
port: 8080
tools:
- name: handle-event
description: "When a partner exceeds API rate limits, logs the event in Splunk, creates a Jira ticket, and notifies the developer relations team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Authorization Rate Check
▼
payments snowflake authorization
Returns current authorization approval rates by issuer from Snowflake analytics.
naftiko: "0.5"
info:
label: "Visa Authorization Rate Check"
description: "Returns current authorization approval rates by issuer from Snowflake analytics."
tags:
- payments
- snowflake
- authorization
capability:
exposes:
- type: mcp
namespace: visa_authorization_r
port: 8080
tools:
- name: query-data
description: "Returns current authorization approval rates by issuer from Snowflake analytics."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Visa Business Continuity Test Workflow
▼
operations datadog servicenow slack business-continuity
Initiates a business continuity test, verifies failover health via Datadog, creates a ServiceNow audit record, and reports results to Slack.
naftiko: "0.5"
info:
label: "Visa Business Continuity Test Workflow"
description: "Initiates a business continuity test, verifies failover health via Datadog, creates a ServiceNow audit record, and reports results to Slack."
tags:
- operations
- datadog
- servicenow
- slack
- business-continuity
capability:
exposes:
- type: mcp
namespace: visa_business_contin
port: 8080
tools:
- name: handle-event
description: "Initiates a business continuity test, verifies failover health via Datadog, creates a ServiceNow audit record, and reports results to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[operations] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "operations-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Card Portfolio Analytics Digest
▼
payments snowflake salesforce slack analytics
Generates a weekly card portfolio analytics digest from Snowflake, creates a Salesforce report record, and posts highlights to Slack.
naftiko: "0.5"
info:
label: "Visa Card Portfolio Analytics Digest"
description: "Generates a weekly card portfolio analytics digest from Snowflake, creates a Salesforce report record, and posts highlights to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- analytics
capability:
exposes:
- type: mcp
namespace: visa_card_portfolio_
port: 8080
tools:
- name: handle-event
description: "Generates a weekly card portfolio analytics digest from Snowflake, creates a Salesforce report record, and posts highlights to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Cardholder Data Breach Response
▼
security servicenow pagerduty splunk data-breach
When a potential data breach is detected, creates a ServiceNow P1 incident, pages the security team, and initiates a Splunk forensic search.
naftiko: "0.5"
info:
label: "Visa Cardholder Data Breach Response"
description: "When a potential data breach is detected, creates a ServiceNow P1 incident, pages the security team, and initiates a Splunk forensic search."
tags:
- security
- servicenow
- pagerduty
- splunk
- data-breach
capability:
exposes:
- type: mcp
namespace: visa_cardholder_data
port: 8080
tools:
- name: handle-event
description: "When a potential data breach is detected, creates a ServiceNow P1 incident, pages the security team, and initiates a Splunk forensic search."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Chargeback Rate Query
▼
payments snowflake chargebacks
Queries Snowflake for chargeback rates by merchant category and region.
naftiko: "0.5"
info:
label: "Visa Chargeback Rate Query"
description: "Queries Snowflake for chargeback rates by merchant category and region."
tags:
- payments
- snowflake
- chargebacks
capability:
exposes:
- type: mcp
namespace: visa_chargeback_rate
port: 8080
tools:
- name: query-data
description: "Queries Snowflake for chargeback rates by merchant category and region."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Visa Chargeback Threshold Alert
▼
payments jira salesforce slack chargebacks
When a merchant exceeds chargeback thresholds, creates a Jira investigation ticket, updates Salesforce, and alerts the risk team via Slack.
naftiko: "0.5"
info:
label: "Visa Chargeback Threshold Alert"
description: "When a merchant exceeds chargeback thresholds, creates a Jira investigation ticket, updates Salesforce, and alerts the risk team via Slack."
tags:
- payments
- jira
- salesforce
- slack
- chargebacks
capability:
exposes:
- type: mcp
namespace: visa_chargeback_thre
port: 8080
tools:
- name: handle-event
description: "When a merchant exceeds chargeback thresholds, creates a Jira investigation ticket, updates Salesforce, and alerts the risk team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Click-to-Pay Enrollment Tracker
▼
payments snowflake salesforce slack digital-payments
Tracks Click to Pay enrollment metrics from Snowflake, updates Salesforce issuer records, and posts weekly growth stats to Slack.
naftiko: "0.5"
info:
label: "Visa Click-to-Pay Enrollment Tracker"
description: "Tracks Click to Pay enrollment metrics from Snowflake, updates Salesforce issuer records, and posts weekly growth stats to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- digital-payments
capability:
exposes:
- type: mcp
namespace: visa_click_to_pay_en
port: 8080
tools:
- name: handle-event
description: "Tracks Click to Pay enrollment metrics from Snowflake, updates Salesforce issuer records, and posts weekly growth stats to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Contactless Payment Adoption Digest
▼
payments snowflake salesforce slack contactless
Queries Snowflake for contactless adoption metrics by region, updates Salesforce records, and posts a weekly digest to Slack.
naftiko: "0.5"
info:
label: "Visa Contactless Payment Adoption Digest"
description: "Queries Snowflake for contactless adoption metrics by region, updates Salesforce records, and posts a weekly digest to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- contactless
capability:
exposes:
- type: mcp
namespace: visa_contactless_pay
port: 8080
tools:
- name: handle-event
description: "Queries Snowflake for contactless adoption metrics by region, updates Salesforce records, and posts a weekly digest to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Cross-Border Compliance Check
▼
payments snowflake jira slack cross-border
When a new cross-border corridor is activated, verifies regulatory compliance via Snowflake, creates a Jira task, and notifies compliance via Slack.
naftiko: "0.5"
info:
label: "Visa Cross-Border Compliance Check"
description: "When a new cross-border corridor is activated, verifies regulatory compliance via Snowflake, creates a Jira task, and notifies compliance via Slack."
tags:
- payments
- snowflake
- jira
- slack
- cross-border
capability:
exposes:
- type: mcp
namespace: visa_cross_border_co
port: 8080
tools:
- name: handle-event
description: "When a new cross-border corridor is activated, verifies regulatory compliance via Snowflake, creates a Jira task, and notifies compliance via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Cybersecurity Threat Intelligence Handler
▼
security crowdstrike splunk servicenow pagerduty
When CrowdStrike detects a new threat, queries Splunk for exposure, creates a ServiceNow incident, and pages the CSIRT team.
naftiko: "0.5"
info:
label: "Visa Cybersecurity Threat Intelligence Handler"
description: "When CrowdStrike detects a new threat, queries Splunk for exposure, creates a ServiceNow incident, and pages the CSIRT team."
tags:
- security
- crowdstrike
- splunk
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: visa_cybersecurity_t
port: 8080
tools:
- name: handle-event
description: "When CrowdStrike detects a new threat, queries Splunk for exposure, creates a ServiceNow incident, and pages the CSIRT team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Debit Network Routing Alert
▼
payments snowflake jira slack debit
When debit routing anomalies are detected in Snowflake, creates a Jira investigation task and alerts the debit network team via Slack.
naftiko: "0.5"
info:
label: "Visa Debit Network Routing Alert"
description: "When debit routing anomalies are detected in Snowflake, creates a Jira investigation task and alerts the debit network team via Slack."
tags:
- payments
- snowflake
- jira
- slack
- debit
capability:
exposes:
- type: mcp
namespace: visa_debit_network_r
port: 8080
tools:
- name: handle-event
description: "When debit routing anomalies are detected in Snowflake, creates a Jira investigation task and alerts the debit network team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Developer Portal Usage Digest
▼
api-management snowflake jira slack
Queries Snowflake for developer portal API adoption metrics, creates a Jira roadmap task, and posts the digest to Slack.
naftiko: "0.5"
info:
label: "Visa Developer Portal Usage Digest"
description: "Queries Snowflake for developer portal API adoption metrics, creates a Jira roadmap task, and posts the digest to Slack."
tags:
- api-management
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: visa_developer_porta
port: 8080
tools:
- name: handle-event
description: "Queries Snowflake for developer portal API adoption metrics, creates a Jira roadmap task, and posts the digest to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Digital Wallet Provisioning Monitor
▼
payments snowflake jira slack tokenization
Monitors token provisioning rates from Snowflake, creates Jira tickets for failures, and alerts the digital payments team via Slack.
naftiko: "0.5"
info:
label: "Visa Digital Wallet Provisioning Monitor"
description: "Monitors token provisioning rates from Snowflake, creates Jira tickets for failures, and alerts the digital payments team via Slack."
tags:
- payments
- snowflake
- jira
- slack
- tokenization
capability:
exposes:
- type: mcp
namespace: visa_digital_wallet_
port: 8080
tools:
- name: handle-event
description: "Monitors token provisioning rates from Snowflake, creates Jira tickets for failures, and alerts the digital payments team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa EMV Chip Failure Analysis
▼
payments snowflake jira slack emv
When EMV chip decline rates spike, queries Snowflake for failure patterns, creates a Jira investigation ticket, and notifies the card technology team.
naftiko: "0.5"
info:
label: "Visa EMV Chip Failure Analysis"
description: "When EMV chip decline rates spike, queries Snowflake for failure patterns, creates a Jira investigation ticket, and notifies the card technology team."
tags:
- payments
- snowflake
- jira
- slack
- emv
capability:
exposes:
- type: mcp
namespace: visa_emv_chip_failur
port: 8080
tools:
- name: handle-event
description: "When EMV chip decline rates spike, queries Snowflake for failure patterns, creates a Jira investigation ticket, and notifies the card technology team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Encryption Key Rotation Workflow
▼
security servicenow slack encryption
When encryption keys approach expiration, triggers rotation, creates a ServiceNow change request, and notifies the security team via Slack.
naftiko: "0.5"
info:
label: "Visa Encryption Key Rotation Workflow"
description: "When encryption keys approach expiration, triggers rotation, creates a ServiceNow change request, and notifies the security team via Slack."
tags:
- security
- servicenow
- slack
- encryption
capability:
exposes:
- type: mcp
namespace: visa_encryption_key_
port: 8080
tools:
- name: handle-event
description: "When encryption keys approach expiration, triggers rotation, creates a ServiceNow change request, and notifies the security team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Fintech Partner Integration Monitor
▼
api-management datadog jira slack partnerships
Monitors fintech partner API integration health from Datadog, creates Jira tickets for failures, and alerts the partnerships team via Slack.
naftiko: "0.5"
info:
label: "Visa Fintech Partner Integration Monitor"
description: "Monitors fintech partner API integration health from Datadog, creates Jira tickets for failures, and alerts the partnerships team via Slack."
tags:
- api-management
- datadog
- jira
- slack
- partnerships
capability:
exposes:
- type: mcp
namespace: visa_fintech_partner
port: 8080
tools:
- name: handle-event
description: "Monitors fintech partner API integration health from Datadog, creates Jira tickets for failures, and alerts the partnerships team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Global Transaction Routing Optimizer
▼
payments snowflake slack routing
Analyzes transaction routing efficiency from Snowflake, updates routing rules in the config system, and reports optimization results to Slack.
naftiko: "0.5"
info:
label: "Visa Global Transaction Routing Optimizer"
description: "Analyzes transaction routing efficiency from Snowflake, updates routing rules in the config system, and reports optimization results to Slack."
tags:
- payments
- snowflake
- slack
- routing
capability:
exposes:
- type: mcp
namespace: visa_global_transact
port: 8080
tools:
- name: handle-event
description: "Analyzes transaction routing efficiency from Snowflake, updates routing rules in the config system, and reports optimization results to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Incident Post-Mortem Generator
▼
operations servicenow confluence slack incident-management
After a major payment incident is resolved, collects timeline from ServiceNow, creates a Confluence post-mortem page, and notifies via Slack.
naftiko: "0.5"
info:
label: "Visa Incident Post-Mortem Generator"
description: "After a major payment incident is resolved, collects timeline from ServiceNow, creates a Confluence post-mortem page, and notifies via Slack."
tags:
- operations
- servicenow
- confluence
- slack
- incident-management
capability:
exposes:
- type: mcp
namespace: visa_incident_post_m
port: 8080
tools:
- name: handle-event
description: "After a major payment incident is resolved, collects timeline from ServiceNow, creates a Confluence post-mortem page, and notifies via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[operations] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "operations-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Instant Payment SLA Monitor
▼
payments datadog pagerduty slack instant-payments
Monitors real-time payment SLA compliance from Datadog, creates PagerDuty incidents for breaches, and posts status to Slack.
naftiko: "0.5"
info:
label: "Visa Instant Payment SLA Monitor"
description: "Monitors real-time payment SLA compliance from Datadog, creates PagerDuty incidents for breaches, and posts status to Slack."
tags:
- payments
- datadog
- pagerduty
- slack
- instant-payments
capability:
exposes:
- type: mcp
namespace: visa_instant_payment
port: 8080
tools:
- name: handle-event
description: "Monitors real-time payment SLA compliance from Datadog, creates PagerDuty incidents for breaches, and posts status to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Interchange Rate Update Workflow
▼
payments snowflake jira slack interchange
When interchange rates are updated, queries Snowflake for affected merchants, creates Jira notification tasks, and alerts the pricing team via Slack.
naftiko: "0.5"
info:
label: "Visa Interchange Rate Update Workflow"
description: "When interchange rates are updated, queries Snowflake for affected merchants, creates Jira notification tasks, and alerts the pricing team via Slack."
tags:
- payments
- snowflake
- jira
- slack
- interchange
capability:
exposes:
- type: mcp
namespace: visa_interchange_rat
port: 8080
tools:
- name: handle-event
description: "When interchange rates are updated, queries Snowflake for affected merchants, creates Jira notification tasks, and alerts the pricing team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa ISO Message Format Validation Alert
▼
payments splunk jira slack iso-8583
When ISO 8583 message validation errors spike, queries Splunk for patterns, creates a Jira ticket, and alerts the integration team via Slack.
naftiko: "0.5"
info:
label: "Visa ISO Message Format Validation Alert"
description: "When ISO 8583 message validation errors spike, queries Splunk for patterns, creates a Jira ticket, and alerts the integration team via Slack."
tags:
- payments
- splunk
- jira
- slack
- iso-8583
capability:
exposes:
- type: mcp
namespace: visa_iso_message_for
port: 8080
tools:
- name: handle-event
description: "When ISO 8583 message validation errors spike, queries Splunk for patterns, creates a Jira ticket, and alerts the integration team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Issuer Relationship Health Sync
▼
payments snowflake salesforce slack issuers
Queries Snowflake for issuer transaction metrics, updates the Salesforce account health score, and posts a digest to Slack.
naftiko: "0.5"
info:
label: "Visa Issuer Relationship Health Sync"
description: "Queries Snowflake for issuer transaction metrics, updates the Salesforce account health score, and posts a digest to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- issuers
capability:
exposes:
- type: mcp
namespace: visa_issuer_relation
port: 8080
tools:
- name: handle-event
description: "Queries Snowflake for issuer transaction metrics, updates the Salesforce account health score, and posts a digest to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Merchant Category Review Workflow
▼
payments jira salesforce slack merchants
When merchant transaction patterns deviate from their category, flags for review in Jira, updates Salesforce risk fields, and notifies via Slack.
naftiko: "0.5"
info:
label: "Visa Merchant Category Review Workflow"
description: "When merchant transaction patterns deviate from their category, flags for review in Jira, updates Salesforce risk fields, and notifies via Slack."
tags:
- payments
- jira
- salesforce
- slack
- merchants
capability:
exposes:
- type: mcp
namespace: visa_merchant_catego
port: 8080
tools:
- name: handle-event
description: "When merchant transaction patterns deviate from their category, flags for review in Jira, updates Salesforce risk fields, and notifies via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Merchant Detail Lookup
▼
payments snowflake merchants
Returns merchant category, location, and transaction history from Snowflake.
naftiko: "0.5"
info:
label: "Visa Merchant Detail Lookup"
description: "Returns merchant category, location, and transaction history from Snowflake."
tags:
- payments
- snowflake
- merchants
capability:
exposes:
- type: mcp
namespace: visa_merchant_detail
port: 8080
tools:
- name: query-data
description: "Returns merchant category, location, and transaction history from Snowflake."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Visa Merchant Onboarding Workflow
▼
payments salesforce slack merchant-onboarding
When a new merchant is approved, creates the account in Salesforce, provisions API credentials, and notifies the partner team via Slack.
naftiko: "0.5"
info:
label: "Visa Merchant Onboarding Workflow"
description: "When a new merchant is approved, creates the account in Salesforce, provisions API credentials, and notifies the partner team via Slack."
tags:
- payments
- salesforce
- slack
- merchant-onboarding
capability:
exposes:
- type: mcp
namespace: visa_merchant_onboar
port: 8080
tools:
- name: handle-event
description: "When a new merchant is approved, creates the account in Salesforce, provisions API credentials, and notifies the partner team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Merchant Risk Assessment
▼
payments snowflake salesforce slack risk
Assesses merchant risk by querying transaction patterns from Snowflake, updates the risk score in Salesforce, and alerts the risk team via Slack.
naftiko: "0.5"
info:
label: "Visa Merchant Risk Assessment"
description: "Assesses merchant risk by querying transaction patterns from Snowflake, updates the risk score in Salesforce, and alerts the risk team via Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- risk
capability:
exposes:
- type: mcp
namespace: visa_merchant_risk_a
port: 8080
tools:
- name: handle-event
description: "Assesses merchant risk by querying transaction patterns from Snowflake, updates the risk score in Salesforce, and alerts the risk team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Network Capacity Planning Alert
▼
infrastructure snowflake jira slack capacity
When transaction volumes approach capacity thresholds, queries Snowflake trends, creates a Jira planning task, and alerts infrastructure via Slack.
naftiko: "0.5"
info:
label: "Visa Network Capacity Planning Alert"
description: "When transaction volumes approach capacity thresholds, queries Snowflake trends, creates a Jira planning task, and alerts infrastructure via Slack."
tags:
- infrastructure
- snowflake
- jira
- slack
- capacity
capability:
exposes:
- type: mcp
namespace: visa_network_capacit
port: 8080
tools:
- name: handle-event
description: "When transaction volumes approach capacity thresholds, queries Snowflake trends, creates a Jira planning task, and alerts infrastructure via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[infrastructure] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "infrastructure-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Open Banking API Monitor
▼
api-management snowflake jira slack open-banking
Monitors open banking API adoption and health from Snowflake, creates Jira tasks for degraded partners, and posts metrics to Slack.
naftiko: "0.5"
info:
label: "Visa Open Banking API Monitor"
description: "Monitors open banking API adoption and health from Snowflake, creates Jira tasks for degraded partners, and posts metrics to Slack."
tags:
- api-management
- snowflake
- jira
- slack
- open-banking
capability:
exposes:
- type: mcp
namespace: visa_open_banking_ap
port: 8080
tools:
- name: handle-event
description: "Monitors open banking API adoption and health from Snowflake, creates Jira tasks for degraded partners, and posts metrics to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Partner API Health Digest
▼
api-management datadog slack jira
Generates a daily API health digest from Datadog metrics, posts to Slack, and creates Jira tickets for degraded services.
naftiko: "0.5"
info:
label: "Visa Partner API Health Digest"
description: "Generates a daily API health digest from Datadog metrics, posts to Slack, and creates Jira tickets for degraded services."
tags:
- api-management
- datadog
- slack
- jira
capability:
exposes:
- type: mcp
namespace: visa_partner_api_hea
port: 8080
tools:
- name: handle-event
description: "Generates a daily API health digest from Datadog metrics, posts to Slack, and creates Jira tickets for degraded services."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment API Version Deprecation
▼
api-management snowflake jira slack deprecation
When an API version is scheduled for deprecation, identifies active consumers from Snowflake, creates Jira migration tasks, and notifies via Slack.
naftiko: "0.5"
info:
label: "Visa Payment API Version Deprecation"
description: "When an API version is scheduled for deprecation, identifies active consumers from Snowflake, creates Jira migration tasks, and notifies via Slack."
tags:
- api-management
- snowflake
- jira
- slack
- deprecation
capability:
exposes:
- type: mcp
namespace: visa_payment_api_ver
port: 8080
tools:
- name: handle-event
description: "When an API version is scheduled for deprecation, identifies active consumers from Snowflake, creates Jira migration tasks, and notifies via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[api-management] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "api-management-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Dispute Escalation
▼
payments pagerduty servicenow slack disputes
When a dispute exceeds the resolution SLA, escalates via PagerDuty, updates ServiceNow, and notifies the dispute resolution team via Slack.
naftiko: "0.5"
info:
label: "Visa Payment Dispute Escalation"
description: "When a dispute exceeds the resolution SLA, escalates via PagerDuty, updates ServiceNow, and notifies the dispute resolution team via Slack."
tags:
- payments
- pagerduty
- servicenow
- slack
- disputes
capability:
exposes:
- type: mcp
namespace: visa_payment_dispute
port: 8080
tools:
- name: handle-event
description: "When a dispute exceeds the resolution SLA, escalates via PagerDuty, updates ServiceNow, and notifies the dispute resolution team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Fraud Rule Deployment
▼
security datadog servicenow slack fraud-detection
When a new fraud rule is approved, deploys to production, verifies via Datadog, logs in ServiceNow, and notifies the fraud team via Slack.
naftiko: "0.5"
info:
label: "Visa Payment Fraud Rule Deployment"
description: "When a new fraud rule is approved, deploys to production, verifies via Datadog, logs in ServiceNow, and notifies the fraud team via Slack."
tags:
- security
- datadog
- servicenow
- slack
- fraud-detection
capability:
exposes:
- type: mcp
namespace: visa_payment_fraud_r
port: 8080
tools:
- name: handle-event
description: "When a new fraud rule is approved, deploys to production, verifies via Datadog, logs in ServiceNow, and notifies the fraud team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Gateway Failover Handler
▼
infrastructure pagerduty slack payments
When a payment gateway health check fails, triggers failover, creates a PagerDuty incident, and notifies the NOC via Slack.
naftiko: "0.5"
info:
label: "Visa Payment Gateway Failover Handler"
description: "When a payment gateway health check fails, triggers failover, creates a PagerDuty incident, and notifies the NOC via Slack."
tags:
- infrastructure
- pagerduty
- slack
- payments
capability:
exposes:
- type: mcp
namespace: visa_payment_gateway
port: 8080
tools:
- name: handle-event
description: "When a payment gateway health check fails, triggers failover, creates a PagerDuty incident, and notifies the NOC via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[infrastructure] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "infrastructure-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Network Latency Investigation
▼
infrastructure datadog snowflake jira slack
When Datadog detects network latency spikes, queries Snowflake for affected corridors, creates a Jira ticket, and alerts the network team.
naftiko: "0.5"
info:
label: "Visa Payment Network Latency Investigation"
description: "When Datadog detects network latency spikes, queries Snowflake for affected corridors, creates a Jira ticket, and alerts the network team."
tags:
- infrastructure
- datadog
- snowflake
- jira
- slack
capability:
exposes:
- type: mcp
namespace: visa_payment_network
port: 8080
tools:
- name: handle-event
description: "When Datadog detects network latency spikes, queries Snowflake for affected corridors, creates a Jira ticket, and alerts the network team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[infrastructure] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "infrastructure-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Processing Capacity Report
▼
infrastructure snowflake jira slack capacity
Generates weekly capacity utilization reports from Snowflake, creates Jira planning tasks for high-utilization systems, and posts to Slack.
naftiko: "0.5"
info:
label: "Visa Payment Processing Capacity Report"
description: "Generates weekly capacity utilization reports from Snowflake, creates Jira planning tasks for high-utilization systems, and posts to Slack."
tags:
- infrastructure
- snowflake
- jira
- slack
- capacity
capability:
exposes:
- type: mcp
namespace: visa_payment_process
port: 8080
tools:
- name: handle-event
description: "Generates weekly capacity utilization reports from Snowflake, creates Jira planning tasks for high-utilization systems, and posts to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[infrastructure] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "infrastructure-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Processing SLA Alert
▼
payments pagerduty slack servicenow sla
When payment processing latency exceeds SLA, creates a PagerDuty incident, posts to Slack, and opens a ServiceNow ticket.
naftiko: "0.5"
info:
label: "Visa Payment Processing SLA Alert"
description: "When payment processing latency exceeds SLA, creates a PagerDuty incident, posts to Slack, and opens a ServiceNow ticket."
tags:
- payments
- pagerduty
- slack
- servicenow
- sla
capability:
exposes:
- type: mcp
namespace: visa_payment_process
port: 8080
tools:
- name: handle-event
description: "When payment processing latency exceeds SLA, creates a PagerDuty incident, posts to Slack, and opens a ServiceNow ticket."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Payment Terminal Certification Tracker
▼
payments snowflake jira slack terminals
Tracks terminal certification status from Snowflake, creates Jira tasks for expiring certifications, and notifies the terminal team via Slack.
naftiko: "0.5"
info:
label: "Visa Payment Terminal Certification Tracker"
description: "Tracks terminal certification status from Snowflake, creates Jira tasks for expiring certifications, and notifies the terminal team via Slack."
tags:
- payments
- snowflake
- jira
- slack
- terminals
capability:
exposes:
- type: mcp
namespace: visa_payment_termina
port: 8080
tools:
- name: handle-event
description: "Tracks terminal certification status from Snowflake, creates Jira tasks for expiring certifications, and notifies the terminal team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa PCI Compliance Audit Workflow
▼
security splunk jira slack pci-compliance
Runs a PCI compliance check via Splunk, creates a Jira audit ticket for findings, and notifies the compliance team via Slack.
naftiko: "0.5"
info:
label: "Visa PCI Compliance Audit Workflow"
description: "Runs a PCI compliance check via Splunk, creates a Jira audit ticket for findings, and notifies the compliance team via Slack."
tags:
- security
- splunk
- jira
- slack
- pci-compliance
capability:
exposes:
- type: mcp
namespace: visa_pci_compliance_
port: 8080
tools:
- name: handle-event
description: "Runs a PCI compliance check via Splunk, creates a Jira audit ticket for findings, and notifies the compliance team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Prepaid Card Program Health Check
▼
payments snowflake salesforce slack prepaid
Queries Snowflake for prepaid program health metrics, updates Salesforce records, and posts a health summary to Slack.
naftiko: "0.5"
info:
label: "Visa Prepaid Card Program Health Check"
description: "Queries Snowflake for prepaid program health metrics, updates Salesforce records, and posts a health summary to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- prepaid
capability:
exposes:
- type: mcp
namespace: visa_prepaid_card_pr
port: 8080
tools:
- name: handle-event
description: "Queries Snowflake for prepaid program health metrics, updates Salesforce records, and posts a health summary to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa PSD2 Compliance Monitoring
▼
compliance snowflake jira slack psd2
Monitors PSD2 SCA compliance rates from Snowflake, creates Jira tickets for non-compliant issuers, and alerts the European operations team.
naftiko: "0.5"
info:
label: "Visa PSD2 Compliance Monitoring"
description: "Monitors PSD2 SCA compliance rates from Snowflake, creates Jira tickets for non-compliant issuers, and alerts the European operations team."
tags:
- compliance
- snowflake
- jira
- slack
- psd2
capability:
exposes:
- type: mcp
namespace: visa_psd2_compliance
port: 8080
tools:
- name: handle-event
description: "Monitors PSD2 SCA compliance rates from Snowflake, creates Jira tickets for non-compliant issuers, and alerts the European operations team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[compliance] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "compliance-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Quarterly Business Review Generator
▼
payments snowflake salesforce slack analytics
Generates a QBR report from Snowflake analytics, creates a Salesforce activity record, and posts highlights to Slack.
naftiko: "0.5"
info:
label: "Visa Quarterly Business Review Generator"
description: "Generates a QBR report from Snowflake analytics, creates a Salesforce activity record, and posts highlights to Slack."
tags:
- payments
- snowflake
- salesforce
- slack
- analytics
capability:
exposes:
- type: mcp
namespace: visa_quarterly_busin
port: 8080
tools:
- name: handle-event
description: "Generates a QBR report from Snowflake analytics, creates a Salesforce activity record, and posts highlights to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Real-Time Fraud Response
▼
security crowdstrike pagerduty fraud-detection
When real-time fraud scoring triggers an alert, blocks the transaction, creates a CrowdStrike investigation, and pages the fraud ops team.
naftiko: "0.5"
info:
label: "Visa Real-Time Fraud Response"
description: "When real-time fraud scoring triggers an alert, blocks the transaction, creates a CrowdStrike investigation, and pages the fraud ops team."
tags:
- security
- crowdstrike
- pagerduty
- fraud-detection
capability:
exposes:
- type: mcp
namespace: visa_real_time_fraud
port: 8080
tools:
- name: handle-event
description: "When real-time fraud scoring triggers an alert, blocks the transaction, creates a CrowdStrike investigation, and pages the fraud ops team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Real-Time Payment Monitoring
▼
payments datadog pagerduty slack real-time
Monitors real-time payment processing metrics from Datadog, creates PagerDuty alerts for anomalies, and posts status to Slack.
naftiko: "0.5"
info:
label: "Visa Real-Time Payment Monitoring"
description: "Monitors real-time payment processing metrics from Datadog, creates PagerDuty alerts for anomalies, and posts status to Slack."
tags:
- payments
- datadog
- pagerduty
- slack
- real-time
capability:
exposes:
- type: mcp
namespace: visa_real_time_payme
port: 8080
tools:
- name: handle-event
description: "Monitors real-time payment processing metrics from Datadog, creates PagerDuty alerts for anomalies, and posts status to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Regulatory Filing Workflow
▼
compliance snowflake jira slack regulatory
When a regulatory deadline approaches, queries Snowflake for required data, creates a Jira task, and notifies the legal team via Slack.
naftiko: "0.5"
info:
label: "Visa Regulatory Filing Workflow"
description: "When a regulatory deadline approaches, queries Snowflake for required data, creates a Jira task, and notifies the legal team via Slack."
tags:
- compliance
- snowflake
- jira
- slack
- regulatory
capability:
exposes:
- type: mcp
namespace: visa_regulatory_fili
port: 8080
tools:
- name: handle-event
description: "When a regulatory deadline approaches, queries Snowflake for required data, creates a Jira task, and notifies the legal team via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[compliance] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "compliance-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Risk Model Performance Digest
▼
security snowflake jira slack fraud-detection
Queries Snowflake for fraud model precision and recall metrics, creates a Jira review task, and posts the digest to Slack.
naftiko: "0.5"
info:
label: "Visa Risk Model Performance Digest"
description: "Queries Snowflake for fraud model precision and recall metrics, creates a Jira review task, and posts the digest to Slack."
tags:
- security
- snowflake
- jira
- slack
- fraud-detection
capability:
exposes:
- type: mcp
namespace: visa_risk_model_perf
port: 8080
tools:
- name: handle-event
description: "Queries Snowflake for fraud model precision and recall metrics, creates a Jira review task, and posts the digest to Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Sanctions Screening Workflow
▼
compliance snowflake jira slack sanctions
When a new merchant application is received, screens against sanctions lists in Snowflake, creates a Jira compliance task, and notifies the compliance team.
naftiko: "0.5"
info:
label: "Visa Sanctions Screening Workflow"
description: "When a new merchant application is received, screens against sanctions lists in Snowflake, creates a Jira compliance task, and notifies the compliance team."
tags:
- compliance
- snowflake
- jira
- slack
- sanctions
capability:
exposes:
- type: mcp
namespace: visa_sanctions_scree
port: 8080
tools:
- name: handle-event
description: "When a new merchant application is received, screens against sanctions lists in Snowflake, creates a Jira compliance task, and notifies the compliance team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[compliance] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "compliance-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Settlement Reconciliation Alert
▼
payments snowflake jira slack settlements
When settlement reconciliation detects a mismatch, queries Snowflake for details, creates a Jira ticket, and alerts finance via Slack.
naftiko: "0.5"
info:
label: "Visa Settlement Reconciliation Alert"
description: "When settlement reconciliation detects a mismatch, queries Snowflake for details, creates a Jira ticket, and alerts finance via Slack."
tags:
- payments
- snowflake
- jira
- slack
- settlements
capability:
exposes:
- type: mcp
namespace: visa_settlement_reco
port: 8080
tools:
- name: handle-event
description: "When settlement reconciliation detects a mismatch, queries Snowflake for details, creates a Jira ticket, and alerts finance via Slack."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Token Lifecycle Management Alert
▼
payments snowflake jira slack tokenization
When tokens approach expiration, queries Snowflake for affected issuers, creates a Jira renewal task, and notifies the digital payments team.
naftiko: "0.5"
info:
label: "Visa Token Lifecycle Management Alert"
description: "When tokens approach expiration, queries Snowflake for affected issuers, creates a Jira renewal task, and notifies the digital payments team."
tags:
- payments
- snowflake
- jira
- slack
- tokenization
capability:
exposes:
- type: mcp
namespace: visa_token_lifecycle
port: 8080
tools:
- name: handle-event
description: "When tokens approach expiration, queries Snowflake for affected issuers, creates a Jira renewal task, and notifies the digital payments team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Transaction Anomaly Investigation
▼
payments splunk servicenow pagerduty fraud
When a transaction anomaly is detected, queries Splunk for details, creates a ServiceNow incident, and pages the fraud team via PagerDuty.
naftiko: "0.5"
info:
label: "Visa Transaction Anomaly Investigation"
description: "When a transaction anomaly is detected, queries Splunk for details, creates a ServiceNow incident, and pages the fraud team via PagerDuty."
tags:
- payments
- splunk
- servicenow
- pagerduty
- fraud
capability:
exposes:
- type: mcp
namespace: visa_transaction_ano
port: 8080
tools:
- name: handle-event
description: "When a transaction anomaly is detected, queries Splunk for details, creates a ServiceNow incident, and pages the fraud team via PagerDuty."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[payments] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "payments-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Visa Transaction Volume Query
▼
payments snowflake analytics
Queries Snowflake for transaction volume metrics by region and card type.
naftiko: "0.5"
info:
label: "Visa Transaction Volume Query"
description: "Queries Snowflake for transaction volume metrics by region and card type."
tags:
- payments
- snowflake
- analytics
capability:
exposes:
- type: mcp
namespace: visa_transaction_vol
port: 8080
tools:
- name: query-data
description: "Queries Snowflake for transaction volume metrics by region and card type."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
Visa Vendor Security Assessment Workflow
▼
security jira snowflake slack vendor-management
When a new vendor is proposed, creates a security assessment in Jira, queries compliance data from Snowflake, and notifies the security team.
naftiko: "0.5"
info:
label: "Visa Vendor Security Assessment Workflow"
description: "When a new vendor is proposed, creates a security assessment in Jira, queries compliance data from Snowflake, and notifies the security team."
tags:
- security
- jira
- snowflake
- slack
- vendor-management
capability:
exposes:
- type: mcp
namespace: visa_vendor_security
port: 8080
tools:
- name: handle-event
description: "When a new vendor is proposed, creates a security assessment in Jira, queries compliance data from Snowflake, and notifies the security team."
inputParameters:
- name: event_id
in: body
type: string
description: "The triggering event identifier."
- name: context
in: body
type: string
description: "Additional context for the event."
steps:
- name: gather-data
type: call
call: "snowflake-api.run-query"
with:
event_id: "{{event_id}}"
- name: create-ticket
type: call
call: "jira-api.create-issue"
with:
project: "OPS"
issuetype: "Task"
summary: "[security] {{event_id}} — {{context}}"
- name: notify-team
type: call
call: "slack-api.post-message"
with:
channel: "security-ops"
text: "Alert: {{event_id}} | {{context}} | Jira: {{create-ticket.key}}"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira-api
baseUri: "https://visa.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-api
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Workday Headcount and Compensation Snapshot
▼
hr finance reporting workday headcount compensation
Returns current headcount and compensation band distribution by department from Workday for finance reporting and headcount planning.
naftiko: "0.5"
info:
label: "Workday Headcount and Compensation Snapshot"
description: "Returns current headcount and compensation band distribution by department from Workday for finance reporting and headcount planning."
tags:
- hr
- finance
- reporting
- workday
- headcount
- compensation
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-snapshot
description: "Returns active employees grouped by department with compensation band distribution from Workday. Use for headcount planning and finance period-close reporting."
call: "workday-hc.list-workers"
outputParameters:
- name: workers
type: array
mapping: "$.Report_Entry"
items:
- name: employee_id
type: string
mapping: "$.Worker_ID"
- name: full_name
type: string
mapping: "$.Worker"
- name: department
type: string
mapping: "$.Organization"
- name: cost_center
type: string
mapping: "$.Cost_Center"
- name: compensation_grade
type: string
mapping: "$.Compensation_Grade"
consumes:
- type: http
namespace: workday-hc
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
operations:
- name: list-workers
method: GET
Workday Learning Compliance Assignment
▼
hr learning compliance workday servicenow pci-dss
Assigns mandatory PCI-DSS and AML compliance training in Workday Learning to employees based on their role and tracks completion via a ServiceNow monitoring task.
naftiko: "0.5"
info:
label: "Workday Learning Compliance Assignment"
description: "Assigns mandatory PCI-DSS and AML compliance training in Workday Learning to employees based on their role and tracks completion via a ServiceNow monitoring task."
tags:
- hr
- learning
- compliance
- workday
- servicenow
- pci-dss
capability:
exposes:
- type: mcp
namespace: compliance-learning
port: 8080
tools:
- name: assign-compliance-training
description: "Given an employee ID and training course ID, assign the mandatory compliance course in Workday Learning and create a ServiceNow tracking task for completion monitoring."
inputParameters:
- name: employee_id
in: body
type: string
description: "Workday employee ID."
- name: course_id
in: body
type: string
description: "Workday Learning course ID to assign."
- name: due_date
in: body
type: string
description: "Training completion due date in YYYY-MM-DD format."
- name: compliance_type
in: body
type: string
description: "Compliance category (e.g., PCI-DSS, AML, GDPR, Ethics)."
steps:
- name: assign-course
type: call
call: "workday-lms.assign-learning"
with:
worker_id: "{{employee_id}}"
course_id: "{{course_id}}"
due_date: "{{due_date}}"
- name: create-tracking-task
type: call
call: "servicenow-learning.create-task"
with:
short_description: "{{compliance_type}} training assigned to employee {{employee_id}}"
description: "Course {{course_id}} assigned. Compliance type: {{compliance_type}}. Due: {{due_date}}."
due_date: "{{due_date}}"
consumes:
- type: http
namespace: workday-lms
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: learning-assignments
path: "/learningCourseTopics"
operations:
- name: assign-learning
method: POST
- type: http
namespace: servicenow-learning
baseUri: "https://visa.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/sc_task"
operations:
- name: create-task
method: POST
Workday Payment Ops Headcount
▼
hr workday workforce
Returns current headcount and open positions for payment operations from Workday.
naftiko: "0.5"
info:
label: "Workday Payment Ops Headcount"
description: "Returns current headcount and open positions for payment operations from Workday."
tags:
- hr
- workday
- workforce
capability:
exposes:
- type: mcp
namespace: workday_payment_ops_
port: 8080
tools:
- name: query-data
description: "Returns current headcount and open positions for payment operations from Workday."
inputParameters:
- name: query_param
in: body
type: string
description: "The query parameter."
call: "snowflake-api.run-query"
with:
query_param: "{{query_param}}"
outputParameters:
- name: results
type: object
mapping: "$.data"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://visa.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST