Retrieves material master data from SAP by material number, returning description, unit of measure, material group, and plant assignments.

naftiko: '0.5'
info:
  label: SAP Material Master Lookup
  description: Retrieves material master data from SAP by material number, returning description, unit of measure, material group, and plant assignments.
  tags:
  - supply-chain
  - erp
  - sap
capability:
  exposes:
  - type: mcp
    namespace: material-master
    port: 8080
    tools:
    - name: get-material-master
      description: Given a SAP material number, return the material description, base unit of measure, material group, and assigned plants. Use when supply chain needs material details.
      inputParameters:
      - name: material_number
        in: body
        type: string
        description: SAP material number.
      call: sap-erp.get-material
      with:
        material: '{{material_number}}'
      outputParameters:
      - name: description
        type: string
        mapping: $.d.MaterialDescription
      - name: base_uom
        type: string
        mapping: $.d.BaseUnitOfMeasure
      - name: material_group
        type: string
        mapping: $.d.MaterialGroup
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: materials
      path: /A_Material('{{material}}')
      inputParameters:
      - name: material
        in: path
      operations:
      - name: get-material
        method: GET

Retrieves a travel request from SAP Concur by request ID, returning trip details, estimated cost, and approval status.

naftiko: '0.5'
info:
  label: SAP Concur Travel Request Lookup
  description: Retrieves a travel request from SAP Concur by request ID, returning trip details, estimated cost, and approval status.
  tags:
  - finance
  - travel
  - sap-concur
capability:
  exposes:
  - type: mcp
    namespace: travel-management
    port: 8080
    tools:
    - name: get-travel-request
      description: Given a Concur travel request ID, return the trip destination, dates, estimated cost, and approval status. Use when employees need travel request visibility.
      inputParameters:
      - name: request_id
        in: body
        type: string
        description: SAP Concur travel request ID.
      call: concur.get-request
      with:
        id: '{{request_id}}'
      outputParameters:
      - name: destination
        type: string
        mapping: $.MainDestination
      - name: start_date
        type: string
        mapping: $.StartDate
      - name: total_estimated_amount
        type: number
        mapping: $.TotalEstimatedAmount
      - name: approval_status
        type: string
        mapping: $.ApprovalStatusName
  consumes:
  - type: http
    namespace: concur
    baseUri: https://us.api.concursolutions.com/api/v3.0
    authentication:
      type: bearer
      token: $secrets.concur_token
    resources:
    - name: requests
      path: /travelrequest/requests/{{id}}
      inputParameters:
      - name: id
        in: path
      operations:
      - name: get-request
        method: GET

Triggers a Power BI dataset refresh for the executive KPI dashboard and posts a confirmation to the leadership Teams channel.

naftiko: '0.5'
info:
  label: Power BI Executive Dashboard Refresh
  description: Triggers a Power BI dataset refresh for the executive KPI dashboard and posts a confirmation to the leadership Teams channel.
  tags:
  - analytics
  - power-bi
  - reporting
  - executive
capability:
  exposes:
  - type: mcp
    namespace: exec-reporting
    port: 8080
    tools:
    - name: refresh-executive-dashboard
      description: Trigger a Power BI dataset refresh for the executive KPI dashboard and notify the leadership Teams channel when complete. Use each morning before leadership stand-ups to ensure dashboards reflect current data.
      inputParameters:
      - name: dataset_id
        in: body
        type: string
        description: Power BI dataset ID for the executive KPI dashboard.
      - name: leadership_channel_id
        in: body
        type: string
        description: Leadership Teams channel ID.
      steps:
      - name: refresh-pbi
        type: call
        call: powerbi-exec.trigger-refresh
        with:
          dataset_id: '{{dataset_id}}'
      - name: notify-leadership
        type: call
        call: msteams-exec.post-channel-message
        with:
          channel_id: '{{leadership_channel_id}}'
          text: 'Executive KPI dashboard refresh triggered (dataset {{dataset_id}}). Refresh ID: {{refresh-pbi.refreshId}}'
  consumes:
  - type: http
    namespace: powerbi-exec
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: dataset-refreshes
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST
  - type: http
    namespace: msteams-exec
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Triggers SAP S/4HANA month-end financial close, validates journal completeness, and notifies the finance team via Teams upon completion.

naftiko: '0.5'
info:
  label: Monthly Financial Period Close
  description: Triggers SAP S/4HANA month-end financial close, validates journal completeness, and notifies the finance team via Teams upon completion.
  tags:
  - finance
  - erp
  - period-close
  - sap
  - accounting
capability:
  exposes:
  - type: mcp
    namespace: finance-period-close
    port: 8080
    tools:
    - name: trigger-period-close
      description: Given a fiscal period and company code, initiate the SAP S/4HANA period close sequence and post completion status to the finance Teams channel. Use at month end to automate the financial close workflow.
      inputParameters:
      - name: fiscal_period
        in: body
        type: string
        description: Fiscal period in YYYYPP format, e.g. '202603'.
      - name: company_code
        in: body
        type: string
        description: SAP company code, e.g. 'ABBT'.
      - name: finance_channel_id
        in: body
        type: string
        description: Finance Teams channel ID.
      steps:
      - name: close-period
        type: call
        call: sap-fi-close.close-period
        with:
          fiscal_period: '{{fiscal_period}}'
          company_code: '{{company_code}}'
      - name: validate-postings
        type: call
        call: sap-fi-journal.check-completeness
        with:
          fiscal_period: '{{fiscal_period}}'
          company_code: '{{company_code}}'
      - name: notify-finance
        type: call
        call: msteams-finsclose.post-channel-message
        with:
          channel_id: '{{finance_channel_id}}'
          text: 'Period {{fiscal_period}} closed for company {{company_code}}. Journal status: {{validate-postings.status}} | Open items: {{validate-postings.open_count}}'
  consumes:
  - type: http
    namespace: sap-fi-close
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/FAR_PERIOD_CLOSE_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: period-close
      path: /PeriodClose
      operations:
      - name: close-period
        method: POST
  - type: http
    namespace: sap-fi-journal
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/FAR_JOURNAL_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: journal-validation
      path: /JournalEntryCompleteness
      inputParameters:
      - name: fiscal_period
        in: query
      - name: company_code
        in: query
      operations:
      - name: check-completeness
        method: GET
  - type: http
    namespace: msteams-finsclose
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When a GitHub Actions workflow fails on a protected branch, opens a Jira bug, creates a Datadog deployment marker, and alerts the engineering Teams channel.

naftiko: '0.5'
info:
  label: CI/CD Pipeline Failure Observability
  description: When a GitHub Actions workflow fails on a protected branch, opens a Jira bug, creates a Datadog deployment marker, and alerts the engineering Teams channel.
  tags:
  - devops
  - cicd
  - github
  - jira
  - datadog
capability:
  exposes:
  - type: mcp
    namespace: devops-ci
    port: 8080
    tools:
    - name: handle-pipeline-failure
      description: Given a GitHub Actions failure event with repo, branch, commit, and workflow details, open a Jira bug in the engineering project, create a Datadog deployment event, and post an alert to the engineering Teams channel. Use when a protected-branch CI pipeline fails.
      inputParameters:
      - name: repo
        in: body
        type: string
        description: GitHub repository full name.
      - name: branch
        in: body
        type: string
        description: Branch where the failure occurred.
      - name: commit_sha
        in: body
        type: string
        description: Failing commit SHA.
      - name: workflow_name
        in: body
        type: string
        description: Name of the failed GitHub Actions workflow.
      - name: run_url
        in: body
        type: string
        description: URL to the failed workflow run.
      - name: eng_channel_id
        in: body
        type: string
        description: Engineering Teams channel ID.
      steps:
      - name: create-bug
        type: call
        call: jira-eng.create-issue
        with:
          project_key: ENG
          issuetype: Bug
          summary: '[CI Failure] {{repo}} / {{branch}} — {{workflow_name}}'
          description: 'Commit: {{commit_sha}}

            Run: {{run_url}}'
      - name: log-deploy-event
        type: call
        call: datadog-ci.create-event
        with:
          title: 'CI Failure: {{repo}} — {{branch}}'
          text: Commit {{commit_sha}} | Workflow {{workflow_name}} failed
          alert_type: error
      - name: alert-eng
        type: call
        call: msteams-eng.post-channel-message
        with:
          channel_id: '{{eng_channel_id}}'
          text: 'CI Failure: {{repo}} | Branch: {{branch}} | Jira: {{create-bug.key}} | Run: {{run_url}}'
  consumes:
  - type: http
    namespace: jira-eng
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: datadog-ci
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: msteams-eng
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Launches a compensation review cycle by pulling performance ratings from Workday, generating recommendations, notifying managers, and creating approval tasks.

naftiko: '0.5'
info:
  label: Workday Compensation Review Orchestration
  description: Launches a compensation review cycle by pulling performance ratings from Workday, generating recommendations, notifying managers, and creating approval tasks.
  tags:
  - hr
  - finance
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: comp-review
    port: 8080
    tools:
    - name: launch-comp-review
      description: Given a department code and review cycle name, pull performance data, generate comp recommendations, notify managers, and create approval workflows. Use when HR launches annual compensation reviews.
      inputParameters:
      - name: department_code
        in: body
        type: string
        description: Workday department code.
      - name: cycle_name
        in: body
        type: string
        description: Compensation review cycle name.
      steps:
      - name: get-performance-data
        type: call
        call: workday.get-performance-ratings
        with:
          department: '{{department_code}}'
      - name: generate-recommendations
        type: call
        call: workday.create-comp-recommendations
        with:
          department: '{{department_code}}'
          cycle: '{{cycle_name}}'
          performance_data: '{{get-performance-data.ratings}}'
      - name: create-approval-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Compensation review approval: {{department_code}} - {{cycle_name}}'
          assigned_group: HR_Compensation
          category: hr_compensation
      - name: notify-managers
        type: call
        call: msteams.send-message
        with:
          channel_id: hr-compensation
          text: 'Compensation review cycle ''{{cycle_name}}'' launched for department {{department_code}}. {{generate-recommendations.count}} recommendations generated. Approval task: {{create-approval-task.number}}'
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: performance
      path: /performance/ratings
      operations:
      - name: get-performance-ratings
        method: GET
    - name: compensation
      path: /compensation/recommendations
      operations:
      - name: create-comp-recommendations
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the current status of a pending FDA 510(k) premarket notification by submission number from the regulatory affairs tracking system.

naftiko: '0.5'
info:
  label: FDA 510(k) Submission Status Lookup
  description: Retrieves the current status of a pending FDA 510(k) premarket notification by submission number from the regulatory affairs tracking system.
  tags:
  - regulatory
  - fda
  - veeva-vault
capability:
  exposes:
  - type: mcp
    namespace: regulatory-submissions
    port: 8080
    tools:
    - name: get-510k-status
      description: Given a 510(k) submission number, return the current review status, reviewer assignment, and expected decision date. Use when regulatory affairs needs to check submission progress.
      inputParameters:
      - name: submission_number
        in: body
        type: string
        description: FDA 510(k) submission number, e.g. 'K231234'.
      call: veeva-vault.get-submission
      with:
        submission_id: '{{submission_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.data.status
      - name: reviewer
        type: string
        mapping: $.data.assigned_reviewer
      - name: expected_decision_date
        type: string
        mapping: $.data.target_date
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: submissions
      path: /objects/submission__c/{{submission_id}}
      inputParameters:
      - name: submission_id
        in: path
      operations:
      - name: get-submission
        method: GET

Retrieves metadata for archived data files in Amazon S3, returning object size, storage class, and last modified date.

naftiko: '0.5'
info:
  label: Amazon S3 Data Archive Lookup
  description: Retrieves metadata for archived data files in Amazon S3, returning object size, storage class, and last modified date.
  tags:
  - data
  - cloud
  - amazon-s3
capability:
  exposes:
  - type: mcp
    namespace: data-archive
    port: 8080
    tools:
    - name: get-archive-metadata
      description: Given an S3 bucket and key prefix, return matching object metadata including size, storage class, and timestamps. Use when data teams need to locate archived datasets.
      inputParameters:
      - name: bucket
        in: body
        type: string
        description: S3 bucket name.
      - name: prefix
        in: body
        type: string
        description: Object key prefix.
      call: s3.list-objects
      with:
        bucket: '{{bucket}}'
        prefix: '{{prefix}}'
      outputParameters:
      - name: object_count
        type: integer
        mapping: $.KeyCount
      - name: total_size_bytes
        type: integer
        mapping: $.total_size
  consumes:
  - type: http
    namespace: s3
    baseUri: https://s3.amazonaws.com
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.aws_s3_auth
      placement: header
    resources:
    - name: objects
      path: /{{bucket}}?list-type=2&prefix={{prefix}}
      inputParameters:
      - name: bucket
        in: path
      - name: prefix
        in: query
      operations:
      - name: list-objects
        method: GET

At sprint start, syncs the Jira backlog prioritization to the Confluence planning page and posts the sprint goal to the engineering Teams channel.

naftiko: '0.5'
info:
  label: Jira Sprint Planning Board Sync
  description: At sprint start, syncs the Jira backlog prioritization to the Confluence planning page and posts the sprint goal to the engineering Teams channel.
  tags:
  - devops
  - jira
  - confluence
  - agile
  - engineering
capability:
  exposes:
  - type: mcp
    namespace: sprint-planning
    port: 8080
    tools:
    - name: sync-sprint-plan
      description: Given a Jira sprint ID and Confluence page ID, retrieve the sprint's planned issues and update the Confluence sprint planning page with the current backlog. Post the sprint goal to the engineering Teams channel. Use at sprint kickoff.
      inputParameters:
      - name: sprint_id
        in: body
        type: string
        description: Jira sprint ID to sync.
      - name: confluence_page_id
        in: body
        type: string
        description: Confluence page ID for the sprint planning document.
      - name: eng_channel_id
        in: body
        type: string
        description: Engineering Teams channel ID.
      steps:
      - name: get-sprint-issues
        type: call
        call: jira-sprint.get-sprint-issues
        with:
          sprint_id: '{{sprint_id}}'
      - name: update-confluence
        type: call
        call: confluence.update-page
        with:
          page_id: '{{confluence_page_id}}'
          content: 'Sprint {{sprint_id}} planned issues: {{get-sprint-issues.issue_keys}}'
      - name: post-sprint-goal
        type: call
        call: msteams-sprint.post-channel-message
        with:
          channel_id: '{{eng_channel_id}}'
          text: 'Sprint {{sprint_id}} started. {{get-sprint-issues.total_count}} issues planned. Confluence updated: {{update-confluence.url}}'
  consumes:
  - type: http
    namespace: jira-sprint
    baseUri: https://abbott.atlassian.net/rest/agile/1.0
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: sprint-issues
      path: /sprint/{{sprint_id}}/issue
      inputParameters:
      - name: sprint_id
        in: path
      operations:
      - name: get-sprint-issues
        method: GET
  - type: http
    namespace: confluence
    baseUri: https://abbott.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: pages
      path: /content/{{page_id}}
      inputParameters:
      - name: page_id
        in: path
      operations:
      - name: update-page
        method: PUT
  - type: http
    namespace: msteams-sprint
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Generates a supplier quality scorecard by pulling rejection rates from SAP, audit findings from ServiceNow, and delivery performance from the procurement system.

naftiko: '0.5'
info:
  label: Supplier Quality Scorecard Generation
  description: Generates a supplier quality scorecard by pulling rejection rates from SAP, audit findings from ServiceNow, and delivery performance from the procurement system.
  tags:
  - quality
  - procurement
  - sap
  - servicenow
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: supplier-quality
    port: 8080
    tools:
    - name: generate-supplier-scorecard
      description: Given a supplier ID, gather rejection rates, audit findings, and delivery metrics to produce a quality scorecard. Use when procurement or quality teams evaluate supplier performance.
      inputParameters:
      - name: supplier_id
        in: body
        type: string
        description: SAP supplier/vendor number.
      steps:
      - name: get-rejection-data
        type: call
        call: sap-erp.get-supplier-rejections
        with:
          vendor_id: '{{supplier_id}}'
      - name: get-audit-findings
        type: call
        call: servicenow.query-supplier-audits
        with:
          supplier_id: '{{supplier_id}}'
      - name: get-delivery-performance
        type: call
        call: sap-erp.get-delivery-metrics
        with:
          vendor_id: '{{supplier_id}}'
      - name: calculate-scorecard
        type: call
        call: snowflake.execute-query
        with:
          query_name: supplier_scorecard
          params: '{{supplier_id}},{{get-rejection-data.rejection_rate}},{{get-audit-findings.findings_count}},{{get-delivery-performance.on_time_rate}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_VENDOR_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: rejections
      path: /A_VendorRejection(Vendor='{{vendor_id}}')
      inputParameters:
      - name: vendor_id
        in: path
      operations:
      - name: get-supplier-rejections
        method: GET
    - name: delivery
      path: /A_VendorDelivery(Vendor='{{vendor_id}}')
      inputParameters:
      - name: vendor_id
        in: path
      operations:
      - name: get-delivery-metrics
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: audits
      path: /table/u_supplier_audit
      operations:
      - name: query-supplier-audits
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

Sends a contract for electronic signature via DocuSign, updates the Salesforce opportunity with the envelope status, and notifies legal when fully executed.

naftiko: '0.5'
info:
  label: DocuSign Contract Execution Orchestration
  description: Sends a contract for electronic signature via DocuSign, updates the Salesforce opportunity with the envelope status, and notifies legal when fully executed.
  tags:
  - legal
  - sales
  - docusign
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: contract-execution
    port: 8080
    tools:
    - name: send-contract-for-signature
      description: Given a Salesforce opportunity ID and contract template, send the contract via DocuSign, update CRM, and notify legal upon completion. Use when sales needs to execute a customer contract.
      inputParameters:
      - name: opportunity_id
        in: body
        type: string
        description: Salesforce opportunity ID.
      - name: template_id
        in: body
        type: string
        description: DocuSign template identifier.
      steps:
      - name: get-opportunity
        type: call
        call: salesforce.get-opportunity
        with:
          opp_id: '{{opportunity_id}}'
      - name: send-envelope
        type: call
        call: docusign.create-envelope
        with:
          template_id: '{{template_id}}'
          signer_email: '{{get-opportunity.contact_email}}'
          signer_name: '{{get-opportunity.contact_name}}'
      - name: update-crm
        type: call
        call: salesforce.update-opportunity
        with:
          opp_id: '{{opportunity_id}}'
          contract_status: Sent for Signature
          envelope_id: '{{send-envelope.envelope_id}}'
      - name: notify-legal
        type: call
        call: msteams.send-message
        with:
          channel_id: legal-contracts
          text: 'Contract sent for {{get-opportunity.account_name}} via DocuSign. Envelope: {{send-envelope.envelope_id}}. Opportunity: {{opportunity_id}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /sobjects/Opportunity/{{opp_id}}
      inputParameters:
      - name: opp_id
        in: path
      operations:
      - name: get-opportunity
        method: GET
      - name: update-opportunity
        method: PATCH
  - type: http
    namespace: docusign
    baseUri: https://na4.docusign.net/restapi/v2.1
    authentication:
      type: bearer
      token: $secrets.docusign_token
    resources:
    - name: envelopes
      path: /accounts/{{account_id}}/envelopes
      operations:
      - name: create-envelope
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves budget vs actual figures for an SAP cost center, returning planned budget, actual spend, and variance.

naftiko: '0.5'
info:
  label: SAP Cost Center Budget Lookup
  description: Retrieves budget vs actual figures for an SAP cost center, returning planned budget, actual spend, and variance.
  tags:
  - finance
  - erp
  - sap
capability:
  exposes:
  - type: mcp
    namespace: cost-center-budget
    port: 8080
    tools:
    - name: get-cost-center-budget
      description: Given a cost center code and fiscal period, return the planned budget, actual spend, and variance. Use when finance needs budget performance data.
      inputParameters:
      - name: cost_center
        in: body
        type: string
        description: SAP cost center code.
      - name: fiscal_period
        in: body
        type: string
        description: Fiscal period, e.g. '2026-03'.
      call: sap-erp.get-budget
      with:
        cost_center: '{{cost_center}}'
        period: '{{fiscal_period}}'
      outputParameters:
      - name: planned_budget
        type: number
        mapping: $.d.PlannedAmount
      - name: actual_spend
        type: number
        mapping: $.d.ActualAmount
      - name: variance
        type: number
        mapping: $.d.Variance
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/FI_CO_BUDGET_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: budgets
      path: /A_CostCenterBudget(CostCenter='{{cost_center}}',Period='{{period}}')
      inputParameters:
      - name: cost_center
        in: path
      - name: period
        in: path
      operations:
      - name: get-budget
        method: GET

When an environmental monitoring sensor detects an out-of-spec condition in a cleanroom, creates an incident, alerts quality, logs a deviation, and triggers investigation.

naftiko: '0.5'
info:
  label: Environmental Monitoring Alert Response
  description: When an environmental monitoring sensor detects an out-of-spec condition in a cleanroom, creates an incident, alerts quality, logs a deviation, and triggers investigation.
  tags:
  - manufacturing
  - quality
  - compliance
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: env-monitoring
    port: 8080
    tools:
    - name: handle-env-excursion
      description: Given a sensor ID, parameter name, and measured value, create an incident, alert quality, log a deviation, and initiate investigation. Use when cleanroom environmental monitoring detects out-of-spec conditions.
      inputParameters:
      - name: sensor_id
        in: body
        type: string
        description: Environmental monitoring sensor identifier.
      - name: parameter_name
        in: body
        type: string
        description: Parameter out of spec, e.g. 'particle_count', 'temperature', 'humidity'.
      - name: measured_value
        in: body
        type: string
        description: The measured out-of-spec value.
      steps:
      - name: create-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Environmental excursion: {{parameter_name}} at sensor {{sensor_id}}'
          category: manufacturing_quality
          priority: '2'
          assigned_group: Quality_Assurance
      - name: log-deviation
        type: call
        call: servicenow.create-deviation
        with:
          description: 'Environmental excursion: {{parameter_name}} measured {{measured_value}} at sensor {{sensor_id}}'
          area: cleanroom
          incident_ref: '{{create-incident.number}}'
      - name: alert-quality
        type: call
        call: msteams.send-message
        with:
          channel_id: quality-alerts
          text: 'ENV ALERT: {{parameter_name}} excursion at sensor {{sensor_id}}. Value: {{measured_value}}. Deviation: {{log-deviation.number}}. Incident: {{create-incident.number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
    - name: deviations
      path: /table/u_deviation
      operations:
      - name: create-deviation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When AWS Cost Anomaly Detection raises an alert, creates a Datadog event, opens a Jira ticket for the cloud team, and posts an alert to the FinOps Teams channel.

naftiko: '0.5'
info:
  label: Cloud Cost Anomaly Response
  description: When AWS Cost Anomaly Detection raises an alert, creates a Datadog event, opens a Jira ticket for the cloud team, and posts an alert to the FinOps Teams channel.
  tags:
  - finops
  - cloud
  - aws
  - datadog
  - jira
capability:
  exposes:
  - type: mcp
    namespace: finops-ops
    port: 8080
    tools:
    - name: handle-cost-anomaly
      description: Given an AWS cost anomaly ID, service name, and estimated overage, create a Datadog warning event, open a Jira ticket for the cloud FinOps team, and post to the FinOps Teams channel. Use when AWS Cost Anomaly Detection triggers above the configured threshold.
      inputParameters:
      - name: anomaly_id
        in: body
        type: string
        description: AWS Cost Anomaly Detection anomaly ID.
      - name: service_name
        in: body
        type: string
        description: AWS service generating the cost anomaly.
      - name: estimated_overage_usd
        in: body
        type: number
        description: Estimated cost overage in USD.
      - name: finops_channel_id
        in: body
        type: string
        description: FinOps Teams channel ID.
      steps:
      - name: create-dd-event
        type: call
        call: datadog.create-event
        with:
          title: 'AWS Cost Anomaly: {{service_name}}'
          text: Anomaly {{anomaly_id}} — estimated overage ${{estimated_overage_usd}}
          alert_type: warning
      - name: open-jira
        type: call
        call: jira-cloud.create-issue
        with:
          project_key: CLOUD
          issuetype: Task
          summary: 'Cost anomaly: {{service_name}} +${{estimated_overage_usd}}'
          description: 'AWS anomaly {{anomaly_id}}. Datadog: {{create-dd-event.id}}. Investigate and remediate.'
      - name: alert-finops
        type: call
        call: msteams-finops.post-channel-message
        with:
          channel_id: '{{finops_channel_id}}'
          text: 'AWS Cost Anomaly on {{service_name}}: +${{estimated_overage_usd}} | Jira: {{open-jira.key}} | Datadog: {{create-dd-event.url}}'
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: jira-cloud
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-finops
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When an R&D experiment completes, ingests results into Snowflake, triggers quality validation, generates summary statistics, and notifies the research team.

naftiko: '0.5'
info:
  label: R&D Experiment Data Pipeline Orchestration
  description: When an R&D experiment completes, ingests results into Snowflake, triggers quality validation, generates summary statistics, and notifies the research team.
  tags:
  - rd
  - analytics
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: rd-data-pipeline
    port: 8080
    tools:
    - name: process-experiment-results
      description: Given an experiment ID and data file path, ingest results, validate quality, generate statistics, and notify researchers. Use when laboratory automation completes an experiment run.
      inputParameters:
      - name: experiment_id
        in: body
        type: string
        description: R&D experiment identifier.
      - name: data_path
        in: body
        type: string
        description: S3 path to the experiment results file.
      steps:
      - name: ingest-data
        type: call
        call: snowflake.execute-query
        with:
          query_name: ingest_experiment_data
          params: '{{experiment_id}},{{data_path}}'
      - name: validate-quality
        type: call
        call: snowflake.execute-query
        with:
          query_name: validate_experiment_quality
          params: '{{experiment_id}}'
      - name: generate-statistics
        type: call
        call: snowflake.execute-query
        with:
          query_name: experiment_summary_stats
          params: '{{experiment_id}}'
      - name: notify-researchers
        type: call
        call: msteams.send-message
        with:
          channel_id: rd-lab-results
          text: 'Experiment {{experiment_id}} processed. Quality: {{validate-quality.pass_rate}}% pass rate. Mean result: {{generate-statistics.mean_value}}.'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Tracks regulatory submission status for clinical trial documents in Veeva Vault, logs updates in ServiceNow, and notifies the regulatory affairs team via Teams.

naftiko: '0.5'
info:
  label: Clinical Trial Regulatory Submission Tracker
  description: Tracks regulatory submission status for clinical trial documents in Veeva Vault, logs updates in ServiceNow, and notifies the regulatory affairs team via Teams.
  tags:
  - regulatory
  - clinical
  - veeva
  - servicenow
  - healthcare
capability:
  exposes:
  - type: mcp
    namespace: regulatory-ops
    port: 8080
    tools:
    - name: track-submission-status
      description: Given a Veeva Vault document ID, retrieve the current regulatory submission status, update the corresponding ServiceNow record, and notify the regulatory affairs Teams channel. Use when regulatory teams need to track submission milestones.
      inputParameters:
      - name: vault_document_id
        in: body
        type: string
        description: Veeva Vault document ID for the regulatory submission.
      - name: servicenow_record_id
        in: body
        type: string
        description: ServiceNow record sys_id to update with submission status.
      - name: teams_channel_id
        in: body
        type: string
        description: Regulatory affairs Teams channel ID.
      steps:
      - name: get-doc-status
        type: call
        call: veeva-vault.get-document
        with:
          document_id: '{{vault_document_id}}'
      - name: update-snow-record
        type: call
        call: servicenow-reg.update-record
        with:
          sys_id: '{{servicenow_record_id}}'
          submission_status: '{{get-doc-status.lifecycle_state}}'
          last_updated: '{{get-doc-status.modified_date}}'
      - name: notify-reg-team
        type: call
        call: msteams-reg.post-channel-message
        with:
          channel_id: '{{teams_channel_id}}'
          text: 'Regulatory submission {{vault_document_id}} status: {{get-doc-status.lifecycle_state}} (updated {{get-doc-status.modified_date}}). ServiceNow updated: {{servicenow_record_id}}'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_token
    resources:
    - name: documents
      path: /objects/documents/{{document_id}}
      inputParameters:
      - name: document_id
        in: path
      operations:
      - name: get-document
        method: GET
  - type: http
    namespace: servicenow-reg
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: records
      path: /table/u_regulatory_submission/{{sys_id}}
      inputParameters:
      - name: sys_id
        in: path
      operations:
      - name: update-record
        method: PATCH
  - type: http
    namespace: msteams-reg
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Manages reagent lot release by checking QC test results in SAP, verifying specifications, creating the release certificate, and notifying distribution.

naftiko: '0.5'
info:
  label: Diagnostic Reagent Lot Release Orchestration
  description: Manages reagent lot release by checking QC test results in SAP, verifying specifications, creating the release certificate, and notifying distribution.
  tags:
  - quality
  - manufacturing
  - diagnostics
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: lot-release
    port: 8080
    tools:
    - name: release-reagent-lot
      description: Given a batch number and product code, verify QC results, generate release certificate, update SAP status, and notify distribution. Use when quality assurance releases a diagnostic reagent lot.
      inputParameters:
      - name: batch_number
        in: body
        type: string
        description: Manufacturing batch number.
      - name: product_code
        in: body
        type: string
        description: Diagnostic reagent product code.
      steps:
      - name: get-qc-results
        type: call
        call: sap-erp.get-inspection
        with:
          batch: '{{batch_number}}'
          material: '{{product_code}}'
      - name: update-batch-status
        type: call
        call: sap-erp.release-batch
        with:
          batch: '{{batch_number}}'
          status: released
      - name: create-certificate
        type: call
        call: servicenow.create-task
        with:
          short_description: 'CoA generation: Batch {{batch_number}} - {{product_code}}'
          category: quality_release
          assigned_group: Quality_Assurance
      - name: notify-distribution
        type: call
        call: msteams.send-message
        with:
          channel_id: diagnostics-distribution
          text: 'Reagent lot {{batch_number}} ({{product_code}}) released. QC result: {{get-qc-results.result}}. CoA task: {{create-certificate.number}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/QM_INSPECTION_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: inspections
      path: /A_InspectionResult
      operations:
      - name: get-inspection
        method: GET
    - name: batches
      path: /A_BatchRelease
      operations:
      - name: release-batch
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a medical device complaint exceeds severity threshold, automatically creates a CAPA record, notifies the quality team, and updates the complaint tracking system.

naftiko: '0.5'
info:
  label: Device Complaint to CAPA Orchestration
  description: When a medical device complaint exceeds severity threshold, automatically creates a CAPA record, notifies the quality team, and updates the complaint tracking system.
  tags:
  - quality
  - regulatory
  - servicenow
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: quality-complaint-capa
    port: 8080
    tools:
    - name: escalate-complaint-to-capa
      description: Given a complaint case ID, evaluate severity and create a CAPA if threshold is met, notify quality leadership, and update the complaint record. Use when quality assurance identifies a high-severity device complaint.
      inputParameters:
      - name: complaint_case_id
        in: body
        type: string
        description: Salesforce complaint case ID.
      steps:
      - name: get-complaint
        type: call
        call: salesforce.get-case
        with:
          case_id: '{{complaint_case_id}}'
      - name: create-capa
        type: call
        call: servicenow.create-capa
        with:
          short_description: 'CAPA from complaint: {{get-complaint.subject}}'
          severity: '{{get-complaint.severity}}'
          product_code: '{{get-complaint.product_code}}'
          source_complaint: '{{complaint_case_id}}'
      - name: notify-quality
        type: call
        call: msteams.send-message
        with:
          channel_id: quality-leadership
          text: 'CAPA {{create-capa.number}} created from device complaint {{complaint_case_id}} - Severity: {{get-complaint.severity}} - Product: {{get-complaint.product_code}}'
      - name: update-complaint
        type: call
        call: salesforce.update-case
        with:
          case_id: '{{complaint_case_id}}'
          capa_reference: '{{create-capa.number}}'
          status: CAPA Initiated
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case/{{case_id}}
      inputParameters:
      - name: case_id
        in: path
      operations:
      - name: get-case
        method: GET
      - name: update-case
        method: PATCH
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: capa
      path: /table/u_capa
      operations:
      - name: create-capa
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channels
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Checks a GitHub repository for branch protection rules, required reviewers, and security scanning configuration.

naftiko: '0.5'
info:
  label: GitHub Repository Compliance Check
  description: Checks a GitHub repository for branch protection rules, required reviewers, and security scanning configuration.
  tags:
  - security
  - devops
  - github
capability:
  exposes:
  - type: mcp
    namespace: repo-compliance
    port: 8080
    tools:
    - name: check-repo-compliance
      description: Given a GitHub repository name, return branch protection status, required reviewer count, and security scanning enablement. Use when engineering leads need to verify repo governance.
      inputParameters:
      - name: repo_name
        in: body
        type: string
        description: GitHub repository name in org/repo format.
      call: github.get-repo-settings
      with:
        repo: '{{repo_name}}'
      outputParameters:
      - name: branch_protection_enabled
        type: boolean
        mapping: $.data.branch_protection
      - name: required_reviewers
        type: integer
        mapping: $.data.required_reviewers
      - name: security_scanning
        type: boolean
        mapping: $.data.security_scanning_enabled
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: repos
      path: /repos/{{repo}}
      inputParameters:
      - name: repo
        in: path
      operations:
      - name: get-repo-settings
        method: GET

When a product recall is initiated, creates a ServiceNow high-priority incident, notifies the recall coordinator team in Teams, and opens a Salesforce case for customer communication tracking.

naftiko: '0.5'
info:
  label: Recall Management Notification Workflow
  description: When a product recall is initiated, creates a ServiceNow high-priority incident, notifies the recall coordinator team in Teams, and opens a Salesforce case for customer communication tracking.
  tags:
  - regulatory
  - recall
  - servicenow
  - salesforce
  - healthcare
capability:
  exposes:
  - type: mcp
    namespace: recall-ops
    port: 8080
    tools:
    - name: initiate-recall-workflow
      description: Given a product lot number, recall class, and affected market, create a P1 ServiceNow recall incident, open a Salesforce case for customer communication tracking, and notify the recall coordinator Teams channel. Use when a product recall decision is made.
      inputParameters:
      - name: product_name
        in: body
        type: string
        description: Product name subject to recall.
      - name: lot_numbers
        in: body
        type: string
        description: Comma-separated list of affected lot numbers.
      - name: recall_class
        in: body
        type: string
        description: 'FDA recall classification: I, II, or III.'
      - name: affected_markets
        in: body
        type: string
        description: Comma-separated list of affected markets/countries.
      - name: recall_channel_id
        in: body
        type: string
        description: Recall coordinator Teams channel ID.
      steps:
      - name: create-recall-incident
        type: call
        call: servicenow-recall.create-incident
        with:
          short_description: Product Recall — {{product_name}} — Class {{recall_class}}
          description: 'Lots: {{lot_numbers}} | Markets: {{affected_markets}}'
          priority: '1'
          category: Product_Recall
      - name: create-cx-case
        type: call
        call: salesforce-recall.create-case
        with:
          subject: Recall notification — {{product_name}} Class {{recall_class}}
          description: 'Recall initiated. Lots: {{lot_numbers}}. INC: {{create-recall-incident.number}}'
          priority: High
      - name: notify-recall-team
        type: call
        call: msteams-recall.post-channel-message
        with:
          channel_id: '{{recall_channel_id}}'
          text: 'PRODUCT RECALL: {{product_name}} Class {{recall_class}} | Lots: {{lot_numbers}} | Markets: {{affected_markets}} | INC: {{create-recall-incident.number}} | Case: {{create-cx-case.case_number}}'
  consumes:
  - type: http
    namespace: servicenow-recall
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: salesforce-recall
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case
      operations:
      - name: create-case
        method: POST
  - type: http
    namespace: msteams-recall
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Queries the Kong API gateway for health status of registered services, returning uptime, request counts, and error rates.

naftiko: '0.5'
info:
  label: API Gateway Health Check
  description: Queries the Kong API gateway for health status of registered services, returning uptime, request counts, and error rates.
  tags:
  - it
  - integration
  - kong
capability:
  exposes:
  - type: mcp
    namespace: api-health
    port: 8080
    tools:
    - name: check-api-gateway-health
      description: Given a service name, return the API gateway health metrics including uptime, request volume, and error rate. Use when platform engineering needs API service visibility.
      inputParameters:
      - name: service_name
        in: body
        type: string
        description: Kong service name.
      call: kong.get-service-status
      with:
        service: '{{service_name}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.data.status
      - name: request_count
        type: integer
        mapping: $.data.request_count
      - name: error_rate
        type: number
        mapping: $.data.error_rate
  consumes:
  - type: http
    namespace: kong
    baseUri: https://abbott-api.konghq.com/admin-api
    authentication:
      type: apikey
      key: apikey
      value: $secrets.kong_admin_key
      placement: header
    resources:
    - name: services
      path: /services/{{service}}/status
      inputParameters:
      - name: service
        in: path
      operations:
      - name: get-service-status
        method: GET

When a critical security alert fires, creates a security incident, isolates the affected endpoint, notifies the SOC team, and logs the event for compliance.

naftiko: '0.5'
info:
  label: Security Incident Response Orchestration
  description: When a critical security alert fires, creates a security incident, isolates the affected endpoint, notifies the SOC team, and logs the event for compliance.
  tags:
  - security
  - it
  - crowdstrike
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: security-incident-response
    port: 8080
    tools:
    - name: respond-to-security-incident
      description: Given a CrowdStrike detection ID and hostname, create a security incident, isolate the endpoint, notify the SOC, and log for compliance. Use when SOC analysts confirm a real threat.
      inputParameters:
      - name: detection_id
        in: body
        type: string
        description: CrowdStrike detection ID.
      - name: hostname
        in: body
        type: string
        description: Affected endpoint hostname.
      steps:
      - name: create-sec-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Security incident: threat on {{hostname}}'
          category: security
          priority: '1'
          assigned_group: SOC
      - name: isolate-endpoint
        type: call
        call: crowdstrike.contain-host
        with:
          hostname: '{{hostname}}'
      - name: notify-soc
        type: call
        call: msteams.send-message
        with:
          channel_id: security-ops-center
          text: 'CRITICAL: Security incident {{create-sec-incident.number}} - Host {{hostname}} isolated. Detection: {{detection_id}}. Containment status: {{isolate-endpoint.status}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: crowdstrike
    baseUri: https://api.crowdstrike.com
    authentication:
      type: bearer
      token: $secrets.crowdstrike_token
    resources:
    - name: hosts
      path: /devices/entities/host-actions/v2
      operations:
      - name: contain-host
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Enrolls a Salesforce lead in a Marketo nurture program based on product interest, and syncs engagement data back to Salesforce after 30 days.

naftiko: '0.5'
info:
  label: Marketo Lead Nurture Enrollment
  description: Enrolls a Salesforce lead in a Marketo nurture program based on product interest, and syncs engagement data back to Salesforce after 30 days.
  tags:
  - marketing
  - salesforce
  - marketo
  - lead-nurture
  - crm
capability:
  exposes:
  - type: mcp
    namespace: lead-nurture
    port: 8080
    tools:
    - name: enroll-lead-in-nurture
      description: Given a Salesforce lead ID and Marketo program ID, retrieve the lead's details from Salesforce and enroll them in the specified Marketo nurture program. Use when marketing qualifies a lead for a product-specific nurture track.
      inputParameters:
      - name: salesforce_lead_id
        in: body
        type: string
        description: Salesforce lead record ID.
      - name: marketo_program_id
        in: body
        type: string
        description: Marketo program ID for the nurture campaign.
      steps:
      - name: get-lead
        type: call
        call: salesforce-leads.get-lead
        with:
          lead_id: '{{salesforce_lead_id}}'
      - name: enroll-marketo
        type: call
        call: marketo-nurture.add-to-program
        with:
          email: '{{get-lead.Email}}'
          first_name: '{{get-lead.FirstName}}'
          last_name: '{{get-lead.LastName}}'
          program_id: '{{marketo_program_id}}'
  consumes:
  - type: http
    namespace: salesforce-leads
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: leads
      path: /sobjects/Lead/{{lead_id}}
      inputParameters:
      - name: lead_id
        in: path
      operations:
      - name: get-lead
        method: GET
  - type: http
    namespace: marketo-nurture
    baseUri: https://abbott.mktorest.com/rest/v1
    authentication:
      type: bearer
      token: $secrets.marketo_token
    resources:
    - name: program-members
      path: /leads/programs/{{program_id}}.json
      inputParameters:
      - name: program_id
        in: path
      operations:
      - name: add-to-program
        method: POST

Retrieves Abbott employer brand metrics from LinkedIn including follower count, engagement rate, and talent pipeline statistics.

naftiko: '0.5'
info:
  label: LinkedIn Employer Brand Metrics Lookup
  description: Retrieves Abbott employer brand metrics from LinkedIn including follower count, engagement rate, and talent pipeline statistics.
  tags:
  - hr
  - marketing
  - linkedin
capability:
  exposes:
  - type: mcp
    namespace: employer-brand
    port: 8080
    tools:
    - name: get-employer-metrics
      description: Return current LinkedIn employer brand metrics including follower count, post engagement rate, and talent pipeline size. Use when HR or employer brand teams need performance data.
      inputParameters:
      - name: time_period
        in: body
        type: string
        description: Reporting period, e.g. 'last_30_days'.
      call: linkedin.get-organization-stats
      with:
        period: '{{time_period}}'
      outputParameters:
      - name: follower_count
        type: integer
        mapping: $.data.followerCount
      - name: engagement_rate
        type: number
        mapping: $.data.engagementRate
      - name: talent_pipeline_size
        type: integer
        mapping: $.data.talentPipelineSize
  consumes:
  - type: http
    namespace: linkedin
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: organization-stats
      path: /organizationPageStatistics
      operations:
      - name: get-organization-stats
        method: GET

Enriches a Salesforce healthcare customer account with ZoomInfo firmographic data and syncs the updated record to SAP for billing alignment.

naftiko: '0.5'
info:
  label: Salesforce Customer Account Enrichment
  description: Enriches a Salesforce healthcare customer account with ZoomInfo firmographic data and syncs the updated record to SAP for billing alignment.
  tags:
  - crm
  - sales
  - salesforce
  - data-enrichment
  - healthcare
capability:
  exposes:
  - type: mcp
    namespace: crm-enrichment
    port: 8080
    tools:
    - name: enrich-customer-account
      description: Given a Salesforce account ID and ZoomInfo company match key, fetch firmographic data from ZoomInfo, update the Salesforce account, and sync key fields to the SAP customer master. Use when account records need to be refreshed with current company data.
      inputParameters:
      - name: salesforce_account_id
        in: body
        type: string
        description: Salesforce Account record ID.
      - name: zoominfo_company_id
        in: body
        type: string
        description: ZoomInfo company ID for firmographic lookup.
      steps:
      - name: get-firmographics
        type: call
        call: zoominfo.get-company
        with:
          company_id: '{{zoominfo_company_id}}'
      - name: update-sf-account
        type: call
        call: salesforce-acct.update-account
        with:
          account_id: '{{salesforce_account_id}}'
          employees: '{{get-firmographics.employee_count}}'
          annual_revenue: '{{get-firmographics.revenue}}'
          industry: '{{get-firmographics.industry}}'
      - name: sync-sap-customer
        type: call
        call: sap-erp-crm.update-customer
        with:
          account_id: '{{salesforce_account_id}}'
          company_name: '{{get-firmographics.company_name}}'
          industry: '{{get-firmographics.industry}}'
  consumes:
  - type: http
    namespace: zoominfo
    baseUri: https://api.zoominfo.com/search
    authentication:
      type: bearer
      token: $secrets.zoominfo_token
    resources:
    - name: companies
      path: /company/{{company_id}}
      inputParameters:
      - name: company_id
        in: path
      operations:
      - name: get-company
        method: GET
  - type: http
    namespace: salesforce-acct
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: accounts
      path: /sobjects/Account/{{account_id}}
      inputParameters:
      - name: account_id
        in: path
      operations:
      - name: update-account
        method: PATCH
  - type: http
    namespace: sap-erp-crm
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/BUSINESS_PARTNER_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: customers
      path: /A_BusinessPartner/{{account_id}}
      inputParameters:
      - name: account_id
        in: path
      operations:
      - name: update-customer
        method: PATCH

Looks up a manufacturing batch record in SAP to return batch status, yield data, and quality release information.

naftiko: '0.5'
info:
  label: Manufacturing Batch Record Status Check
  description: Looks up a manufacturing batch record in SAP to return batch status, yield data, and quality release information.
  tags:
  - manufacturing
  - quality
  - sap
capability:
  exposes:
  - type: mcp
    namespace: manufacturing-batch
    port: 8080
    tools:
    - name: get-batch-status
      description: Given a batch number, return the manufacturing batch record status, yield percentage, and quality release status. Use when production teams need batch visibility.
      inputParameters:
      - name: batch_number
        in: body
        type: string
        description: SAP batch number, e.g. 'BATCH-2026-001234'.
      call: sap-erp.get-batch-record
      with:
        batch_id: '{{batch_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.d.BatchStatus
      - name: yield_percentage
        type: number
        mapping: $.d.YieldPercent
      - name: quality_release
        type: string
        mapping: $.d.QualityReleaseStatus
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: batch-records
      path: /A_BatchRecord('{{batch_id}}')
      inputParameters:
      - name: batch_id
        in: path
      operations:
      - name: get-batch-record
        method: GET

Coordinates a new FreeStyle Libre product launch by creating a Marketo campaign, updating Salesforce opportunity stages, and scheduling LinkedIn promotional content.

naftiko: '0.5'
info:
  label: FreeStyle Libre Device Launch Campaign
  description: Coordinates a new FreeStyle Libre product launch by creating a Marketo campaign, updating Salesforce opportunity stages, and scheduling LinkedIn promotional content.
  tags:
  - marketing
  - salesforce
  - marketo
  - linkedin
  - medical-devices
capability:
  exposes:
  - type: mcp
    namespace: product-launch
    port: 8080
    tools:
    - name: setup-device-launch-campaign
      description: Given a product name, launch date, and target segment, create a Marketo email campaign, update related Salesforce opportunities to the pre-launch stage, and schedule a LinkedIn post for the launch date. Use when marketing a new medical device launch.
      inputParameters:
      - name: product_name
        in: body
        type: string
        description: Product name, e.g. 'FreeStyle Libre 3 Plus'.
      - name: launch_date
        in: body
        type: string
        description: Product launch date in YYYY-MM-DD format.
      - name: target_segment
        in: body
        type: string
        description: Target audience segment, e.g. 'Endocrinologists' or 'Diabetes Care'.
      - name: linkedin_copy
        in: body
        type: string
        description: Copy text for the LinkedIn announcement post.
      steps:
      - name: create-marketo-campaign
        type: call
        call: marketo.create-campaign
        with:
          name: '{{product_name}} Launch — {{launch_date}}'
          segment: '{{target_segment}}'
          start_date: '{{launch_date}}'
      - name: update-sf-opportunities
        type: call
        call: salesforce-opps.update-opportunities
        with:
          product_name: '{{product_name}}'
          stage_name: Pre-Launch
      - name: schedule-linkedin-post
        type: call
        call: linkedin-mkt.create-post
        with:
          text: '{{linkedin_copy}}'
          scheduled_time: '{{launch_date}}'
  consumes:
  - type: http
    namespace: marketo
    baseUri: https://abbott.mktorest.com/rest/v1
    authentication:
      type: bearer
      token: $secrets.marketo_token
    resources:
    - name: campaigns
      path: /campaigns.json
      operations:
      - name: create-campaign
        method: POST
  - type: http
    namespace: salesforce-opps
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /sobjects/Opportunity
      operations:
      - name: update-opportunities
        method: PATCH
  - type: http
    namespace: linkedin-mkt
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: posts
      path: /ugcPosts
      operations:
      - name: create-post
        method: POST

When a new employee is created in Workday, opens a ServiceNow onboarding ticket, provisions their Okta account, and sends a Microsoft Teams welcome message.

naftiko: '0.5'
info:
  label: New Hire Onboarding Orchestration
  description: When a new employee is created in Workday, opens a ServiceNow onboarding ticket, provisions their Okta account, and sends a Microsoft Teams welcome message.
  tags:
  - hr
  - onboarding
  - workday
  - servicenow
  - okta
capability:
  exposes:
  - type: mcp
    namespace: hr-onboarding
    port: 8080
    tools:
    - name: trigger-employee-onboarding
      description: Given a Workday employee ID and start date, create a ServiceNow onboarding task, provision the employee's Okta account, and send a Teams welcome message. Use when HR confirms a new hire in Workday.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: Workday worker ID for the new hire.
      - name: start_date
        in: body
        type: string
        description: Employee start date in YYYY-MM-DD format.
      steps:
      - name: get-employee
        type: call
        call: workday.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Onboarding: {{get-employee.first_name}} {{get-employee.last_name}}'
          category: hr_onboarding
          assigned_group: IT_Onboarding
      - name: provision-okta
        type: call
        call: okta.create-user
        with:
          firstName: '{{get-employee.first_name}}'
          lastName: '{{get-employee.last_name}}'
          email: '{{get-employee.work_email}}'
          login: '{{get-employee.work_email}}'
      - name: send-welcome
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{get-employee.work_email}}'
          text: 'Welcome to Abbott, {{get-employee.first_name}}! Your IT onboarding ticket is {{create-ticket.number}}. Start date: {{start_date}}'
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: okta
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: users
      path: /users
      operations:
      - name: create-user
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /users/{{recipient_upn}}/sendMail
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves an employee profile from Workday by worker ID, returning name, department, job title, manager, and location.

naftiko: '0.5'
info:
  label: Workday Employee Profile Lookup
  description: Retrieves an employee profile from Workday by worker ID, returning name, department, job title, manager, and location.
  tags:
  - hr
  - workday
capability:
  exposes:
  - type: mcp
    namespace: hr-profile
    port: 8080
    tools:
    - name: get-employee-profile
      description: Given a Workday worker ID, return the employee name, department, title, manager, and work location. Use when HR or managers need employee information.
      inputParameters:
      - name: worker_id
        in: body
        type: string
        description: Workday worker ID.
      call: workday.get-worker
      with:
        worker_id: '{{worker_id}}'
      outputParameters:
      - name: full_name
        type: string
        mapping: $.data.full_name
      - name: department
        type: string
        mapping: $.data.department
      - name: job_title
        type: string
        mapping: $.data.job_title
      - name: manager
        type: string
        mapping: $.data.manager_name
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET

Queries Datadog for the current health status of a monitored application, returning uptime, error rate, and active alerts.

naftiko: '0.5'
info:
  label: Datadog Application Health Check
  description: Queries Datadog for the current health status of a monitored application, returning uptime, error rate, and active alerts.
  tags:
  - it
  - observability
  - datadog
capability:
  exposes:
  - type: mcp
    namespace: app-monitoring
    port: 8080
    tools:
    - name: get-app-health
      description: Given a Datadog service name, return the current uptime percentage, error rate, and count of active alerts. Use when SRE teams need quick application health visibility.
      inputParameters:
      - name: service_name
        in: body
        type: string
        description: Datadog service name.
      call: datadog.get-service-summary
      with:
        service: '{{service_name}}'
      outputParameters:
      - name: uptime_percent
        type: number
        mapping: $.data.uptime
      - name: error_rate
        type: number
        mapping: $.data.error_rate
      - name: active_alerts
        type: integer
        mapping: $.data.active_alerts_count
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: services
      path: /service_summary?service={{service}}
      inputParameters:
      - name: service
        in: query
      operations:
      - name: get-service-summary
        method: GET

Triggers a refresh of the diagnostics division revenue dashboard in Power BI and returns the refresh status.

naftiko: '0.5'
info:
  label: Power BI Diagnostics Revenue Refresh
  description: Triggers a refresh of the diagnostics division revenue dashboard in Power BI and returns the refresh status.
  tags:
  - analytics
  - finance
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: bi-refresh
    port: 8080
    tools:
    - name: refresh-diagnostics-dashboard
      description: Trigger a dataset refresh for the diagnostics revenue Power BI dashboard and return the refresh status. Use when finance needs updated revenue figures.
      inputParameters:
      - name: dataset_id
        in: body
        type: string
        description: Power BI dataset identifier.
      call: powerbi.trigger-refresh
      with:
        dataset_id: '{{dataset_id}}'
      outputParameters:
      - name: refresh_id
        type: string
        mapping: $.id
      - name: status
        type: string
        mapping: $.status
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: datasets
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Posts a goods receipt in SAP for an inbound delivery, updating inventory and triggering quality inspection if required.

naftiko: '0.5'
info:
  label: SAP Goods Receipt Posting
  description: Posts a goods receipt in SAP for an inbound delivery, updating inventory and triggering quality inspection if required.
  tags:
  - supply-chain
  - manufacturing
  - sap
capability:
  exposes:
  - type: mcp
    namespace: goods-receipt
    port: 8080
    tools:
    - name: post-goods-receipt
      description: Given a delivery number, post the goods receipt in SAP and return the material document number. Use when warehouse teams confirm receipt of materials.
      inputParameters:
      - name: delivery_number
        in: body
        type: string
        description: SAP inbound delivery number.
      call: sap-erp.post-gr
      with:
        delivery: '{{delivery_number}}'
      outputParameters:
      - name: material_document
        type: string
        mapping: $.d.MaterialDocument
      - name: posting_date
        type: string
        mapping: $.d.PostingDate
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_GR_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: goods-receipts
      path: /A_GoodsReceipt
      operations:
      - name: post-gr
        method: POST

Manages a product development phase gate review by collecting deliverable status, scheduling the review meeting, generating the gate package, and notifying the review board.

naftiko: '0.5'
info:
  label: Product Lifecycle Phase Gate Orchestration
  description: Manages a product development phase gate review by collecting deliverable status, scheduling the review meeting, generating the gate package, and notifying the review board.
  tags:
  - rd
  - quality
  - manufacturing
  - jira
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: phase-gate
    port: 8080
    tools:
    - name: execute-phase-gate-review
      description: Given a project key and gate number, collect deliverable status, schedule the review, build the gate package, and notify the board. Use when R&D project management prepares for a phase gate review.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: Jira project key.
      - name: gate_number
        in: body
        type: string
        description: Phase gate number, e.g. 'Gate-3'.
      steps:
      - name: get-deliverable-status
        type: call
        call: jira.search-issues
        with:
          jql: project={{project_key}} AND labels={{gate_number}}
      - name: create-review-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Phase gate review: {{project_key}} {{gate_number}}'
          category: rd_review
          assigned_group: Product_Review_Board
      - name: notify-board
        type: call
        call: msteams.send-message
        with:
          channel_id: product-review-board
          text: '{{gate_number}} review for {{project_key}} scheduled. Deliverables: {{get-deliverable-status.total}} total, {{get-deliverable-status.done}} complete. Review task: {{create-review-task.number}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: search
      path: /search
      operations:
      - name: search-issues
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Manages a formula change for nutrition products by creating a change control, scheduling impact assessment, updating SAP BOM, and notifying regulatory and quality teams.

naftiko: '0.5'
info:
  label: Nutrition Formula Change Control Orchestration
  description: Manages a formula change for nutrition products by creating a change control, scheduling impact assessment, updating SAP BOM, and notifying regulatory and quality teams.
  tags:
  - manufacturing
  - quality
  - regulatory
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: formula-change
    port: 8080
    tools:
    - name: initiate-formula-change
      description: Given a product code and change description, create a change control, assess impact, update BOM, and notify stakeholders. Use when R&D or quality initiates a nutrition formula change.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: Abbott nutrition product code.
      - name: change_description
        in: body
        type: string
        description: Description of the formula change.
      steps:
      - name: create-change-control
        type: call
        call: servicenow.create-change
        with:
          short_description: 'Formula change: {{product_code}} - {{change_description}}'
          category: manufacturing
          assigned_group: Quality_Change_Control
      - name: check-bom
        type: call
        call: sap-erp.get-bom
        with:
          material: '{{product_code}}'
      - name: notify-stakeholders
        type: call
        call: msteams.send-message
        with:
          channel_id: nutrition-quality
          text: 'Formula change initiated for {{product_code}}: {{change_description}}. Change control: {{create-change-control.number}}. Current BOM components: {{check-bom.component_count}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PP_BOM_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: bom
      path: /A_BillOfMaterial('{{material}}')
      inputParameters:
      - name: material
        in: path
      operations:
      - name: get-bom
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Provisions a new cloud environment by triggering a Terraform run, configuring Datadog monitoring, creating a ServiceNow CMDB record, and notifying the DevOps team.

naftiko: '0.5'
info:
  label: Terraform Environment Provisioning Orchestration
  description: Provisions a new cloud environment by triggering a Terraform run, configuring Datadog monitoring, creating a ServiceNow CMDB record, and notifying the DevOps team.
  tags:
  - devops
  - cloud
  - terraform
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: env-provisioning
    port: 8080
    tools:
    - name: provision-environment
      description: Given an environment name and Terraform workspace, run the infrastructure plan, configure monitoring, register in CMDB, and notify DevOps. Use when engineering needs a new cloud environment.
      inputParameters:
      - name: environment_name
        in: body
        type: string
        description: Name for the new environment.
      - name: workspace_id
        in: body
        type: string
        description: Terraform Cloud workspace ID.
      steps:
      - name: trigger-terraform
        type: call
        call: terraform.create-run
        with:
          workspace_id: '{{workspace_id}}'
          message: Provisioning {{environment_name}}
      - name: configure-monitoring
        type: call
        call: datadog.create-monitor
        with:
          name: '{{environment_name}} health'
          type: service check
          query: service:{{environment_name}}
      - name: create-cmdb-record
        type: call
        call: servicenow.create-ci
        with:
          name: '{{environment_name}}'
          category: cloud_environment
          terraform_run: '{{trigger-terraform.run_id}}'
      - name: notify-devops
        type: call
        call: msteams.send-message
        with:
          channel_id: devops-infra
          text: 'Environment {{environment_name}} provisioning started. Terraform run: {{trigger-terraform.run_id}}. CMDB: {{create-cmdb-record.sys_id}}'
  consumes:
  - type: http
    namespace: terraform
    baseUri: https://app.terraform.io/api/v2
    authentication:
      type: bearer
      token: $secrets.terraform_token
    resources:
    - name: runs
      path: /workspaces/{{workspace_id}}/runs
      inputParameters:
      - name: workspace_id
        in: path
      operations:
      - name: create-run
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: monitors
      path: /monitor
      operations:
      - name: create-monitor
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: cmdb
      path: /table/cmdb_ci
      operations:
      - name: create-ci
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Queries SAP for vendor payment status by invoice number, returning payment date, amount, and clearing document.

naftiko: '0.5'
info:
  label: SAP Vendor Payment Status Lookup
  description: Queries SAP for vendor payment status by invoice number, returning payment date, amount, and clearing document.
  tags:
  - finance
  - procurement
  - sap
capability:
  exposes:
  - type: mcp
    namespace: vendor-payments
    port: 8080
    tools:
    - name: get-payment-status
      description: Given an SAP invoice number, return the payment status, payment date, amount paid, and clearing document number. Use when accounts payable needs to verify vendor payment status.
      inputParameters:
      - name: invoice_number
        in: body
        type: string
        description: SAP invoice document number.
      call: sap-erp.get-invoice-payment
      with:
        invoice: '{{invoice_number}}'
      outputParameters:
      - name: payment_status
        type: string
        mapping: $.d.PaymentStatus
      - name: payment_date
        type: string
        mapping: $.d.PaymentDate
      - name: amount_paid
        type: number
        mapping: $.d.AmountPaid
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/FI_AP_INVOICE_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: invoices
      path: /A_Invoice('{{invoice}}')/payments
      inputParameters:
      - name: invoice
        in: path
      operations:
      - name: get-invoice-payment
        method: GET

When a serious adverse event is reported, logs it in the safety database, notifies the medical monitor, creates a regulatory filing task, and updates the trial management system.

naftiko: '0.5'
info:
  label: Clinical Trial Adverse Event Reporting
  description: When a serious adverse event is reported, logs it in the safety database, notifies the medical monitor, creates a regulatory filing task, and updates the trial management system.
  tags:
  - clinical
  - regulatory
  - safety
  - oracle
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: clinical-safety
    port: 8080
    tools:
    - name: report-adverse-event
      description: Given a study ID, patient ID, and event description, log the adverse event in the safety database, alert the medical monitor, create a regulatory task, and update the CTMS. Use when clinical sites report serious adverse events.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      - name: patient_id
        in: body
        type: string
        description: Patient subject identifier.
      - name: event_description
        in: body
        type: string
        description: Description of the adverse event.
      - name: severity
        in: body
        type: string
        description: 'Event severity: mild, moderate, severe, life-threatening.'
      steps:
      - name: log-safety-event
        type: call
        call: oracle-argus.create-case
        with:
          study_id: '{{study_id}}'
          subject_id: '{{patient_id}}'
          description: '{{event_description}}'
          seriousness: '{{severity}}'
      - name: notify-medical-monitor
        type: call
        call: msteams.send-message
        with:
          channel_id: medical-monitoring
          text: 'SAE Alert - Study {{study_id}}, Patient {{patient_id}}: {{event_description}} ({{severity}}). Argus case: {{log-safety-event.case_number}}'
      - name: create-regulatory-task
        type: call
        call: servicenow.create-task
        with:
          short_description: Regulatory SAE report - {{log-safety-event.case_number}}
          category: regulatory_filing
          priority: '1'
          assigned_group: Regulatory_Safety
      - name: update-ctms
        type: call
        call: oracle-clinical.update-study-event
        with:
          study_id: '{{study_id}}'
          subject_id: '{{patient_id}}'
          safety_case: '{{log-safety-event.case_number}}'
  consumes:
  - type: http
    namespace: oracle-argus
    baseUri: https://abbott-argus.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_argus_token
    resources:
    - name: cases
      path: /cases
      operations:
      - name: create-case
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: oracle-clinical
    baseUri: https://abbott-ctms.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_ctms_token
    resources:
    - name: study-events
      path: /studies/{{study_id}}/subjects/{{subject_id}}/events
      inputParameters:
      - name: study_id
        in: path
      - name: subject_id
        in: path
      operations:
      - name: update-study-event
        method: POST

Queries the clinical trial management system for current patient enrollment counts, site-level progress, and projected completion dates for a given study.

naftiko: '0.5'
info:
  label: Clinical Trial Patient Enrollment Tracker
  description: Queries the clinical trial management system for current patient enrollment counts, site-level progress, and projected completion dates for a given study.
  tags:
  - clinical
  - rd
  - oracle
capability:
  exposes:
  - type: mcp
    namespace: clinical-enrollment
    port: 8080
    tools:
    - name: get-enrollment-status
      description: Given a clinical study ID, return current enrollment count, target enrollment, site breakdown, and projected completion date. Use when clinical ops needs enrollment visibility.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical trial study identifier.
      call: oracle-clinical.get-study-enrollment
      with:
        study_id: '{{study_id}}'
      outputParameters:
      - name: enrolled_count
        type: integer
        mapping: $.data.enrolled
      - name: target_count
        type: integer
        mapping: $.data.target
      - name: projected_completion
        type: string
        mapping: $.data.projected_completion_date
  consumes:
  - type: http
    namespace: oracle-clinical
    baseUri: https://abbott-ctms.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_ctms_token
    resources:
    - name: studies
      path: /studies/{{study_id}}/enrollment
      inputParameters:
      - name: study_id
        in: path
      operations:
      - name: get-study-enrollment
        method: GET

Retrieves marketing campaign performance metrics from Marketo by campaign ID, returning send count, open rate, click rate, and conversions.

naftiko: '0.5'
info:
  label: Marketo Campaign Performance Lookup
  description: Retrieves marketing campaign performance metrics from Marketo by campaign ID, returning send count, open rate, click rate, and conversions.
  tags:
  - marketing
  - analytics
  - marketo
capability:
  exposes:
  - type: mcp
    namespace: campaign-analytics
    port: 8080
    tools:
    - name: get-campaign-performance
      description: Given a Marketo campaign ID, return send count, open rate, click-through rate, and conversion count. Use when marketing teams need campaign performance data.
      inputParameters:
      - name: campaign_id
        in: body
        type: string
        description: Marketo campaign ID.
      call: marketo.get-campaign-stats
      with:
        id: '{{campaign_id}}'
      outputParameters:
      - name: sends
        type: integer
        mapping: $.result.sends
      - name: open_rate
        type: number
        mapping: $.result.openRate
      - name: click_rate
        type: number
        mapping: $.result.clickRate
  consumes:
  - type: http
    namespace: marketo
    baseUri: https://abbott.mktorest.com/rest
    authentication:
      type: bearer
      token: $secrets.marketo_token
    resources:
    - name: campaigns
      path: /v1/campaigns/{{id}}/stats.json
      inputParameters:
      - name: id
        in: path
      operations:
      - name: get-campaign-stats
        method: GET

Submits a ServiceNow change request for planned IT maintenance, routes it through CAB approval, and notifies affected teams in Microsoft Teams.

naftiko: '0.5'
info:
  label: IT Change Management Request
  description: Submits a ServiceNow change request for planned IT maintenance, routes it through CAB approval, and notifies affected teams in Microsoft Teams.
  tags:
  - itsm
  - change-management
  - servicenow
  - approval
  - it-ops
capability:
  exposes:
  - type: mcp
    namespace: change-mgmt
    port: 8080
    tools:
    - name: submit-change-request
      description: Given a change description, affected systems, and maintenance window, create a ServiceNow change request and notify the change advisory board Teams channel. Use when engineering teams plan maintenance affecting production systems.
      inputParameters:
      - name: short_description
        in: body
        type: string
        description: Brief description of the change.
      - name: description
        in: body
        type: string
        description: Full change details including rollback plan.
      - name: planned_start
        in: body
        type: string
        description: Planned start time in ISO 8601 format.
      - name: planned_end
        in: body
        type: string
        description: Planned end time in ISO 8601 format.
      - name: cab_channel_id
        in: body
        type: string
        description: CAB Teams channel ID.
      steps:
      - name: create-change
        type: call
        call: servicenow-chg.create-change-request
        with:
          short_description: '{{short_description}}'
          description: '{{description}}'
          start_date: '{{planned_start}}'
          end_date: '{{planned_end}}'
          type: normal
      - name: notify-cab
        type: call
        call: msteams-cab.post-channel-message
        with:
          channel_id: '{{cab_channel_id}}'
          text: 'Change Request {{create-change.number}}: {{short_description}} | Window: {{planned_start}} to {{planned_end}} | Status: awaiting CAB approval'
  consumes:
  - type: http
    namespace: servicenow-chg
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: change-requests
      path: /table/change_request
      operations:
      - name: create-change-request
        method: POST
  - type: http
    namespace: msteams-cab
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Analyzes customer complaint trends by querying Snowflake for complaint data grouped by product line, category, and time period.

naftiko: '0.5'
info:
  label: Customer Complaint Trend Analysis
  description: Analyzes customer complaint trends by querying Snowflake for complaint data grouped by product line, category, and time period.
  tags:
  - quality
  - analytics
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: complaint-analytics
    port: 8080
    tools:
    - name: analyze-complaint-trends
      description: Given a product line and time period, return complaint counts by category, trending patterns, and comparison to prior period. Use when quality teams need complaint trend visibility.
      inputParameters:
      - name: product_line
        in: body
        type: string
        description: Product line name, e.g. 'Diagnostics', 'Nutrition', 'Medical Devices'.
      - name: period
        in: body
        type: string
        description: Analysis period, e.g. 'last_90_days'.
      call: snowflake.execute-query
      with:
        query_name: complaint_trend_analysis
        params: '{{product_line}},{{period}}'
      outputParameters:
      - name: total_complaints
        type: integer
        mapping: $.data[0].total
      - name: top_category
        type: string
        mapping: $.data[0].top_category
      - name: trend_direction
        type: string
        mapping: $.data[0].trend
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

Deploys a machine learning model from Databricks to production by registering the model, running validation, deploying the endpoint, and notifying the data science team.

naftiko: '0.5'
info:
  label: Databricks ML Model Deployment Orchestration
  description: Deploys a machine learning model from Databricks to production by registering the model, running validation, deploying the endpoint, and notifying the data science team.
  tags:
  - rd
  - ai
  - databricks
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: ml-deployment
    port: 8080
    tools:
    - name: deploy-ml-model
      description: Given a model name and version, register it, run validation tests, deploy to serving endpoint, and notify the team. Use when data science approves a model for production deployment.
      inputParameters:
      - name: model_name
        in: body
        type: string
        description: Databricks model name.
      - name: model_version
        in: body
        type: string
        description: Model version number.
      steps:
      - name: register-model
        type: call
        call: databricks.register-model-version
        with:
          name: '{{model_name}}'
          version: '{{model_version}}'
          stage: Production
      - name: create-change-request
        type: call
        call: servicenow.create-change
        with:
          short_description: 'ML model deployment: {{model_name}} v{{model_version}}'
          category: application
          assigned_group: Data_Science
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: data-science
          text: 'Model {{model_name}} v{{model_version}} deployed to production. Change request: {{create-change-request.number}}'
  consumes:
  - type: http
    namespace: databricks
    baseUri: https://abbott.cloud.databricks.com/api/2.0
    authentication:
      type: bearer
      token: $secrets.databricks_token
    resources:
    - name: models
      path: /mlflow/model-versions/transition-stage
      operations:
      - name: register-model-version
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves a regulatory or quality document from Veeva Vault by document number, returning metadata, version, and approval status.

naftiko: '0.5'
info:
  label: Veeva Vault Document Retrieval
  description: Retrieves a regulatory or quality document from Veeva Vault by document number, returning metadata, version, and approval status.
  tags:
  - regulatory
  - quality
  - veeva-vault
capability:
  exposes:
  - type: mcp
    namespace: vault-documents
    port: 8080
    tools:
    - name: get-vault-document
      description: Given a Veeva Vault document number, return the document metadata, current version, lifecycle state, and approval status. Use when teams need to locate regulated documents.
      inputParameters:
      - name: document_number
        in: body
        type: string
        description: Veeva Vault document number.
      call: veeva-vault.get-document
      with:
        doc_number: '{{document_number}}'
      outputParameters:
      - name: title
        type: string
        mapping: $.data.name__v
      - name: version
        type: string
        mapping: $.data.major_version_number__v
      - name: lifecycle_state
        type: string
        mapping: $.data.status__v
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /objects/documents/{{doc_number}}
      inputParameters:
      - name: doc_number
        in: path
      operations:
      - name: get-document
        method: GET

When GitHub Advanced Security detects a critical CVE in a product codebase, creates a Jira security ticket, logs a Datadog event, and alerts the cybersecurity team in Teams.

naftiko: '0.5'
info:
  label: GitHub Security Vulnerability Alert Triage
  description: When GitHub Advanced Security detects a critical CVE in a product codebase, creates a Jira security ticket, logs a Datadog event, and alerts the cybersecurity team in Teams.
  tags:
  - security
  - github
  - devops
  - jira
  - vulnerability
capability:
  exposes:
  - type: mcp
    namespace: sec-vuln
    port: 8080
    tools:
    - name: triage-security-alert
      description: Given a GitHub security alert with CVE, severity, and affected package, create a high-priority Jira security ticket, log a Datadog error event, and alert the cybersecurity Teams channel. Use when GitHub Advanced Security emits a critical alert on a product or clinical system repo.
      inputParameters:
      - name: repo
        in: body
        type: string
        description: GitHub repository full name.
      - name: cve_id
        in: body
        type: string
        description: CVE identifier.
      - name: severity
        in: body
        type: string
        description: 'Severity: critical, high, medium, or low.'
      - name: package_name
        in: body
        type: string
        description: Affected package name.
      - name: sec_channel_id
        in: body
        type: string
        description: Cybersecurity Teams channel ID.
      steps:
      - name: create-sec-ticket
        type: call
        call: jira-sec.create-issue
        with:
          project_key: SEC
          issuetype: Bug
          summary: '[{{severity}}] {{cve_id}} in {{repo}} — {{package_name}}'
          description: 'CVE: {{cve_id}} | Package: {{package_name}} | Severity: {{severity}} | Repo: {{repo}}'
          priority: Highest
      - name: log-dd-event
        type: call
        call: datadog-sec.create-event
        with:
          title: 'Security vulnerability: {{cve_id}} in {{repo}}'
          text: 'Package {{package_name}} | Severity: {{severity}} | Jira: {{create-sec-ticket.key}}'
          alert_type: error
      - name: alert-security-team
        type: call
        call: msteams-sec.post-channel-message
        with:
          channel_id: '{{sec_channel_id}}'
          text: 'SECURITY: {{severity}} CVE {{cve_id}} in {{repo}} / {{package_name}} | Jira: {{create-sec-ticket.key}} | Datadog: {{log-dd-event.url}}'
  consumes:
  - type: http
    namespace: jira-sec
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: datadog-sec
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: msteams-sec
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Queries Azure Cost Management for current month spend by resource group, returning cost breakdown and budget utilization.

naftiko: '0.5'
info:
  label: Azure Resource Cost Lookup
  description: Queries Azure Cost Management for current month spend by resource group, returning cost breakdown and budget utilization.
  tags:
  - it
  - cloud
  - microsoft-azure
capability:
  exposes:
  - type: mcp
    namespace: cloud-cost
    port: 8080
    tools:
    - name: get-resource-group-cost
      description: Given an Azure resource group name, return current month spend, budget limit, and utilization percentage. Use when FinOps teams need cost visibility.
      inputParameters:
      - name: resource_group
        in: body
        type: string
        description: Azure resource group name.
      call: azure.get-cost-summary
      with:
        rg_name: '{{resource_group}}'
      outputParameters:
      - name: current_spend
        type: number
        mapping: $.properties.rows[0].cost
      - name: budget_limit
        type: number
        mapping: $.properties.budget_limit
      - name: utilization_percent
        type: number
        mapping: $.properties.utilization
  consumes:
  - type: http
    namespace: azure
    baseUri: https://management.azure.com
    authentication:
      type: bearer
      token: $secrets.azure_token
    resources:
    - name: cost-management
      path: /subscriptions/{{subscription_id}}/resourceGroups/{{rg_name}}/providers/Microsoft.CostManagement/query
      inputParameters:
      - name: rg_name
        in: path
      operations:
      - name: get-cost-summary
        method: POST

Triggers a refresh of the quality metrics Tableau dashboard and returns the extraction completion status.

naftiko: '0.5'
info:
  label: Tableau Quality Dashboard Refresh
  description: Triggers a refresh of the quality metrics Tableau dashboard and returns the extraction completion status.
  tags:
  - quality
  - analytics
  - tableau
capability:
  exposes:
  - type: mcp
    namespace: quality-analytics
    port: 8080
    tools:
    - name: refresh-quality-dashboard
      description: Given a Tableau workbook name, trigger a data extract refresh and return the job status. Use when quality teams need updated dashboard metrics.
      inputParameters:
      - name: workbook_name
        in: body
        type: string
        description: Tableau workbook name.
      call: tableau.trigger-refresh
      with:
        workbook: '{{workbook_name}}'
      outputParameters:
      - name: job_id
        type: string
        mapping: $.job.id
      - name: status
        type: string
        mapping: $.job.status
  consumes:
  - type: http
    namespace: tableau
    baseUri: https://abbott.online.tableau.com/api/3.19
    authentication:
      type: bearer
      token: $secrets.tableau_token
    resources:
    - name: workbooks
      path: /sites/{{site_id}}/workbooks/{{workbook}}/refresh
      inputParameters:
      - name: workbook
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Retrieves Azure Active Directory group membership for a user, returning all group names and their types.

naftiko: '0.5'
info:
  label: Azure AD Group Membership Lookup
  description: Retrieves Azure Active Directory group membership for a user, returning all group names and their types.
  tags:
  - security
  - identity
  - azure-active-directory
capability:
  exposes:
  - type: mcp
    namespace: ad-groups
    port: 8080
    tools:
    - name: get-user-groups
      description: Given a user principal name, return all Azure AD group memberships with group names and types. Use when IT security needs to audit user group assignments.
      inputParameters:
      - name: user_upn
        in: body
        type: string
        description: User principal name (email).
      call: azure-ad.get-member-of
      with:
        upn: '{{user_upn}}'
      outputParameters:
      - name: group_count
        type: integer
        mapping: $.value.length
  consumes:
  - type: http
    namespace: azure-ad
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.azure_ad_token
    resources:
    - name: users
      path: /users/{{upn}}/memberOf
      inputParameters:
      - name: upn
        in: path
      operations:
      - name: get-member-of
        method: GET

Triggers an Informatica Cloud data integration job and returns the run status and processed record count.

naftiko: '0.5'
info:
  label: Informatica Data Integration Job Trigger
  description: Triggers an Informatica Cloud data integration job and returns the run status and processed record count.
  tags:
  - data
  - integration
  - informatica
capability:
  exposes:
  - type: mcp
    namespace: data-integration
    port: 8080
    tools:
    - name: trigger-integration-job
      description: Given an Informatica task ID, trigger the data integration job and return the run ID and status. Use when data engineering needs to manually trigger ETL jobs.
      inputParameters:
      - name: task_id
        in: body
        type: string
        description: Informatica Cloud task identifier.
      call: informatica.start-job
      with:
        taskId: '{{task_id}}'
      outputParameters:
      - name: run_id
        type: string
        mapping: $.runId
      - name: status
        type: string
        mapping: $.status
  consumes:
  - type: http
    namespace: informatica
    baseUri: https://na1.dm-us.informaticacloud.com/saas/api/v2
    authentication:
      type: bearer
      token: $secrets.informatica_token
    resources:
    - name: jobs
      path: /job
      operations:
      - name: start-job
        method: POST

Orchestrates the release pipeline for FreeStyle Libre CGM firmware by running validation tests, creating release notes, updating the artifact repository, and notifying regulatory.

naftiko: '0.5'
info:
  label: Libre CGM Firmware Release Orchestration
  description: Orchestrates the release pipeline for FreeStyle Libre CGM firmware by running validation tests, creating release notes, updating the artifact repository, and notifying regulatory.
  tags:
  - rd
  - devops
  - medical-device
  - github
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: firmware-release
    port: 8080
    tools:
    - name: orchestrate-firmware-release
      description: Given a firmware version and release branch, trigger validation, generate release notes, publish artifacts, and notify regulatory. Use when R&D approves a firmware build for release.
      inputParameters:
      - name: firmware_version
        in: body
        type: string
        description: Firmware version string, e.g. 'v3.2.1'.
      - name: release_branch
        in: body
        type: string
        description: Git branch name for the release.
      steps:
      - name: trigger-validation
        type: call
        call: github.create-workflow-dispatch
        with:
          repo: abbott/libre-firmware
          workflow: validation-suite.yml
          ref: '{{release_branch}}'
      - name: create-release-notes
        type: call
        call: github.create-release
        with:
          repo: abbott/libre-firmware
          tag: '{{firmware_version}}'
          name: FreeStyle Libre Firmware {{firmware_version}}
      - name: create-regulatory-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Regulatory review: Libre firmware {{firmware_version}}'
          category: regulatory_review
          assigned_group: Regulatory_Affairs
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: libre-engineering
          text: 'Firmware {{firmware_version}} release initiated. Validation running. Regulatory task: {{create-regulatory-task.number}}'
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: workflow-dispatch
      path: /repos/{{repo}}/actions/workflows/{{workflow}}/dispatches
      inputParameters:
      - name: repo
        in: path
      - name: workflow
        in: path
      operations:
      - name: create-workflow-dispatch
        method: POST
    - name: releases
      path: /repos/{{repo}}/releases
      inputParameters:
      - name: repo
        in: path
      operations:
      - name: create-release
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves an employee's benefits enrollment status from Workday, returning current plan selections, coverage levels, and enrollment deadlines.

naftiko: '0.5'
info:
  label: Workday Benefits Enrollment Status
  description: Retrieves an employee's benefits enrollment status from Workday, returning current plan selections, coverage levels, and enrollment deadlines.
  tags:
  - hr
  - benefits
  - workday
capability:
  exposes:
  - type: mcp
    namespace: benefits-enrollment
    port: 8080
    tools:
    - name: get-benefits-status
      description: Given a Workday worker ID, return the employee's current benefits elections, coverage levels, and open enrollment deadline. Use when HR or employees need benefits information.
      inputParameters:
      - name: worker_id
        in: body
        type: string
        description: Workday worker ID.
      call: workday.get-benefits
      with:
        worker_id: '{{worker_id}}'
      outputParameters:
      - name: medical_plan
        type: string
        mapping: $.data.medical_plan
      - name: dental_plan
        type: string
        mapping: $.data.dental_plan
      - name: enrollment_deadline
        type: string
        mapping: $.data.enrollment_deadline
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: benefits
      path: /workers/{{worker_id}}/benefits
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-benefits
        method: GET

Retrieves the current status, priority, and assignment details for a ServiceNow incident by ticket number.

naftiko: '0.5'
info:
  label: ServiceNow Incident Status Lookup
  description: Retrieves the current status, priority, and assignment details for a ServiceNow incident by ticket number.
  tags:
  - it
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: it-incidents
    port: 8080
    tools:
    - name: get-incident-status
      description: Given a ServiceNow incident number, return the current state, priority, assigned group, and short description. Use when IT support needs to check ticket status.
      inputParameters:
      - name: incident_number
        in: body
        type: string
        description: ServiceNow incident number, e.g. 'INC0012345'.
      call: servicenow.get-incident
      with:
        number: '{{incident_number}}'
      outputParameters:
      - name: state
        type: string
        mapping: $.result.state
      - name: priority
        type: string
        mapping: $.result.priority
      - name: assigned_to
        type: string
        mapping: $.result.assigned_to.display_value
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident?sysparm_query=number={{number}}
      inputParameters:
      - name: number
        in: query
      operations:
      - name: get-incident
        method: GET

Manages equipment calibration by checking due dates in SAP, scheduling the calibration, assigning technicians, and updating the calibration certificate in the QMS.

naftiko: '0.5'
info:
  label: Equipment Calibration Orchestration
  description: Manages equipment calibration by checking due dates in SAP, scheduling the calibration, assigning technicians, and updating the calibration certificate in the QMS.
  tags:
  - quality
  - manufacturing
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: calibration-mgmt
    port: 8080
    tools:
    - name: schedule-calibration
      description: Given an equipment ID, check calibration due date, schedule the calibration, assign a technician, and update the QMS. Use when quality assurance manages calibration schedules.
      inputParameters:
      - name: equipment_id
        in: body
        type: string
        description: SAP equipment identifier.
      steps:
      - name: check-due-date
        type: call
        call: sap-erp.get-calibration-status
        with:
          equipment: '{{equipment_id}}'
      - name: create-work-order
        type: call
        call: servicenow.create-work-order
        with:
          short_description: 'Calibration: Equipment {{equipment_id}}'
          category: calibration
          assigned_group: Metrology_Lab
          due_date: '{{check-due-date.next_cal_date}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: quality-calibration
          text: 'Calibration scheduled for equipment {{equipment_id}}. Due: {{check-due-date.next_cal_date}}. Work order: {{create-work-order.number}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PM_EQUIPMENT_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: equipment
      path: /A_Equipment('{{equipment}}')/calibration
      inputParameters:
      - name: equipment
        in: path
      operations:
      - name: get-calibration-status
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: work-orders
      path: /table/wm_order
      operations:
      - name: create-work-order
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves a Salesforce account record by account ID, returning account name, industry, annual revenue, and owner details.

naftiko: '0.5'
info:
  label: Salesforce Account Lookup
  description: Retrieves a Salesforce account record by account ID, returning account name, industry, annual revenue, and owner details.
  tags:
  - sales
  - crm
  - salesforce
capability:
  exposes:
  - type: mcp
    namespace: crm-accounts
    port: 8080
    tools:
    - name: get-account
      description: Given a Salesforce account ID, return the account name, industry, annual revenue, and account owner. Use when sales teams need quick account details.
      inputParameters:
      - name: account_id
        in: body
        type: string
        description: Salesforce account ID.
      call: salesforce.get-account
      with:
        id: '{{account_id}}'
      outputParameters:
      - name: name
        type: string
        mapping: $.Name
      - name: industry
        type: string
        mapping: $.Industry
      - name: annual_revenue
        type: number
        mapping: $.AnnualRevenue
      - name: owner
        type: string
        mapping: $.Owner.Name
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: accounts
      path: /sobjects/Account/{{id}}
      inputParameters:
      - name: id
        in: path
      operations:
      - name: get-account
        method: GET

Scans SAP Ariba for supplier contracts expiring within 90 days, creates Jira procurement tasks, and emails contract owners via Microsoft 365.

naftiko: '0.5'
info:
  label: SAP Ariba Contract Expiry Alerts
  description: Scans SAP Ariba for supplier contracts expiring within 90 days, creates Jira procurement tasks, and emails contract owners via Microsoft 365.
  tags:
  - procurement
  - contract-management
  - sap-ariba
  - jira
  - finance
capability:
  exposes:
  - type: mcp
    namespace: contract-renewal
    port: 8080
    tools:
    - name: alert-expiring-contracts
      description: Given a look-ahead window, fetch expiring contracts from SAP Ariba, create a Jira renewal task for each contract, and email the contract owner. Use monthly to proactively manage supplier contract renewals.
      inputParameters:
      - name: days_ahead
        in: body
        type: integer
        description: Number of days ahead to scan for expiring contracts.
      - name: jira_project_key
        in: body
        type: string
        description: Jira project key for procurement renewal tasks.
      steps:
      - name: get-expiring
        type: call
        call: ariba-renewal.get-expiring-contracts
        with:
          days_ahead: '{{days_ahead}}'
      - name: create-jira-task
        type: call
        call: jira-contracts.create-issue
        with:
          project_key: '{{jira_project_key}}'
          issuetype: Task
          summary: Contract renewals due within {{days_ahead}} days
          description: 'Expiring contracts: {{get-expiring.contract_ids}}'
  consumes:
  - type: http
    namespace: ariba-renewal
    baseUri: https://openapi.ariba.com/api/contract/v1
    authentication:
      type: bearer
      token: $secrets.ariba_token
    resources:
    - name: contracts
      path: /contracts
      inputParameters:
      - name: days_ahead
        in: query
      operations:
      - name: get-expiring-contracts
        method: GET
  - type: http
    namespace: jira-contracts
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST

Checks GMP training compliance for a department by querying Workday Learning, returning completion rates and overdue assignments.

naftiko: '0.5'
info:
  label: GMP Training Compliance Check
  description: Checks GMP training compliance for a department by querying Workday Learning, returning completion rates and overdue assignments.
  tags:
  - quality
  - compliance
  - workday
capability:
  exposes:
  - type: mcp
    namespace: training-compliance
    port: 8080
    tools:
    - name: check-gmp-compliance
      description: Given a department code, return the GMP training completion rate, number of overdue assignments, and list of non-compliant employees. Use when quality assurance needs training compliance visibility.
      inputParameters:
      - name: department_code
        in: body
        type: string
        description: Workday department code.
      call: workday.get-training-compliance
      with:
        department: '{{department_code}}'
        training_type: gmp
      outputParameters:
      - name: completion_rate
        type: number
        mapping: $.data.completion_rate
      - name: overdue_count
        type: integer
        mapping: $.data.overdue_count
      - name: total_employees
        type: integer
        mapping: $.data.total_employees
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: training
      path: /training/compliance?department={{department}}&type={{training_type}}
      inputParameters:
      - name: department
        in: query
      - name: training_type
        in: query
      operations:
      - name: get-training-compliance
        method: GET

Activates a clinical trial site by verifying IRB approval, provisioning site access, creating monitoring visits, and notifying the clinical operations team.

naftiko: '0.5'
info:
  label: Clinical Site Activation Orchestration
  description: Activates a clinical trial site by verifying IRB approval, provisioning site access, creating monitoring visits, and notifying the clinical operations team.
  tags:
  - clinical
  - rd
  - oracle
  - servicenow
  - okta
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: site-activation
    port: 8080
    tools:
    - name: activate-clinical-site
      description: Given a study ID and site ID, verify IRB approval, provision site access, schedule monitoring, and notify the team. Use when clinical operations is ready to activate a new trial site.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      - name: site_id
        in: body
        type: string
        description: Clinical site identifier.
      steps:
      - name: verify-irb
        type: call
        call: oracle-clinical.get-irb-status
        with:
          study_id: '{{study_id}}'
          site_id: '{{site_id}}'
      - name: provision-access
        type: call
        call: okta.assign-group
        with:
          group_name: study-{{study_id}}-site-{{site_id}}
          site_id: '{{site_id}}'
      - name: schedule-monitoring
        type: call
        call: oracle-clinical.create-visit
        with:
          study_id: '{{study_id}}'
          site_id: '{{site_id}}'
          visit_type: site_initiation
      - name: notify-ops
        type: call
        call: msteams.send-message
        with:
          channel_id: clinical-ops
          text: 'Site {{site_id}} activated for study {{study_id}}. IRB status: {{verify-irb.status}}. Initiation visit scheduled: {{schedule-monitoring.visit_date}}'
  consumes:
  - type: http
    namespace: oracle-clinical
    baseUri: https://abbott-ctms.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_ctms_token
    resources:
    - name: irb
      path: /studies/{{study_id}}/sites/{{site_id}}/irb
      inputParameters:
      - name: study_id
        in: path
      - name: site_id
        in: path
      operations:
      - name: get-irb-status
        method: GET
    - name: visits
      path: /studies/{{study_id}}/sites/{{site_id}}/visits
      inputParameters:
      - name: study_id
        in: path
      - name: site_id
        in: path
      operations:
      - name: create-visit
        method: POST
  - type: http
    namespace: okta
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: groups
      path: /groups
      operations:
      - name: assign-group
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves an Okta user profile by email, returning account status, last login, MFA enrollment, and assigned applications.

naftiko: '0.5'
info:
  label: Okta User Status Check
  description: Retrieves an Okta user profile by email, returning account status, last login, MFA enrollment, and assigned applications.
  tags:
  - security
  - identity
  - okta
capability:
  exposes:
  - type: mcp
    namespace: identity-management
    port: 8080
    tools:
    - name: get-user-status
      description: Given an employee email address, return the Okta account status, last login timestamp, and MFA enrollment state. Use when IT security needs to verify user access status.
      inputParameters:
      - name: email
        in: body
        type: string
        description: Employee email address.
      call: okta.get-user
      with:
        login: '{{email}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.status
      - name: last_login
        type: string
        mapping: $.lastLogin
      - name: mfa_enrolled
        type: boolean
        mapping: $.mfa_enrolled
  consumes:
  - type: http
    namespace: okta
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: users
      path: /users/{{login}}
      inputParameters:
      - name: login
        in: path
      operations:
      - name: get-user
        method: GET

When a supply chain disruption is detected, identifies impacted purchase orders, notifies procurement, creates alternative sourcing tasks, and updates production schedules.

naftiko: '0.5'
info:
  label: Supply Chain Disruption Response Orchestration
  description: When a supply chain disruption is detected, identifies impacted purchase orders, notifies procurement, creates alternative sourcing tasks, and updates production schedules.
  tags:
  - supply-chain
  - procurement
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: supply-chain-disruption
    port: 8080
    tools:
    - name: respond-to-disruption
      description: Given a supplier ID and disruption type, identify impacted POs, alert procurement, create sourcing tasks, and adjust production. Use when supply chain detects a material disruption.
      inputParameters:
      - name: supplier_id
        in: body
        type: string
        description: SAP supplier/vendor number.
      - name: disruption_type
        in: body
        type: string
        description: 'Type of disruption: delay, quality_issue, force_majeure.'
      steps:
      - name: get-impacted-pos
        type: call
        call: sap-erp.query-open-pos
        with:
          vendor_id: '{{supplier_id}}'
          status: open
      - name: create-sourcing-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Alternative sourcing needed: {{disruption_type}} from vendor {{supplier_id}}'
          category: procurement
          priority: '1'
          assigned_group: Strategic_Sourcing
      - name: notify-procurement
        type: call
        call: msteams.send-message
        with:
          channel_id: supply-chain-ops
          text: 'SUPPLY DISRUPTION: Vendor {{supplier_id}} - {{disruption_type}}. Impacted POs: {{get-impacted-pos.count}}. Sourcing task: {{create-sourcing-task.number}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder
      operations:
      - name: query-open-pos
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a customer reports a diagnostic instrument issue, creates a service case, identifies the nearest field engineer, dispatches them, and updates the customer.

naftiko: '0.5'
info:
  label: Field Service Dispatch Orchestration
  description: When a customer reports a diagnostic instrument issue, creates a service case, identifies the nearest field engineer, dispatches them, and updates the customer.
  tags:
  - service
  - diagnostics
  - salesforce
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: field-service
    port: 8080
    tools:
    - name: dispatch-field-engineer
      description: Given a customer account ID and issue description, create a service case, find the nearest engineer, dispatch them, and notify the customer. Use when customer support escalates a field service need.
      inputParameters:
      - name: account_id
        in: body
        type: string
        description: Salesforce customer account ID.
      - name: issue_description
        in: body
        type: string
        description: Description of the instrument issue.
      steps:
      - name: create-case
        type: call
        call: salesforce.create-case
        with:
          account_id: '{{account_id}}'
          subject: 'Field service: {{issue_description}}'
          type: field_service
      - name: find-engineer
        type: call
        call: servicenow.find-available-resource
        with:
          skill: diagnostics_instruments
          location: '{{account_id}}'
      - name: create-work-order
        type: call
        call: servicenow.create-work-order
        with:
          case_ref: '{{create-case.case_number}}'
          assigned_to: '{{find-engineer.engineer_id}}'
          description: '{{issue_description}}'
      - name: notify-customer
        type: call
        call: msteams.send-message
        with:
          channel_id: customer-service
          text: 'Field engineer {{find-engineer.engineer_name}} dispatched for case {{create-case.case_number}}. ETA: {{find-engineer.estimated_arrival}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case
      operations:
      - name: create-case
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /table/cmn_schedule_span
      operations:
      - name: find-available-resource
        method: GET
    - name: work-orders
      path: /table/wm_order
      operations:
      - name: create-work-order
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Searches Abbott SharePoint document libraries by keyword, returning matching document titles, authors, and URLs.

naftiko: '0.5'
info:
  label: SharePoint Document Library Search
  description: Searches Abbott SharePoint document libraries by keyword, returning matching document titles, authors, and URLs.
  tags:
  - documentation
  - collaboration
  - sharepoint
capability:
  exposes:
  - type: mcp
    namespace: doc-search
    port: 8080
    tools:
    - name: search-sharepoint-docs
      description: Given a search query and optional site name, return matching documents with titles, authors, and links. Use when employees need to find documents across SharePoint.
      inputParameters:
      - name: query
        in: body
        type: string
        description: Search keywords.
      - name: site_name
        in: body
        type: string
        description: Optional SharePoint site name to scope the search.
      call: sharepoint.search
      with:
        querytext: '{{query}}'
        site: '{{site_name}}'
      outputParameters:
      - name: result_count
        type: integer
        mapping: $.PrimaryQueryResult.RelevantResults.TotalRows
  consumes:
  - type: http
    namespace: sharepoint
    baseUri: https://abbott.sharepoint.com/_api
    authentication:
      type: bearer
      token: $secrets.sharepoint_token
    resources:
    - name: search
      path: /search/query?querytext='{{querytext}}'
      inputParameters:
      - name: querytext
        in: query
      operations:
      - name: search
        method: GET

Retrieves Okta group membership for privileged groups, generates an access certification report in Power BI, and emails it to the security team for review.

naftiko: '0.5'
info:
  label: Okta Quarterly Access Certification
  description: Retrieves Okta group membership for privileged groups, generates an access certification report in Power BI, and emails it to the security team for review.
  tags:
  - identity
  - security
  - okta
  - compliance
  - access-review
capability:
  exposes:
  - type: mcp
    namespace: access-certification
    port: 8080
    tools:
    - name: run-access-certification
      description: Given an Okta group ID and Power BI dataset ID, pull current group membership, trigger a Power BI report refresh, and email the access certification report to the security team. Use quarterly for privileged access compliance reviews.
      inputParameters:
      - name: okta_group_id
        in: body
        type: string
        description: Okta group ID to certify.
      - name: pbi_dataset_id
        in: body
        type: string
        description: Power BI dataset ID for access reports.
      - name: security_team_email
        in: body
        type: string
        description: Security team email for the certification report.
      steps:
      - name: get-group-members
        type: call
        call: okta-cert.get-group-users
        with:
          group_id: '{{okta_group_id}}'
      - name: refresh-access-pbi
        type: call
        call: powerbi-cert.trigger-refresh
        with:
          dataset_id: '{{pbi_dataset_id}}'
      - name: send-cert-email
        type: call
        call: msgraph-cert.send-email
        with:
          to: '{{security_team_email}}'
          subject: Quarterly Access Certification — Okta Group {{okta_group_id}}
          body: Group {{okta_group_id}} has {{get-group-members.total_count}} members. Review in Power BI and certify or revoke access.
  consumes:
  - type: http
    namespace: okta-cert
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: group-users
      path: /groups/{{group_id}}/users
      inputParameters:
      - name: group_id
        in: path
      operations:
      - name: get-group-users
        method: GET
  - type: http
    namespace: powerbi-cert
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: dataset-refreshes
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST
  - type: http
    namespace: msgraph-cert
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: send-mail
      path: /users/{{sender}}/sendMail
      operations:
      - name: send-email
        method: POST

When an employee transfers between divisions, updates Workday, re-provisions Okta group memberships, transfers ServiceNow assets, and notifies both managers.

naftiko: '0.5'
info:
  label: Employee Transfer Orchestration
  description: When an employee transfers between divisions, updates Workday, re-provisions Okta group memberships, transfers ServiceNow assets, and notifies both managers.
  tags:
  - hr
  - identity
  - workday
  - okta
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: employee-transfer
    port: 8080
    tools:
    - name: process-employee-transfer
      description: Given a worker ID, source department, and target department, update HR records, re-provision access, transfer assets, and notify stakeholders. Use when HR processes an inter-division transfer.
      inputParameters:
      - name: worker_id
        in: body
        type: string
        description: Workday worker ID.
      - name: target_department
        in: body
        type: string
        description: Target department code.
      steps:
      - name: get-employee
        type: call
        call: workday.get-worker
        with:
          worker_id: '{{worker_id}}'
      - name: update-okta-groups
        type: call
        call: okta.update-user-groups
        with:
          user_email: '{{get-employee.work_email}}'
          new_department: '{{target_department}}'
      - name: transfer-assets
        type: call
        call: servicenow.transfer-assets
        with:
          user_id: '{{worker_id}}'
          new_department: '{{target_department}}'
      - name: notify-managers
        type: call
        call: msteams.send-message
        with:
          channel_id: hr-operations
          text: 'Transfer processed: {{get-employee.first_name}} {{get-employee.last_name}} to {{target_department}}. Access updated. Assets transferred.'
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: okta
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: users
      path: /users/{{user_email}}/groups
      inputParameters:
      - name: user_email
        in: path
      operations:
      - name: update-user-groups
        method: PUT
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: assets
      path: /table/alm_asset
      operations:
      - name: transfer-assets
        method: PATCH
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves a summary of open job requisitions from Workday by department, returning requisition count, average days open, and hiring manager details.

naftiko: '0.5'
info:
  label: Workday Open Requisition Report
  description: Retrieves a summary of open job requisitions from Workday by department, returning requisition count, average days open, and hiring manager details.
  tags:
  - hr
  - recruiting
  - workday
capability:
  exposes:
  - type: mcp
    namespace: talent-acquisition
    port: 8080
    tools:
    - name: get-open-requisitions
      description: Given a department code, return the count of open requisitions, average days open, and breakdown by hiring manager. Use when HR or leadership needs recruiting pipeline visibility.
      inputParameters:
      - name: department_code
        in: body
        type: string
        description: Workday department code.
      call: workday.get-requisitions
      with:
        department: '{{department_code}}'
        status: open
      outputParameters:
      - name: open_count
        type: integer
        mapping: $.data.total
      - name: avg_days_open
        type: number
        mapping: $.data.avg_days_open
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: requisitions
      path: /recruiting/requisitions
      operations:
      - name: get-requisitions
        method: GET

Uses OpenAI to classify a regulatory document by type, region, and product category, returning structured metadata for filing.

naftiko: '0.5'
info:
  label: OpenAI Regulatory Document Classification
  description: Uses OpenAI to classify a regulatory document by type, region, and product category, returning structured metadata for filing.
  tags:
  - regulatory
  - ai
  - openai
capability:
  exposes:
  - type: mcp
    namespace: doc-classification
    port: 8080
    tools:
    - name: classify-regulatory-document
      description: Given document text, classify the document type, applicable region, and product category using AI. Use when regulatory teams need to categorize incoming documents.
      inputParameters:
      - name: document_text
        in: body
        type: string
        description: Text content of the regulatory document.
      call: openai.create-completion
      with:
        model: gpt-4
        prompt: 'Classify this regulatory document: {{document_text}}'
      outputParameters:
      - name: document_type
        type: string
        mapping: $.choices[0].message.content
  consumes:
  - type: http
    namespace: openai
    baseUri: https://api.openai.com/v1
    authentication:
      type: bearer
      token: $secrets.openai_api_key
    resources:
    - name: completions
      path: /chat/completions
      operations:
      - name: create-completion
        method: POST

When a quality deviation is created, assigns an investigator, gathers batch data from SAP, creates investigation tasks, and sets review deadlines.

naftiko: '0.5'
info:
  label: Quality Deviation Investigation Orchestration
  description: When a quality deviation is created, assigns an investigator, gathers batch data from SAP, creates investigation tasks, and sets review deadlines.
  tags:
  - quality
  - manufacturing
  - servicenow
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: deviation-investigation
    port: 8080
    tools:
    - name: initiate-deviation-investigation
      description: Given a deviation number, assign an investigator, pull related batch data, create investigation tasks, and notify stakeholders. Use when quality assurance escalates a deviation for investigation.
      inputParameters:
      - name: deviation_number
        in: body
        type: string
        description: ServiceNow deviation record number.
      steps:
      - name: get-deviation
        type: call
        call: servicenow.get-deviation
        with:
          number: '{{deviation_number}}'
      - name: get-batch-data
        type: call
        call: sap-erp.get-batch-record
        with:
          batch_id: '{{get-deviation.batch_number}}'
      - name: create-investigation-task
        type: call
        call: servicenow.create-task
        with:
          short_description: Investigate deviation {{deviation_number}} - Batch {{get-deviation.batch_number}}
          category: quality_investigation
          assigned_group: Quality_Investigation
          priority: '2'
      - name: notify-quality
        type: call
        call: msteams.send-message
        with:
          channel_id: quality-investigations
          text: 'Investigation initiated for deviation {{deviation_number}}. Batch: {{get-deviation.batch_number}}. Yield: {{get-batch-data.yield_percentage}}%. Task: {{create-investigation-task.number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: deviations
      path: /table/u_deviation
      operations:
      - name: get-deviation
        method: GET
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: batch-records
      path: /A_BatchRecord('{{batch_id}}')
      inputParameters:
      - name: batch_id
        in: path
      operations:
      - name: get-batch-record
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves current headcount and payroll cost totals from Workday by business unit and cost center for finance reporting.

naftiko: '0.5'
info:
  label: Workday Headcount and Payroll Snapshot
  description: Retrieves current headcount and payroll cost totals from Workday by business unit and cost center for finance reporting.
  tags:
  - hr
  - finance
  - payroll
  - workday
  - headcount
capability:
  exposes:
  - type: mcp
    namespace: hr-finance
    port: 8080
    tools:
    - name: get-headcount-snapshot
      description: Returns headcount and payroll cost data grouped by business unit and cost center from Workday. Use for monthly finance reviews and headcount planning.
      inputParameters:
      - name: as_of_date
        in: body
        type: string
        description: Snapshot date in YYYY-MM-DD format.
      call: workday-hcm.get-headcount-report
      with:
        effective_date: '{{as_of_date}}'
      outputParameters:
      - name: total_headcount
        type: string
        mapping: $.Report_Entry[0].Total_Headcount
      - name: total_payroll_cost
        type: string
        mapping: $.Report_Entry[0].Total_Payroll_Cost
  consumes:
  - type: http
    namespace: workday-hcm
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: headcount-report
      path: /reports/headcount_by_cost_center
      inputParameters:
      - name: effective_date
        in: query
      operations:
      - name: get-headcount-report
        method: GET

When Datadog fires a critical alert on a clinical system, opens a P1 ServiceNow incident, pages the on-call engineer via PagerDuty, and posts to the IT war-room Teams channel.

naftiko: '0.5'
info:
  label: IT P1 Incident Triage and Escalation
  description: When Datadog fires a critical alert on a clinical system, opens a P1 ServiceNow incident, pages the on-call engineer via PagerDuty, and posts to the IT war-room Teams channel.
  tags:
  - itsm
  - incident-response
  - datadog
  - pagerduty
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: p1-triage
    port: 8080
    tools:
    - name: handle-critical-alert
      description: Given a Datadog critical alert for a clinical or corporate system, create a P1 ServiceNow incident, trigger a PagerDuty page to the on-call engineer, and post an alert to the IT war-room Teams channel. Use when monitoring detects a critical system failure.
      inputParameters:
      - name: alert_id
        in: body
        type: string
        description: Datadog monitor alert ID.
      - name: system_name
        in: body
        type: string
        description: Name of the affected system.
      - name: alert_message
        in: body
        type: string
        description: Human-readable alert description.
      - name: warroom_channel_id
        in: body
        type: string
        description: IT war-room Teams channel ID.
      steps:
      - name: create-p1-incident
        type: call
        call: servicenow-p1.create-incident
        with:
          short_description: P1 Alert — {{system_name}}
          description: 'Datadog alert {{alert_id}}: {{alert_message}}'
          priority: '1'
          category: Critical_System
      - name: page-oncall
        type: call
        call: pagerduty.trigger-incident
        with:
          title: P1 Critical Alert — {{system_name}}
          severity: critical
          details: 'ServiceNow INC: {{create-p1-incident.number}} | Alert: {{alert_id}}'
      - name: post-warroom
        type: call
        call: msteams-p1.post-channel-message
        with:
          channel_id: '{{warroom_channel_id}}'
          text: 'P1 INCIDENT: {{system_name}} | INC: {{create-p1-incident.number}} | PagerDuty: {{page-oncall.incident_key}} | Alert: {{alert_message}}'
  consumes:
  - type: http
    namespace: servicenow-p1
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: pagerduty
    baseUri: https://events.pagerduty.com/v2
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.pagerduty_token
      placement: header
    resources:
    - name: enqueue
      path: /enqueue
      operations:
      - name: trigger-incident
        method: POST
  - type: http
    namespace: msteams-p1
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When an employee termination is processed in Workday, deactivates their Okta account, closes open ServiceNow access requests, and removes Salesforce user license.

naftiko: '0.5'
info:
  label: Employee Offboarding Deprovisioning
  description: When an employee termination is processed in Workday, deactivates their Okta account, closes open ServiceNow access requests, and removes Salesforce user license.
  tags:
  - hr
  - offboarding
  - okta
  - workday
  - identity
capability:
  exposes:
  - type: mcp
    namespace: hr-offboarding
    port: 8080
    tools:
    - name: deprovision-terminated-employee
      description: Given a terminated employee's Workday ID and Okta user ID, deactivate their Okta account, close open ServiceNow access requests, and deactivate their Salesforce user license. Use immediately upon processing a termination in Workday.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: Workday worker ID of the terminated employee.
      - name: okta_user_id
        in: body
        type: string
        description: Okta user ID to deactivate.
      - name: salesforce_user_id
        in: body
        type: string
        description: Salesforce user ID to deactivate.
      steps:
      - name: deactivate-okta
        type: call
        call: okta-offboard.deactivate-user
        with:
          user_id: '{{okta_user_id}}'
      - name: close-access-requests
        type: call
        call: servicenow-offboard.patch-requests
        with:
          employee_id: '{{workday_employee_id}}'
          state: closed_complete
      - name: deactivate-sf
        type: call
        call: salesforce-offboard.update-user
        with:
          user_id: '{{salesforce_user_id}}'
          is_active: 'false'
  consumes:
  - type: http
    namespace: okta-offboard
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: user-lifecycle
      path: /users/{{user_id}}/lifecycle/deactivate
      inputParameters:
      - name: user_id
        in: path
      operations:
      - name: deactivate-user
        method: POST
  - type: http
    namespace: servicenow-offboard
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: requests
      path: /table/sc_request
      operations:
      - name: patch-requests
        method: PATCH
  - type: http
    namespace: salesforce-offboard
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: users
      path: /sobjects/User/{{user_id}}
      inputParameters:
      - name: user_id
        in: path
      operations:
      - name: update-user
        method: PATCH

Retrieves a production order from SAP by order number, returning status, planned quantity, actual output, and scheduled completion date.

naftiko: '0.5'
info:
  label: SAP Production Order Status Lookup
  description: Retrieves a production order from SAP by order number, returning status, planned quantity, actual output, and scheduled completion date.
  tags:
  - manufacturing
  - erp
  - sap
capability:
  exposes:
  - type: mcp
    namespace: production-orders
    port: 8080
    tools:
    - name: get-production-order
      description: Given a SAP production order number, return the order status, planned vs actual quantity, and scheduled dates. Use when manufacturing planners need production order visibility.
      inputParameters:
      - name: order_number
        in: body
        type: string
        description: SAP production order number.
      call: sap-erp.get-prod-order
      with:
        order: '{{order_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.d.OrderStatus
      - name: planned_quantity
        type: number
        mapping: $.d.PlannedQuantity
      - name: actual_output
        type: number
        mapping: $.d.ActualQuantity
      - name: scheduled_end
        type: string
        mapping: $.d.ScheduledEndDate
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PP_PROD_ORDER_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: production-orders
      path: /A_ProductionOrder('{{order}}')
      inputParameters:
      - name: order
        in: path
      operations:
      - name: get-prod-order
        method: GET

Orchestrates a medical device product registration by assembling documents from Veeva Vault, creating the submission package, filing in the regulatory system, and notifying stakeholders.

naftiko: '0.5'
info:
  label: Product Registration Submission Orchestration
  description: Orchestrates a medical device product registration by assembling documents from Veeva Vault, creating the submission package, filing in the regulatory system, and notifying stakeholders.
  tags:
  - regulatory
  - quality
  - veeva-vault
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: product-registration
    port: 8080
    tools:
    - name: submit-product-registration
      description: Given a product code and target market, assemble regulatory documents, create the submission, file it, and notify the team. Use when regulatory affairs initiates a new market registration.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: Abbott product code.
      - name: target_market
        in: body
        type: string
        description: Target market country code, e.g. 'EU', 'JP', 'BR'.
      steps:
      - name: gather-documents
        type: call
        call: veeva-vault.query-documents
        with:
          product_code: '{{product_code}}'
          doc_type: registration
      - name: create-submission
        type: call
        call: veeva-vault.create-submission
        with:
          product_code: '{{product_code}}'
          market: '{{target_market}}'
          document_ids: '{{gather-documents.document_ids}}'
      - name: create-tracking-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Product registration: {{product_code}} for {{target_market}}'
          category: regulatory_submission
          assigned_group: Regulatory_Affairs
          reference: '{{create-submission.submission_id}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: regulatory-submissions
          text: 'Product registration submitted for {{product_code}} in {{target_market}}. Submission: {{create-submission.submission_id}}. Task: {{create-tracking-task.number}}'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /query
      operations:
      - name: query-documents
        method: POST
    - name: submissions
      path: /objects/submission__c
      operations:
      - name: create-submission
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves corrective and preventive action record details from the quality management system by CAPA number.

naftiko: '0.5'
info:
  label: Quality CAPA Status Lookup
  description: Retrieves corrective and preventive action record details from the quality management system by CAPA number.
  tags:
  - quality
  - compliance
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: quality-capa
    port: 8080
    tools:
    - name: get-capa-status
      description: Given a CAPA number, return the current phase, root cause category, due date, and responsible owner. Use when quality teams need to track CAPA progress.
      inputParameters:
      - name: capa_number
        in: body
        type: string
        description: CAPA record number.
      call: servicenow.get-capa
      with:
        number: '{{capa_number}}'
      outputParameters:
      - name: phase
        type: string
        mapping: $.result.phase
      - name: root_cause
        type: string
        mapping: $.result.root_cause_category
      - name: due_date
        type: string
        mapping: $.result.due_date
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: capa-records
      path: /table/u_capa?sysparm_query=number={{number}}
      inputParameters:
      - name: number
        in: query
      operations:
      - name: get-capa
        method: GET

Creates a new sourcing event in SAP Ariba for competitive bidding, returning the event ID and supplier invitation status.

naftiko: '0.5'
info:
  label: SAP Ariba Sourcing Event Creation
  description: Creates a new sourcing event in SAP Ariba for competitive bidding, returning the event ID and supplier invitation status.
  tags:
  - procurement
  - sap-ariba
capability:
  exposes:
  - type: mcp
    namespace: strategic-sourcing
    port: 8080
    tools:
    - name: create-sourcing-event
      description: Given a sourcing category and description, create an SAP Ariba sourcing event and return the event ID. Use when procurement initiates a competitive bidding process.
      inputParameters:
      - name: category
        in: body
        type: string
        description: Sourcing category.
      - name: description
        in: body
        type: string
        description: Sourcing event description.
      - name: budget_amount
        in: body
        type: number
        description: Budget amount for the sourcing event.
      call: ariba.create-event
      with:
        category: '{{category}}'
        description: '{{description}}'
        budget: '{{budget_amount}}'
      outputParameters:
      - name: event_id
        type: string
        mapping: $.data.eventId
      - name: status
        type: string
        mapping: $.data.status
  consumes:
  - type: http
    namespace: ariba
    baseUri: https://openapi.ariba.com/api/sourcing-projects/v1
    authentication:
      type: bearer
      token: $secrets.ariba_token
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST

Monitors Snowflake data pipeline task failures for the clinical and commercial data warehouse, logs anomalies to Datadog, and creates Jira tickets for the data engineering team.

naftiko: '0.5'
info:
  label: Snowflake Data Quality Monitoring
  description: Monitors Snowflake data pipeline task failures for the clinical and commercial data warehouse, logs anomalies to Datadog, and creates Jira tickets for the data engineering team.
  tags:
  - data
  - snowflake
  - datadog
  - analytics
  - monitoring
capability:
  exposes:
  - type: mcp
    namespace: data-quality
    port: 8080
    tools:
    - name: check-data-pipeline-health
      description: Query Snowflake task execution history for failures, log each failure as a Datadog error event, and open a Jira data engineering ticket for any pipeline that has failed consecutively. Use daily to verify Abbott's clinical and commercial data pipelines are healthy.
      inputParameters:
      - name: lookback_hours
        in: body
        type: integer
        description: Hours of pipeline history to scan for failures.
      - name: jira_project_key
        in: body
        type: string
        description: Jira project key for data engineering tickets.
      steps:
      - name: get-failed-tasks
        type: call
        call: snowflake.get-task-history
        with:
          lookback_hours: '{{lookback_hours}}'
          state: FAILED
      - name: log-to-datadog
        type: call
        call: datadog-dq.create-event
        with:
          title: Snowflake pipeline failures
          text: 'Failed tasks: {{get-failed-tasks.task_names}}'
          alert_type: error
      - name: create-jira-ticket
        type: call
        call: jira-data.create-issue
        with:
          project_key: '{{jira_project_key}}'
          issuetype: Bug
          summary: Pipeline failures — {{get-failed-tasks.task_count}} Snowflake tasks
          description: 'Tasks: {{get-failed-tasks.task_names}} | Datadog: {{log-to-datadog.url}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: task-history
      path: /databases/CLINICAL_DW/schemas/PUBLIC/tasks/history
      inputParameters:
      - name: lookback_hours
        in: query
      - name: state
        in: query
      operations:
      - name: get-task-history
        method: GET
  - type: http
    namespace: datadog-dq
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: jira-data
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST

Orchestrates clinical database lock by running final data quality checks, generating discrepancy reports, locking the database, and notifying biostatistics.

naftiko: '0.5'
info:
  label: Clinical Data Lock Orchestration
  description: Orchestrates clinical database lock by running final data quality checks, generating discrepancy reports, locking the database, and notifying biostatistics.
  tags:
  - clinical
  - rd
  - quality
  - snowflake
  - oracle
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: clinical-data-lock
    port: 8080
    tools:
    - name: execute-database-lock
      description: Given a study ID and lock date, run data quality checks, generate discrepancy report, lock the database, and notify biostatistics. Use when clinical data management is ready to lock a study database.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      - name: lock_date
        in: body
        type: string
        description: Target database lock date in YYYY-MM-DD format.
      steps:
      - name: run-quality-checks
        type: call
        call: snowflake.execute-query
        with:
          query_name: clinical_data_quality_check
          params: '{{study_id}}'
      - name: generate-discrepancy-report
        type: call
        call: snowflake.execute-query
        with:
          query_name: discrepancy_report
          params: '{{study_id}}'
      - name: lock-database
        type: call
        call: oracle-clinical.lock-study
        with:
          study_id: '{{study_id}}'
          lock_date: '{{lock_date}}'
      - name: notify-biostat
        type: call
        call: msteams.send-message
        with:
          channel_id: biostatistics
          text: 'Study {{study_id}} database locked as of {{lock_date}}. Open queries: {{run-quality-checks.open_query_count}}. Discrepancies: {{generate-discrepancy-report.discrepancy_count}}. Lock status: {{lock-database.status}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: oracle-clinical
    baseUri: https://abbott-ctms.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_ctms_token
    resources:
    - name: studies
      path: /studies/{{study_id}}/lock
      inputParameters:
      - name: study_id
        in: path
      operations:
      - name: lock-study
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Queries CrowdStrike Falcon for threat detections on a specific endpoint, returning detection details, severity, and recommended actions.

naftiko: '0.5'
info:
  label: CrowdStrike Endpoint Threat Lookup
  description: Queries CrowdStrike Falcon for threat detections on a specific endpoint, returning detection details, severity, and recommended actions.
  tags:
  - security
  - endpoint
  - crowdstrike
capability:
  exposes:
  - type: mcp
    namespace: endpoint-security
    port: 8080
    tools:
    - name: get-endpoint-threats
      description: Given a hostname, return active threat detections, severity levels, and recommended remediation actions. Use when security operations investigates endpoint alerts.
      inputParameters:
      - name: hostname
        in: body
        type: string
        description: Endpoint hostname.
      call: crowdstrike.get-detections
      with:
        filter: device.hostname:'{{hostname}}'
      outputParameters:
      - name: detection_count
        type: integer
        mapping: $.meta.pagination.total
      - name: max_severity
        type: string
        mapping: $.resources[0].max_severity_displayname
  consumes:
  - type: http
    namespace: crowdstrike
    baseUri: https://api.crowdstrike.com
    authentication:
      type: bearer
      token: $secrets.crowdstrike_token
    resources:
    - name: detections
      path: /detects/queries/detects/v1
      operations:
      - name: get-detections
        method: GET

Performs a vendor risk assessment by querying SAP for financial data, checking compliance records in ServiceNow, scoring the vendor, and creating an assessment report.

naftiko: '0.5'
info:
  label: Vendor Risk Assessment Orchestration
  description: Performs a vendor risk assessment by querying SAP for financial data, checking compliance records in ServiceNow, scoring the vendor, and creating an assessment report.
  tags:
  - procurement
  - compliance
  - sap
  - servicenow
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: vendor-risk
    port: 8080
    tools:
    - name: assess-vendor-risk
      description: Given a vendor ID, collect financial data, compliance records, and calculate a risk score. Use when procurement needs to evaluate vendor risk before contract renewal.
      inputParameters:
      - name: vendor_id
        in: body
        type: string
        description: SAP vendor number.
      steps:
      - name: get-vendor-financials
        type: call
        call: sap-erp.get-vendor-master
        with:
          vendor_id: '{{vendor_id}}'
      - name: get-compliance-records
        type: call
        call: servicenow.query-vendor-compliance
        with:
          vendor_id: '{{vendor_id}}'
      - name: calculate-risk-score
        type: call
        call: snowflake.execute-query
        with:
          query_name: vendor_risk_score
          params: '{{vendor_id}},{{get-vendor-financials.payment_terms}},{{get-compliance-records.open_findings}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_VENDOR_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: vendors
      path: /A_Vendor('{{vendor_id}}')
      inputParameters:
      - name: vendor_id
        in: path
      operations:
      - name: get-vendor-master
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: compliance
      path: /table/u_vendor_compliance
      operations:
      - name: query-vendor-compliance
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

When a manufacturing quality deviation is detected, creates a ServiceNow quality incident, opens a Jira corrective action task, and notifies the quality assurance team in Teams.

naftiko: '0.5'
info:
  label: Product Quality Deviation Incident
  description: When a manufacturing quality deviation is detected, creates a ServiceNow quality incident, opens a Jira corrective action task, and notifies the quality assurance team in Teams.
  tags:
  - quality
  - manufacturing
  - servicenow
  - jira
  - healthcare
capability:
  exposes:
  - type: mcp
    namespace: quality-ops
    port: 8080
    tools:
    - name: handle-quality-deviation
      description: Given a product lot number, deviation type, and site ID, create a ServiceNow quality incident record, open a Jira CAPA task for the quality engineering team, and alert the QA Teams channel. Use when a manufacturing deviation is identified during production or QC review.
      inputParameters:
      - name: lot_number
        in: body
        type: string
        description: Product lot number where the deviation was detected.
      - name: deviation_type
        in: body
        type: string
        description: Type of deviation, e.g. 'out-of-specification', 'process-deviation'.
      - name: site_id
        in: body
        type: string
        description: Manufacturing site identifier.
      - name: qa_channel_id
        in: body
        type: string
        description: Quality assurance Teams channel ID.
      steps:
      - name: create-quality-incident
        type: call
        call: servicenow-quality.create-incident
        with:
          short_description: Quality deviation — Lot {{lot_number}} — {{deviation_type}}
          category: quality_deviation
          site_id: '{{site_id}}'
      - name: create-capa
        type: call
        call: jira-quality.create-issue
        with:
          project_key: CAPA
          issuetype: Task
          summary: CAPA for deviation — Lot {{lot_number}} at {{site_id}}
          description: 'Deviation type: {{deviation_type}} | ServiceNow INC: {{create-quality-incident.number}}'
      - name: alert-qa-team
        type: call
        call: msteams-quality.post-channel-message
        with:
          channel_id: '{{qa_channel_id}}'
          text: 'Quality Deviation: Lot {{lot_number}} at {{site_id}} — {{deviation_type}} | INC: {{create-quality-incident.number}} | CAPA Jira: {{create-capa.key}}'
  consumes:
  - type: http
    namespace: servicenow-quality
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: jira-quality
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-quality
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Retrieves a regulatory submission document from Veeva Vault, sends it to the Anthropic Claude API for intelligent summarization, and posts the summary to the regulatory affairs Teams channel.

naftiko: '0.5'
info:
  label: AI-Assisted Regulatory Document Summarization
  description: Retrieves a regulatory submission document from Veeva Vault, sends it to the Anthropic Claude API for intelligent summarization, and posts the summary to the regulatory affairs Teams channel.
  tags:
  - ai
  - regulatory
  - veeva
  - anthropic
  - healthcare
capability:
  exposes:
  - type: mcp
    namespace: ai-regulatory
    port: 8080
    tools:
    - name: summarize-regulatory-document
      description: Given a Veeva Vault document ID, retrieve the document content and send it to Anthropic Claude for summarization with regulatory focus. Post the AI summary to the regulatory Teams channel. Use when regulatory teams need quick comprehension of lengthy submission documents.
      inputParameters:
      - name: vault_document_id
        in: body
        type: string
        description: Veeva Vault document ID to summarize.
      - name: reg_channel_id
        in: body
        type: string
        description: Regulatory affairs Teams channel ID.
      steps:
      - name: get-document
        type: call
        call: veeva-ai.get-document
        with:
          document_id: '{{vault_document_id}}'
      - name: generate-summary
        type: call
        call: anthropic.create-message
        with:
          model: claude-opus-4-5
          prompt: 'Summarize this regulatory submission document for a pharmaceutical regulatory affairs team. Identify key claims, study results, and action items: {{get-document.content}}'
      - name: post-summary
        type: call
        call: msteams-ai-reg.post-channel-message
        with:
          channel_id: '{{reg_channel_id}}'
          text: 'Regulatory Summary for document {{vault_document_id}}: {{generate-summary.content[0].text}}'
  consumes:
  - type: http
    namespace: veeva-ai
    baseUri: https://abbott.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_token
    resources:
    - name: documents
      path: /objects/documents/{{document_id}}
      inputParameters:
      - name: document_id
        in: path
      operations:
      - name: get-document
        method: GET
  - type: http
    namespace: anthropic
    baseUri: https://api.anthropic.com/v1
    authentication:
      type: apikey
      key: x-api-key
      value: $secrets.anthropic_api_key
      placement: header
    resources:
    - name: messages
      path: /messages
      operations:
      - name: create-message
        method: POST
  - type: http
    namespace: msteams-ai-reg
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When a medical device complaint is logged in Salesforce Service Cloud, creates a ServiceNow regulatory case, assigns a quality engineer, and sends a Teams notification to the vigilance team.

naftiko: '0.5'
info:
  label: Medical Device Complaint Case Routing
  description: When a medical device complaint is logged in Salesforce Service Cloud, creates a ServiceNow regulatory case, assigns a quality engineer, and sends a Teams notification to the vigilance team.
  tags:
  - customer-service
  - regulatory
  - salesforce
  - servicenow
  - medical-devices
capability:
  exposes:
  - type: mcp
    namespace: complaint-ops
    port: 8080
    tools:
    - name: route-device-complaint
      description: Given a Salesforce case ID for a medical device complaint, create a linked ServiceNow regulatory investigation record, assign it to the quality engineering group, and alert the vigilance Teams channel. Use when a device complaint requiring regulatory review is received.
      inputParameters:
      - name: salesforce_case_id
        in: body
        type: string
        description: Salesforce case ID for the device complaint.
      - name: device_model
        in: body
        type: string
        description: Medical device model or product number.
      - name: complaint_type
        in: body
        type: string
        description: Type of complaint, e.g. 'malfunction', 'injury', 'death'.
      - name: vigilance_channel_id
        in: body
        type: string
        description: Teams channel ID for the vigilance team.
      steps:
      - name: get-case
        type: call
        call: salesforce-cases.get-case
        with:
          case_id: '{{salesforce_case_id}}'
      - name: create-reg-investigation
        type: call
        call: servicenow-vigilance.create-incident
        with:
          short_description: Device complaint — {{device_model}} — {{complaint_type}}
          description: 'Salesforce case: {{salesforce_case_id}} | Reporter: {{get-case.ContactName}} | Description: {{get-case.Description}}'
          category: regulatory_vigilance
          assigned_group: Quality_Engineering
      - name: notify-vigilance
        type: call
        call: msteams-vigilance.post-channel-message
        with:
          channel_id: '{{vigilance_channel_id}}'
          text: 'Device Complaint: {{device_model}} — {{complaint_type}} | Salesforce: {{salesforce_case_id}} | ServiceNow INC: {{create-reg-investigation.number}}'
  consumes:
  - type: http
    namespace: salesforce-cases
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case/{{case_id}}
      inputParameters:
      - name: case_id
        in: path
      operations:
      - name: get-case
        method: GET
  - type: http
    namespace: servicenow-vigilance
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-vigilance
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Retrieves a standard operating procedure document from Confluence by page ID, returning title, content, version, and last updated date.

naftiko: '0.5'
info:
  label: Confluence SOP Retrieval
  description: Retrieves a standard operating procedure document from Confluence by page ID, returning title, content, version, and last updated date.
  tags:
  - quality
  - documentation
  - confluence
capability:
  exposes:
  - type: mcp
    namespace: sop-library
    port: 8080
    tools:
    - name: get-sop-document
      description: Given a Confluence page ID, return the SOP title, body content, version number, and last modified date. Use when quality or operations staff need to reference standard procedures.
      inputParameters:
      - name: page_id
        in: body
        type: string
        description: Confluence page ID.
      call: confluence.get-page
      with:
        page_id: '{{page_id}}'
      outputParameters:
      - name: title
        type: string
        mapping: $.title
      - name: version
        type: integer
        mapping: $.version.number
      - name: last_updated
        type: string
        mapping: $.version.when
  consumes:
  - type: http
    namespace: confluence
    baseUri: https://abbott.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_api_token
    resources:
    - name: pages
      path: /content/{{page_id}}?expand=version,body.storage
      inputParameters:
      - name: page_id
        in: path
      operations:
      - name: get-page
        method: GET

Orchestrates UDI registration for a medical device by generating the device identifier, submitting to GUDID, updating SAP material master, and notifying regulatory affairs.

naftiko: '0.5'
info:
  label: Medical Device UDI Registration Orchestration
  description: Orchestrates UDI registration for a medical device by generating the device identifier, submitting to GUDID, updating SAP material master, and notifying regulatory affairs.
  tags:
  - regulatory
  - manufacturing
  - sap
  - veeva-vault
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: udi-registration
    port: 8080
    tools:
    - name: register-device-udi
      description: Given a product code and device description, generate the UDI, submit to GUDID, update SAP, and notify regulatory. Use when new medical devices need UDI registration.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: Abbott product code.
      - name: device_description
        in: body
        type: string
        description: Device description for GUDID.
      steps:
      - name: create-udi-record
        type: call
        call: veeva-vault.create-udi
        with:
          product_code: '{{product_code}}'
          description: '{{device_description}}'
      - name: update-material-master
        type: call
        call: sap-erp.update-material
        with:
          material: '{{product_code}}'
          udi: '{{create-udi-record.udi_di}}'
      - name: notify-regulatory
        type: call
        call: msteams.send-message
        with:
          channel_id: regulatory-affairs
          text: 'UDI registered for {{product_code}}: {{create-udi-record.udi_di}}. GUDID submission: {{create-udi-record.gudid_status}}. SAP updated.'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: udi
      path: /objects/udi__c
      operations:
      - name: create-udi
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: materials
      path: /A_Material('{{material}}')
      inputParameters:
      - name: material
        in: path
      operations:
      - name: update-material
        method: PATCH
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Pulls the diagnostics division's open Salesforce opportunity pipeline, refreshes the Power BI executive dashboard, and emails a weekly summary to sales leadership.

naftiko: '0.5'
info:
  label: Diagnostics Sales Opportunity Pipeline Report
  description: Pulls the diagnostics division's open Salesforce opportunity pipeline, refreshes the Power BI executive dashboard, and emails a weekly summary to sales leadership.
  tags:
  - sales
  - crm
  - salesforce
  - power-bi
  - reporting
capability:
  exposes:
  - type: mcp
    namespace: sales-pipeline
    port: 8080
    tools:
    - name: publish-pipeline-report
      description: Given a Salesforce opportunity filter and Power BI dataset ID, retrieve the open sales pipeline from Salesforce, trigger a Power BI refresh, and email the pipeline summary to sales leadership. Use weekly for sales forecast reviews.
      inputParameters:
      - name: division
        in: body
        type: string
        description: Sales division to filter, e.g. 'Diagnostics' or 'Medical Devices'.
      - name: pbi_dataset_id
        in: body
        type: string
        description: Power BI dataset ID for the pipeline dashboard.
      - name: leadership_email
        in: body
        type: string
        description: Sales leadership email distribution list.
      steps:
      - name: get-pipeline
        type: call
        call: salesforce-pipeline.query-opportunities
        with:
          division: '{{division}}'
          stage_not_in: Closed Won,Closed Lost
      - name: refresh-pbi
        type: call
        call: powerbi.trigger-refresh
        with:
          dataset_id: '{{pbi_dataset_id}}'
      - name: send-summary
        type: call
        call: msgraph-sales.send-email
        with:
          to: '{{leadership_email}}'
          subject: '{{division}} Pipeline Report — {{get-pipeline.record_count}} opportunities | ${{get-pipeline.total_value}}'
          body: 'Open pipeline for {{division}}: {{get-pipeline.record_count}} opportunities totaling ${{get-pipeline.total_value}}. Power BI dashboard refreshed.'
  consumes:
  - type: http
    namespace: salesforce-pipeline
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /query
      inputParameters:
      - name: division
        in: query
      - name: stage_not_in
        in: query
      operations:
      - name: query-opportunities
        method: GET
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: dataset-refreshes
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST
  - type: http
    namespace: msgraph-sales
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: send-mail
      path: /users/{{sender}}/sendMail
      operations:
      - name: send-email
        method: POST

Queries SAP for current inventory levels of a material at a specified plant, returning available stock, reserved quantity, and reorder status.

naftiko: '0.5'
info:
  label: SAP Inventory Level Check
  description: Queries SAP for current inventory levels of a material at a specified plant, returning available stock, reserved quantity, and reorder status.
  tags:
  - supply-chain
  - manufacturing
  - sap
capability:
  exposes:
  - type: mcp
    namespace: inventory-management
    port: 8080
    tools:
    - name: get-inventory-level
      description: Given a material number and plant code, return the unrestricted stock, reserved quantity, and reorder point status. Use when supply chain needs to check stock availability.
      inputParameters:
      - name: material_number
        in: body
        type: string
        description: SAP material number.
      - name: plant_code
        in: body
        type: string
        description: SAP plant code, e.g. '1000'.
      call: sap-erp.get-material-stock
      with:
        material: '{{material_number}}'
        plant: '{{plant_code}}'
      outputParameters:
      - name: unrestricted_stock
        type: number
        mapping: $.d.UnrestrictedStock
      - name: reserved_quantity
        type: number
        mapping: $.d.ReservedQuantity
      - name: reorder_point
        type: number
        mapping: $.d.ReorderPoint
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: material-stock
      path: /A_MaterialStock(Material='{{material}}',Plant='{{plant}}')
      inputParameters:
      - name: material
        in: path
      - name: plant
        in: path
      operations:
      - name: get-material-stock
        method: GET

Retrieves the current on-call engineer for a PagerDuty schedule, returning name, contact info, and rotation end time.

naftiko: '0.5'
info:
  label: PagerDuty On-Call Schedule Lookup
  description: Retrieves the current on-call engineer for a PagerDuty schedule, returning name, contact info, and rotation end time.
  tags:
  - it
  - observability
  - pagerduty
capability:
  exposes:
  - type: mcp
    namespace: on-call
    port: 8080
    tools:
    - name: get-on-call-engineer
      description: Given a PagerDuty schedule ID, return the currently on-call engineer name, email, and rotation end time. Use when teams need to identify who is on call.
      inputParameters:
      - name: schedule_id
        in: body
        type: string
        description: PagerDuty schedule identifier.
      call: pagerduty.get-on-call
      with:
        schedule_id: '{{schedule_id}}'
      outputParameters:
      - name: engineer_name
        type: string
        mapping: $.oncalls[0].user.name
      - name: email
        type: string
        mapping: $.oncalls[0].user.email
      - name: rotation_end
        type: string
        mapping: $.oncalls[0].end
  consumes:
  - type: http
    namespace: pagerduty
    baseUri: https://api.pagerduty.com
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.pagerduty_token
      placement: header
    resources:
    - name: oncalls
      path: /oncalls?schedule_ids[]={{schedule_id}}
      inputParameters:
      - name: schedule_id
        in: query
      operations:
      - name: get-on-call
        method: GET

Initiates a compliance document review cycle by retrieving the document from Veeva Vault, creating reviewer tasks in ServiceNow, setting deadlines, and notifying reviewers.

naftiko: '0.5'
info:
  label: Compliance Document Review Orchestration
  description: Initiates a compliance document review cycle by retrieving the document from Veeva Vault, creating reviewer tasks in ServiceNow, setting deadlines, and notifying reviewers.
  tags:
  - compliance
  - quality
  - veeva-vault
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: compliance-review
    port: 8080
    tools:
    - name: initiate-document-review
      description: Given a Veeva document ID and reviewer list, create review tasks, set deadlines, and notify reviewers. Use when quality or compliance initiates periodic document reviews.
      inputParameters:
      - name: document_id
        in: body
        type: string
        description: Veeva Vault document ID.
      - name: review_deadline
        in: body
        type: string
        description: Review deadline in YYYY-MM-DD format.
      steps:
      - name: get-document
        type: call
        call: veeva-vault.get-document
        with:
          doc_id: '{{document_id}}'
      - name: create-review-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Review: {{get-document.title}}'
          category: compliance_review
          assigned_group: Quality_Compliance
          due_date: '{{review_deadline}}'
      - name: notify-reviewers
        type: call
        call: msteams.send-message
        with:
          channel_id: compliance-reviews
          text: 'Document review requested: {{get-document.title}} (v{{get-document.version}}). Due: {{review_deadline}}. Task: {{create-review-task.number}}'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /objects/documents/{{doc_id}}
      inputParameters:
      - name: doc_id
        in: path
      operations:
      - name: get-document
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Executes a predefined clinical analytics query in Snowflake, returning aggregated patient outcome metrics for a given study.

naftiko: '0.5'
info:
  label: Snowflake Clinical Data Query
  description: Executes a predefined clinical analytics query in Snowflake, returning aggregated patient outcome metrics for a given study.
  tags:
  - clinical
  - analytics
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: clinical-analytics
    port: 8080
    tools:
    - name: query-clinical-metrics
      description: Given a study ID, return aggregated patient outcome metrics from the clinical data warehouse. Use when clinical data scientists need study-level analytics.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      call: snowflake.execute-query
      with:
        query_name: clinical_outcomes_summary
        params: '{{study_id}}'
      outputParameters:
      - name: total_patients
        type: integer
        mapping: $.data[0].total_patients
      - name: primary_endpoint_met
        type: boolean
        mapping: $.data[0].primary_endpoint_met
      - name: adverse_event_rate
        type: number
        mapping: $.data[0].ae_rate
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: queries
      path: /statements
      operations:
      - name: execute-query
        method: POST

When a Workday employee role change is approved, updates their Okta group memberships, adjusts Salesforce user profile, and notifies the IT help desk via ServiceNow.

naftiko: '0.5'
info:
  label: Employee Role Change Provisioning
  description: When a Workday employee role change is approved, updates their Okta group memberships, adjusts Salesforce user profile, and notifies the IT help desk via ServiceNow.
  tags:
  - hr
  - identity
  - workday
  - okta
  - provisioning
capability:
  exposes:
  - type: mcp
    namespace: role-change
    port: 8080
    tools:
    - name: process-role-change
      description: Given a Workday employee ID, new role, and Okta group assignments, update the employee's Okta group membership to reflect new role permissions, update their Salesforce user profile, and create a ServiceNow task for IT follow-up. Use when an employee's role or department changes.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: Workday worker ID of the employee with the role change.
      - name: new_role
        in: body
        type: string
        description: New job title or role description.
      - name: okta_add_groups
        in: body
        type: string
        description: Comma-separated Okta group IDs to add the user to.
      - name: okta_remove_groups
        in: body
        type: string
        description: Comma-separated Okta group IDs to remove the user from.
      - name: salesforce_user_id
        in: body
        type: string
        description: Salesforce user ID to update.
      steps:
      - name: get-worker
        type: call
        call: workday-rc.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: update-okta-groups
        type: call
        call: okta-role.update-user-groups
        with:
          user_email: '{{get-worker.work_email}}'
          add_groups: '{{okta_add_groups}}'
          remove_groups: '{{okta_remove_groups}}'
      - name: update-sf-profile
        type: call
        call: salesforce-role.update-user
        with:
          user_id: '{{salesforce_user_id}}'
          title: '{{new_role}}'
      - name: create-it-task
        type: call
        call: servicenow-rc.create-task
        with:
          short_description: 'Role change: {{get-worker.full_name}} → {{new_role}}'
          category: access_management
          assigned_group: IT_Access_Provisioning
  consumes:
  - type: http
    namespace: workday-rc
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: okta-role
    baseUri: https://abbott.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_token
      placement: header
    resources:
    - name: user-groups
      path: /groups/{{group_id}}/users
      inputParameters:
      - name: group_id
        in: path
      operations:
      - name: update-user-groups
        method: POST
  - type: http
    namespace: salesforce-role
    baseUri: https://abbott.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: users
      path: /sobjects/User/{{user_id}}
      inputParameters:
      - name: user_id
        in: path
      operations:
      - name: update-user
        method: PATCH
  - type: http
    namespace: servicenow-rc
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST

Creates a preventive maintenance order in SAP Plant Maintenance for manufacturing equipment.

naftiko: '0.5'
info:
  label: SAP Maintenance Order Creation
  description: Creates a preventive maintenance order in SAP Plant Maintenance for manufacturing equipment.
  tags:
  - manufacturing
  - maintenance
  - sap
capability:
  exposes:
  - type: mcp
    namespace: plant-maintenance
    port: 8080
    tools:
    - name: create-maintenance-order
      description: Given equipment ID and maintenance type, create a PM order in SAP and return the order number. Use when maintenance schedules trigger planned equipment servicing.
      inputParameters:
      - name: equipment_id
        in: body
        type: string
        description: SAP equipment ID.
      - name: maintenance_type
        in: body
        type: string
        description: 'Maintenance type: preventive, corrective, calibration.'
      call: sap-erp.create-pm-order
      with:
        equipment: '{{equipment_id}}'
        order_type: '{{maintenance_type}}'
      outputParameters:
      - name: order_number
        type: string
        mapping: $.d.MaintenanceOrder
      - name: planned_date
        type: string
        mapping: $.d.PlannedStartDate
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PM_ORDER_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: orders
      path: /A_MaintenanceOrder
      operations:
      - name: create-pm-order
        method: POST

Retrieves quality inspection lot details from SAP by inspection lot number, returning inspection results, usage decision, and defect counts.

naftiko: '0.5'
info:
  label: SAP Quality Inspection Lot Lookup
  description: Retrieves quality inspection lot details from SAP by inspection lot number, returning inspection results, usage decision, and defect counts.
  tags:
  - quality
  - manufacturing
  - sap
capability:
  exposes:
  - type: mcp
    namespace: quality-inspection
    port: 8080
    tools:
    - name: get-inspection-lot
      description: Given an SAP inspection lot number, return the inspection status, usage decision, and defect counts. Use when quality teams need to review inspection results.
      inputParameters:
      - name: inspection_lot
        in: body
        type: string
        description: SAP inspection lot number.
      call: sap-erp.get-inspection
      with:
        lot: '{{inspection_lot}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.d.InspectionLotStatus
      - name: usage_decision
        type: string
        mapping: $.d.UsageDecision
      - name: defect_count
        type: integer
        mapping: $.d.DefectCount
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/QM_INSPECTION_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: inspection-lots
      path: /A_InspectionLot('{{lot}}')
      inputParameters:
      - name: lot
        in: path
      operations:
      - name: get-inspection
        method: GET

Generates a post-market surveillance report by aggregating complaint data, adverse event reports, and field actions from multiple systems into a consolidated regulatory report.

naftiko: '0.5'
info:
  label: Post-Market Surveillance Report Orchestration
  description: Generates a post-market surveillance report by aggregating complaint data, adverse event reports, and field actions from multiple systems into a consolidated regulatory report.
  tags:
  - regulatory
  - quality
  - safety
  - snowflake
  - salesforce
  - veeva-vault
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: pms-reporting
    port: 8080
    tools:
    - name: generate-pms-report
      description: Given a product code and reporting period, aggregate complaints, adverse events, and field actions into a post-market surveillance report. Use when regulatory affairs prepares periodic safety reports.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: Abbott product code.
      - name: reporting_period
        in: body
        type: string
        description: Reporting period, e.g. 'Q1-2026'.
      steps:
      - name: get-complaint-data
        type: call
        call: snowflake.execute-query
        with:
          query_name: pms_complaint_summary
          params: '{{product_code}},{{reporting_period}}'
      - name: get-adverse-events
        type: call
        call: snowflake.execute-query
        with:
          query_name: pms_adverse_event_summary
          params: '{{product_code}},{{reporting_period}}'
      - name: create-report
        type: call
        call: veeva-vault.create-document
        with:
          doc_type: pms_report
          product_code: '{{product_code}}'
          period: '{{reporting_period}}'
      - name: notify-regulatory
        type: call
        call: msteams.send-message
        with:
          channel_id: regulatory-safety
          text: 'PMS report generated for {{product_code}} ({{reporting_period}}). Complaints: {{get-complaint-data.total}}. Adverse events: {{get-adverse-events.total}}. Document: {{create-report.document_id}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /objects/documents
      operations:
      - name: create-document
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a manufacturing line goes down, creates an incident, alerts the maintenance team, logs downtime in SAP, and updates the production schedule.

naftiko: '0.5'
info:
  label: Manufacturing Line Downtime Response
  description: When a manufacturing line goes down, creates an incident, alerts the maintenance team, logs downtime in SAP, and updates the production schedule.
  tags:
  - manufacturing
  - it
  - servicenow
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: mfg-downtime
    port: 8080
    tools:
    - name: handle-line-downtime
      description: Given a production line ID and failure reason, create a maintenance incident, notify the team, log downtime, and adjust production schedule. Use when manufacturing operations detects an unplanned line stoppage.
      inputParameters:
      - name: line_id
        in: body
        type: string
        description: Production line identifier.
      - name: failure_reason
        in: body
        type: string
        description: Description of the failure.
      steps:
      - name: create-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Line {{line_id}} down: {{failure_reason}}'
          category: manufacturing
          priority: '1'
          assigned_group: Maintenance_Engineering
      - name: alert-team
        type: call
        call: msteams.send-message
        with:
          channel_id: manufacturing-ops
          text: 'ALERT: Production line {{line_id}} is down. Reason: {{failure_reason}}. Incident: {{create-incident.number}}'
      - name: log-downtime
        type: call
        call: sap-erp.create-downtime-record
        with:
          work_center: '{{line_id}}'
          reason_code: '{{failure_reason}}'
          incident_ref: '{{create-incident.number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/PP_DOWNTIME_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: downtime
      path: /A_DowntimeRecord
      operations:
      - name: create-downtime-record
        method: POST

Uploads a regulatory document to a specified Box folder and returns the file ID and shared link.

naftiko: '0.5'
info:
  label: Box Regulatory File Upload
  description: Uploads a regulatory document to a specified Box folder and returns the file ID and shared link.
  tags:
  - regulatory
  - documentation
  - box
capability:
  exposes:
  - type: mcp
    namespace: file-storage
    port: 8080
    tools:
    - name: upload-to-box
      description: Given a folder ID and file details, upload the document to Box and return the file ID and link. Use when regulatory teams need to store documents in Box.
      inputParameters:
      - name: folder_id
        in: body
        type: string
        description: Box folder ID.
      - name: file_name
        in: body
        type: string
        description: Name of the file to upload.
      call: box.upload-file
      with:
        folder_id: '{{folder_id}}'
        name: '{{file_name}}'
      outputParameters:
      - name: file_id
        type: string
        mapping: $.entries[0].id
      - name: shared_link
        type: string
        mapping: $.entries[0].shared_link.url
  consumes:
  - type: http
    namespace: box
    baseUri: https://upload.box.com/api/2.0
    authentication:
      type: bearer
      token: $secrets.box_token
    resources:
    - name: files
      path: /files/content
      operations:
      - name: upload-file
        method: POST

Looks up an SAP S/4HANA purchase order by number and returns header status, vendor, total value, and open line items.

naftiko: '0.5'
info:
  label: SAP Purchase Order Status Lookup
  description: Looks up an SAP S/4HANA purchase order by number and returns header status, vendor, total value, and open line items.
  tags:
  - finance
  - procurement
  - erp
  - sap
capability:
  exposes:
  - type: mcp
    namespace: erp-procurement
    port: 8080
    tools:
    - name: get-purchase-order
      description: Given a SAP purchase order number, return the PO header status, vendor name, total amount, and open line items. Use when procurement teams need to check the status of an outstanding PO.
      inputParameters:
      - name: po_number
        in: body
        type: string
        description: SAP purchase order number, e.g. '4500012345'.
      call: sap-erp.get-po
      with:
        po_number: '{{po_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.d.OverallStatus
      - name: vendor
        type: string
        mapping: $.d.Supplier.CompanyName
      - name: total_amount
        type: string
        mapping: $.d.TotalAmount
      - name: currency
        type: string
        mapping: $.d.TransactionCurrency
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder('{{po_number}}')
      inputParameters:
      - name: po_number
        in: path
      operations:
      - name: get-po
        method: GET

Validates incoming SAP Ariba invoices against open purchase orders and routes exceptions to the accounts payable team for resolution.

naftiko: '0.5'
info:
  label: Supplier Ariba Invoice Validation and Approval
  description: Validates incoming SAP Ariba invoices against open purchase orders and routes exceptions to the accounts payable team for resolution.
  tags:
  - finance
  - procurement
  - sap-ariba
  - accounts-payable
  - erp
capability:
  exposes:
  - type: mcp
    namespace: ap-procurement
    port: 8080
    tools:
    - name: validate-supplier-invoice
      description: Given an SAP Ariba invoice ID and corresponding PO number, retrieve both documents, compare totals, and create a ServiceNow approval task if a mismatch is detected. Use when processing incoming supplier invoices requiring three-way match validation.
      inputParameters:
      - name: invoice_id
        in: body
        type: string
        description: SAP Ariba invoice ID.
      - name: po_number
        in: body
        type: string
        description: SAP purchase order number for three-way match.
      steps:
      - name: get-invoice
        type: call
        call: ariba.get-invoice
        with:
          invoice_id: '{{invoice_id}}'
      - name: get-po
        type: call
        call: sap-po.get-purchase-order
        with:
          po_number: '{{po_number}}'
      - name: create-approval
        type: call
        call: servicenow-ap.create-task
        with:
          short_description: 'Invoice validation: {{invoice_id}} vs PO {{po_number}}'
          description: 'Invoice total: {{get-invoice.total_amount}} | PO total: {{get-po.total_amount}} | Vendor: {{get-invoice.vendor_name}}'
          assigned_group: AP_Approvals
  consumes:
  - type: http
    namespace: ariba
    baseUri: https://openapi.ariba.com/api/invoice/v1
    authentication:
      type: bearer
      token: $secrets.ariba_token
    resources:
    - name: invoices
      path: /invoices/{{invoice_id}}
      inputParameters:
      - name: invoice_id
        in: path
      operations:
      - name: get-invoice
        method: GET
  - type: http
    namespace: sap-po
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder('{{po_number}}')
      inputParameters:
      - name: po_number
        in: path
      operations:
      - name: get-purchase-order
        method: GET
  - type: http
    namespace: servicenow-ap
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST

Assembles QBR data by pulling financial results from SAP, pipeline data from Salesforce, headcount from Workday, and generating a consolidated Snowflake report.

naftiko: '0.5'
info:
  label: Quarterly Business Review Data Orchestration
  description: Assembles QBR data by pulling financial results from SAP, pipeline data from Salesforce, headcount from Workday, and generating a consolidated Snowflake report.
  tags:
  - finance
  - sales
  - hr
  - sap
  - salesforce
  - workday
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: qbr-data
    port: 8080
    tools:
    - name: assemble-qbr-data
      description: Given a division code and fiscal quarter, pull financials, pipeline, headcount, and generate a consolidated QBR report. Use when finance prepares quarterly business reviews.
      inputParameters:
      - name: division_code
        in: body
        type: string
        description: Abbott division code.
      - name: fiscal_quarter
        in: body
        type: string
        description: Fiscal quarter, e.g. 'Q1-2026'.
      steps:
      - name: get-financials
        type: call
        call: sap-erp.get-pl-summary
        with:
          division: '{{division_code}}'
          quarter: '{{fiscal_quarter}}'
      - name: get-pipeline
        type: call
        call: salesforce.get-pipeline-summary
        with:
          division: '{{division_code}}'
          quarter: '{{fiscal_quarter}}'
      - name: get-headcount
        type: call
        call: workday.get-headcount
        with:
          division: '{{division_code}}'
      - name: generate-report
        type: call
        call: snowflake.execute-query
        with:
          query_name: qbr_consolidated_report
          params: '{{division_code}},{{fiscal_quarter}},{{get-financials.revenue}},{{get-pipeline.pipeline_value}},{{get-headcount.total}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/FI_PL_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: pl-summary
      path: /A_PLSummary
      operations:
      - name: get-pl-summary
        method: GET
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: pipeline
      path: /analytics/reports/pipeline_summary
      operations:
      - name: get-pipeline-summary
        method: GET
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: headcount
      path: /headcount
      operations:
      - name: get-headcount
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

When a Salesforce opportunity is closed-won, creates an SAP sales order, updates the CRM record, and notifies the fulfillment team.

naftiko: '0.5'
info:
  label: Salesforce Opportunity to Order Orchestration
  description: When a Salesforce opportunity is closed-won, creates an SAP sales order, updates the CRM record, and notifies the fulfillment team.
  tags:
  - sales
  - erp
  - salesforce
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: opportunity-to-order
    port: 8080
    tools:
    - name: convert-opportunity-to-order
      description: Given a Salesforce opportunity ID, create a sales order in SAP, update the opportunity with the order number, and notify fulfillment. Use when sales closes a deal.
      inputParameters:
      - name: opportunity_id
        in: body
        type: string
        description: Salesforce opportunity ID.
      steps:
      - name: get-opportunity
        type: call
        call: salesforce.get-opportunity
        with:
          opp_id: '{{opportunity_id}}'
      - name: create-sales-order
        type: call
        call: sap-erp.create-order
        with:
          customer: '{{get-opportunity.account_sap_id}}'
          material: '{{get-opportunity.product_code}}'
          quantity: '{{get-opportunity.quantity}}'
          amount: '{{get-opportunity.amount}}'
      - name: update-opportunity
        type: call
        call: salesforce.update-opportunity
        with:
          opp_id: '{{opportunity_id}}'
          sap_order_number: '{{create-sales-order.order_number}}'
      - name: notify-fulfillment
        type: call
        call: msteams.send-message
        with:
          channel_id: order-fulfillment
          text: 'New SAP order {{create-sales-order.order_number}} from opportunity {{opportunity_id}}. Customer: {{get-opportunity.account_name}}. Amount: {{get-opportunity.amount}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbott.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /sobjects/Opportunity/{{opp_id}}
      inputParameters:
      - name: opp_id
        in: path
      operations:
      - name: get-opportunity
        method: GET
      - name: update-opportunity
        method: PATCH
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/SD_SALES_ORDER_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: orders
      path: /A_SalesOrder
      operations:
      - name: create-order
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Prepares for a regulatory audit by gathering open CAPAs, pending deviations, training compliance status, and generating a consolidated readiness report.

naftiko: '0.5'
info:
  label: Regulatory Audit Preparation Orchestration
  description: Prepares for a regulatory audit by gathering open CAPAs, pending deviations, training compliance status, and generating a consolidated readiness report.
  tags:
  - regulatory
  - quality
  - compliance
  - servicenow
  - workday
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: audit-preparation
    port: 8080
    tools:
    - name: prepare-audit-package
      description: Given an audit type and facility code, gather open CAPAs, pending deviations, training compliance metrics, and generate a readiness report. Use when quality assurance prepares for FDA or ISO audits.
      inputParameters:
      - name: audit_type
        in: body
        type: string
        description: 'Type of audit: FDA, ISO, internal.'
      - name: facility_code
        in: body
        type: string
        description: Manufacturing facility code.
      steps:
      - name: get-open-capas
        type: call
        call: servicenow.query-capas
        with:
          facility: '{{facility_code}}'
          status: open
      - name: get-deviations
        type: call
        call: servicenow.query-deviations
        with:
          facility: '{{facility_code}}'
          status: pending
      - name: get-training-compliance
        type: call
        call: workday.get-training-status
        with:
          facility: '{{facility_code}}'
          compliance_type: gmp
      - name: generate-report
        type: call
        call: snowflake.execute-query
        with:
          query_name: audit_readiness_report
          params: '{{facility_code}},{{audit_type}},{{get-open-capas.count}},{{get-deviations.count}},{{get-training-compliance.compliance_rate}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbott.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: capas
      path: /table/u_capa
      operations:
      - name: query-capas
        method: GET
    - name: deviations
      path: /table/u_deviation
      operations:
      - name: query-deviations
        method: GET
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: training
      path: /training/compliance
      operations:
      - name: get-training-status
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://abbott.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

Triggers a Terraform Cloud workspace run to provision new environment infrastructure, notifies the DevOps team via Teams upon completion.

naftiko: '0.5'
info:
  label: Terraform Infrastructure Provisioning
  description: Triggers a Terraform Cloud workspace run to provision new environment infrastructure, notifies the DevOps team via Teams upon completion.
  tags:
  - devops
  - terraform
  - cloud
  - infrastructure
  - provisioning
capability:
  exposes:
  - type: mcp
    namespace: tf-provisioning
    port: 8080
    tools:
    - name: provision-environment
      description: Given a Terraform Cloud workspace ID and environment label, trigger a plan-and-apply run to provision cloud infrastructure. Notify the DevOps Teams channel with run status. Use when standing up new environments for product development or clinical systems.
      inputParameters:
      - name: workspace_id
        in: body
        type: string
        description: Terraform Cloud workspace ID.
      - name: environment_label
        in: body
        type: string
        description: Human-readable environment label, e.g. 'freestyle-libre-staging'.
      - name: devops_channel_id
        in: body
        type: string
        description: DevOps Teams channel ID.
      steps:
      - name: trigger-tf-run
        type: call
        call: terraform.create-run
        with:
          workspace_id: '{{workspace_id}}'
          message: Provisioning {{environment_label}}
          auto_apply: 'true'
      - name: notify-devops
        type: call
        call: msteams-tf.post-channel-message
        with:
          channel_id: '{{devops_channel_id}}'
          text: 'Terraform run triggered for {{environment_label}} (workspace {{workspace_id}}). Run ID: {{trigger-tf-run.data.id}}'
  consumes:
  - type: http
    namespace: terraform
    baseUri: https://app.terraform.io/api/v2
    authentication:
      type: bearer
      token: $secrets.terraform_token
    resources:
    - name: runs
      path: /runs
      operations:
      - name: create-run
        method: POST
  - type: http
    namespace: msteams-tf
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: channel-messages
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Creates a new bug report in Jira with specified project, summary, description, and priority fields.

naftiko: '0.5'
info:
  label: Jira Bug Report Creation
  description: Creates a new bug report in Jira with specified project, summary, description, and priority fields.
  tags:
  - devops
  - engineering
  - jira
capability:
  exposes:
  - type: mcp
    namespace: issue-tracking
    port: 8080
    tools:
    - name: create-bug-report
      description: Given a project key, summary, description, and priority, create a Jira bug issue and return the issue key. Use when engineering teams need to log a software defect.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: Jira project key, e.g. 'LIBRE'.
      - name: summary
        in: body
        type: string
        description: Bug summary.
      - name: description
        in: body
        type: string
        description: Detailed bug description.
      - name: priority
        in: body
        type: string
        description: 'Priority: Critical, High, Medium, Low.'
      call: jira.create-issue
      with:
        project: '{{project_key}}'
        issuetype: Bug
        summary: '{{summary}}'
        description: '{{description}}'
        priority: '{{priority}}'
      outputParameters:
      - name: issue_key
        type: string
        mapping: $.key
      - name: issue_url
        type: string
        mapping: $.self
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbott.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST

Assesses new product launch readiness by checking regulatory clearance, supply chain readiness, marketing material approval, and sales team training completion.

naftiko: '0.5'
info:
  label: New Product Launch Readiness Orchestration
  description: Assesses new product launch readiness by checking regulatory clearance, supply chain readiness, marketing material approval, and sales team training completion.
  tags:
  - manufacturing
  - regulatory
  - marketing
  - veeva-vault
  - sap
  - workday
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: launch-readiness
    port: 8080
    tools:
    - name: assess-launch-readiness
      description: Given a product code, check regulatory clearance, supply chain status, marketing readiness, and training completion. Use when product management assesses launch readiness.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: Abbott product code.
      steps:
      - name: check-regulatory
        type: call
        call: veeva-vault.get-clearance-status
        with:
          product_code: '{{product_code}}'
      - name: check-supply-chain
        type: call
        call: sap-erp.get-material-availability
        with:
          material: '{{product_code}}'
      - name: check-training
        type: call
        call: workday.get-training-status
        with:
          course: product-launch-{{product_code}}
      - name: report-readiness
        type: call
        call: msteams.send-message
        with:
          channel_id: product-launches
          text: 'Launch readiness for {{product_code}}: Regulatory: {{check-regulatory.status}}. Supply: {{check-supply-chain.availability}}. Training: {{check-training.completion_rate}}% complete.'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://abbott-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: clearance
      path: /objects/clearance__c
      operations:
      - name: get-clearance-status
        method: GET
  - type: http
    namespace: sap-erp
    baseUri: https://abbott-s4.sap.com/sap/opu/odata/sap/MM_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: availability
      path: /A_MaterialAvailability('{{material}}')
      inputParameters:
      - name: material
        in: path
      operations:
      - name: get-material-availability
        method: GET
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: training
      path: /training/compliance
      operations:
      - name: get-training-status
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Searches PubMed for new publications, logs findings in Veeva Vault, creates a Jira review task, and sends a digest to the medical affairs Slack channel.

naftiko: '0.5'
info:
  label: Medical Affairs Literature Review Pipeline
  description: Searches PubMed for new publications, logs findings in Veeva Vault, creates a Jira review task, and sends a digest to the medical affairs Slack channel.
  tags:
  - medical-affairs
  - pubmed
  - veeva
  - jira
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: medical_affairs_literature_review_pipeli
      description: Orchestrate medical affairs literature review pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: search-pubmed
        type: call
        call: pubmed.search
        with:
          query: '{{resource_id}}'
      - name: log-findings
        type: call
        call: veeva.create-document
        with:
          name: 'Literature review: {{resource_id}}'
      - name: create-review
        type: call
        call: jira.create-issue
        with:
          project: MA
          summary: 'Literature review: {{resource_id}}'
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: medical-affairs
          text: 'New publications for {{resource_id}}: {{search-pubmed.count}} articles. Review: {{create-review.key}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Publishes a new Google Tag Manager container version for AbbVie's digital marketing properties, logs the deployment in Adobe Analytics, and notifies the digital team in Microsoft Teams.

naftiko: '0.5'
info:
  label: Google Tag Manager Container Version Publish
  description: Publishes a new Google Tag Manager container version for AbbVie's digital marketing properties, logs the deployment in Adobe Analytics, and notifies the digital team in Microsoft Teams.
  tags:
  - marketing
  - tag-management
  - google-tag-manager
  - adobe-analytics
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: digital-marketing
    port: 8080
    tools:
    - name: publish-container
      description: Given a GTM account, container, and workspace, publish the container version and log the deployment.
      inputParameters:
      - name: account_id
        in: body
        type: string
        description: GTM account ID.
      - name: container_id
        in: body
        type: string
        description: GTM container ID.
      - name: workspace_id
        in: body
        type: string
        description: GTM workspace ID.
      - name: version_name
        in: body
        type: string
        description: Name for the published version.
      steps:
      - name: publish-version
        type: call
        call: gtm.publish-workspace
        with:
          account_id: '{{account_id}}'
          container_id: '{{container_id}}'
          workspace_id: '{{workspace_id}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel: digital-marketing
          text: 'GTM Container Published: {{version_name}} (Container: {{container_id}}). Version: {{publish-version.version_id}}. Published at: {{publish-version.published_at}}'
  consumes:
  - type: http
    namespace: gtm
    baseUri: https://www.googleapis.com/tagmanager/v2
    authentication:
      type: bearer
      token: $secrets.google_tagmanager_token
    resources:
    - name: workspaces
      path: /accounts/{{account_id}}/containers/{{container_id}}/workspaces/{{workspace_id}}:quick_preview
      inputParameters:
      - name: account_id
        in: path
      - name: container_id
        in: path
      - name: workspace_id
        in: path
      operations:
      - name: publish-workspace
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Updates rate limiting configuration on a Kong API gateway route for AbbVie's partner-facing APIs, logs the change in ServiceNow, and notifies the integration team.

naftiko: '0.5'
info:
  label: Kong API Gateway Rate Limit Update
  description: Updates rate limiting configuration on a Kong API gateway route for AbbVie's partner-facing APIs, logs the change in ServiceNow, and notifies the integration team.
  tags:
  - api-management
  - kong
  - servicenow
  - microsoft-teams
  - integration
capability:
  exposes:
  - type: mcp
    namespace: api-ops
    port: 8080
    tools:
    - name: update-rate-limit
      description: Given a Kong route ID and new rate limit, update the plugin configuration, log the change, and notify the team.
      inputParameters:
      - name: route_id
        in: body
        type: string
        description: Kong route ID.
      - name: rate_limit
        in: body
        type: string
        description: New rate limit (requests per minute).
      - name: change_reason
        in: body
        type: string
        description: Reason for the rate limit change.
      steps:
      - name: update-plugin
        type: call
        call: kong.update-rate-limit
        with:
          route_id: '{{route_id}}'
          rate_limit: '{{rate_limit}}'
      - name: log-change
        type: call
        call: servicenow.create-change
        with:
          short_description: 'Kong rate limit update: route {{route_id}} to {{rate_limit}} rpm'
          description: 'Route: {{route_id}}

            New limit: {{rate_limit}} rpm

            Reason: {{change_reason}}'
          assigned_group: Integration_Team
          category: api_management
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel: integration-ops
          text: 'Kong rate limit updated: Route {{route_id}} now at {{rate_limit}} rpm. Reason: {{change_reason}}. Change: {{log-change.number}}'
  consumes:
  - type: http
    namespace: kong
    baseUri: https://kong-admin.abbvie.com
    authentication:
      type: bearer
      token: $secrets.kong_admin_token
    resources:
    - name: rate-limit-plugins
      path: /routes/{{route_id}}/plugins/rate-limiting
      inputParameters:
      - name: route_id
        in: path
      operations:
      - name: update-rate-limit
        method: PATCH
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Publishes an approved job posting to LinkedIn, logs the posting in Salesforce for talent acquisition tracking, and notifies the recruiting team in Microsoft Teams.

naftiko: '0.5'
info:
  label: LinkedIn Job Posting Publisher
  description: Publishes an approved job posting to LinkedIn, logs the posting in Salesforce for talent acquisition tracking, and notifies the recruiting team in Microsoft Teams.
  tags:
  - hr
  - talent-acquisition
  - linkedin
  - salesforce
  - microsoft-teams
  - recruiting
capability:
  exposes:
  - type: mcp
    namespace: talent-acquisition
    port: 8080
    tools:
    - name: publish-job-posting
      description: Given job details, publish to LinkedIn, log in Salesforce, and notify the recruiting team.
      inputParameters:
      - name: job_title
        in: body
        type: string
        description: Title of the job posting.
      - name: job_description
        in: body
        type: string
        description: Full job description text.
      - name: location
        in: body
        type: string
        description: Job location.
      - name: department
        in: body
        type: string
        description: Hiring department.
      - name: requisition_id
        in: body
        type: string
        description: Internal requisition ID from PeopleSoft.
      steps:
      - name: post-to-linkedin
        type: call
        call: linkedin.create-job-posting
        with:
          title: '{{job_title}}'
          description: '{{job_description}}'
          location: '{{location}}'
      - name: log-in-salesforce
        type: call
        call: salesforce.create-record
        with:
          object_type: Job_Posting__c
          fields: '{"Name": "{{job_title}}", "LinkedIn_Post_Id__c": "{{post-to-linkedin.id}}", "Requisition_Id__c": "{{requisition_id}}", "Department__c": "{{department}}"}'
      - name: notify-recruiters
        type: call
        call: msteams.send-message
        with:
          channel: talent-acquisition
          text: 'New job posted to LinkedIn: {{job_title}} ({{location}}). Req: {{requisition_id}}. LinkedIn ID: {{post-to-linkedin.id}}.'
  consumes:
  - type: http
    namespace: linkedin
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: job-postings
      path: /simpleJobPostings
      operations:
      - name: create-job-posting
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: records
      path: /sobjects/{{object_type}}
      inputParameters:
      - name: object_type
        in: path
      operations:
      - name: create-record
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the status of a Bitbucket pipeline run. Used by development teams at AbbVie to check build and deployment progress.

naftiko: '0.5'
info:
  label: Bitbucket Pipeline Status
  description: Retrieves the status of a Bitbucket pipeline run. Used by development teams at AbbVie to check build and deployment progress.
  tags:
  - devops
  - bitbucket
  - ci-cd
capability:
  exposes:
  - type: mcp
    namespace: ci-cd
    port: 8080
    tools:
    - name: get-pipeline
      description: Look up a Bitbucket pipeline run by repository and pipeline UUID.
      inputParameters:
      - name: repo_slug
        in: body
        type: string
        description: The repository slug.
      - name: pipeline_uuid
        in: body
        type: string
        description: The pipeline UUID.
      call: bitbucket.get-pipeline
      with:
        repo_slug: '{{repo_slug}}'
        pipeline_uuid: '{{pipeline_uuid}}'
  consumes:
  - type: http
    namespace: bitbucket
    baseUri: https://api.bitbucket.org/2.0/repositories/abbvie
    authentication:
      type: bearer
      token: $secrets.bitbucket_token
    resources:
    - name: pipelines
      path: /{{repo_slug}}/pipelines/{{pipeline_uuid}}
      inputParameters:
      - name: repo_slug
        in: path
      - name: pipeline_uuid
        in: path
      operations:
      - name: get-pipeline
        method: GET

Creates and schedules a MailChimp email campaign targeting healthcare professionals, tags the campaign in Salesforce for CRM tracking, and logs the launch in Confluence for compliance documentation.

naftiko: '0.5'
info:
  label: HCP Engagement Email Campaign
  description: Creates and schedules a MailChimp email campaign targeting healthcare professionals, tags the campaign in Salesforce for CRM tracking, and logs the launch in Confluence for compliance documentation.
  tags:
  - marketing
  - hcp-engagement
  - mailchimp
  - salesforce
  - confluence
  - compliance
capability:
  exposes:
  - type: mcp
    namespace: hcp-marketing
    port: 8080
    tools:
    - name: launch-hcp-campaign
      description: Given campaign details and a MailChimp audience, create the email campaign, tag the Salesforce campaign, and log in Confluence for regulatory documentation.
      inputParameters:
      - name: campaign_name
        in: body
        type: string
        description: Name of the HCP email campaign.
      - name: audience_id
        in: body
        type: string
        description: MailChimp audience (list) ID for HCPs.
      - name: subject_line
        in: body
        type: string
        description: Email subject line.
      - name: salesforce_campaign_id
        in: body
        type: string
        description: Salesforce campaign ID for CRM tracking.
      - name: therapeutic_area
        in: body
        type: string
        description: Therapeutic area (e.g., immunology, oncology).
      steps:
      - name: create-email-campaign
        type: call
        call: mailchimp.create-campaign
        with:
          list_id: '{{audience_id}}'
          subject_line: '{{subject_line}}'
          title: '{{campaign_name}}'
      - name: update-salesforce-campaign
        type: call
        call: salesforce.update-campaign
        with:
          campaign_id: '{{salesforce_campaign_id}}'
          status: In Progress
          description: MailChimp campaign {{create-email-campaign.id}} launched for {{therapeutic_area}} HCPs.
      - name: log-compliance
        type: call
        call: confluence.create-page
        with:
          space_key: MKTCOMPLIANCE
          title: 'HCP Campaign Log: {{campaign_name}} — {{therapeutic_area}}'
          body: 'Campaign: {{campaign_name}}

            Therapeutic Area: {{therapeutic_area}}

            MailChimp ID: {{create-email-campaign.id}}

            Salesforce Campaign: {{salesforce_campaign_id}}

            Subject: {{subject_line}}

            Audience: {{audience_id}}'
  consumes:
  - type: http
    namespace: mailchimp
    baseUri: https://us1.api.mailchimp.com/3.0
    authentication:
      type: basic
      username: anystring
      password: $secrets.mailchimp_api_key
    resources:
    - name: campaigns
      path: /campaigns
      operations:
      - name: create-campaign
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: campaigns
      path: /sobjects/Campaign/{{campaign_id}}
      inputParameters:
      - name: campaign_id
        in: path
      operations:
      - name: update-campaign
        method: PATCH
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Retrieves application performance metrics from Dynatrace including response time, error rate, and throughput for AbbVie's patient-facing and commercial web applications.

naftiko: '0.5'
info:
  label: Dynatrace Application Performance
  description: Retrieves application performance metrics from Dynatrace including response time, error rate, and throughput for AbbVie's patient-facing and commercial web applications.
  tags:
  - devops
  - apm
  - dynatrace
  - performance
capability:
  exposes:
  - type: mcp
    namespace: apm
    port: 8080
    tools:
    - name: get-app-performance
      description: Look up Dynatrace application performance metrics for a given application entity ID.
      inputParameters:
      - name: entity_id
        in: body
        type: string
        description: Dynatrace application entity ID.
      call: dynatrace.get-entity
      with:
        entity_id: '{{entity_id}}'
  consumes:
  - type: http
    namespace: dynatrace
    baseUri: https://abbvie.live.dynatrace.com/api/v2
    authentication:
      type: bearer
      token: $secrets.dynatrace_token
    resources:
    - name: entities
      path: /entities/{{entity_id}}
      inputParameters:
      - name: entity_id
        in: path
      operations:
      - name: get-entity
        method: GET

On termination in Workday, disables Okta account, revokes Azure AD access, creates ServiceNow ticket for equipment return, and archives Box files.

naftiko: '0.5'
info:
  label: Employee Offboarding Orchestrator
  description: On termination in Workday, disables Okta account, revokes Azure AD access, creates ServiceNow ticket for equipment return, and archives Box files.
  tags:
  - hr
  - workday
  - okta
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: employee_offboarding_orchestrator
      description: Orchestrate employee offboarding orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-employee
        type: call
        call: workday.get-employee
        with:
          employee_id: '{{resource_id}}'
      - name: disable-okta
        type: call
        call: okta.deactivate-user
        with:
          user_id: '{{get-employee.email}}'
      - name: create-ticket
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Equipment return: {{get-employee.full_name}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: hr-ops
          text: Offboarding complete for {{get-employee.full_name}}
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/abbvie
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: workday-operation
        method: POST
  - type: http
    namespace: okta
    baseUri: https://abbvie.okta.com/api/v1
    authentication:
      type: apiKey
      key: $secrets.okta_api_token
      header: Authorization
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: okta-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Checks the sync status of an Argo CD application deployment. Used by DevOps teams to verify GitOps deployment health for AbbVie's containerized pharma applications.

naftiko: '0.5'
info:
  label: Argo CD Deployment Sync Status
  description: Checks the sync status of an Argo CD application deployment. Used by DevOps teams to verify GitOps deployment health for AbbVie's containerized pharma applications.
  tags:
  - devops
  - gitops
  - argo
  - deployment
  - kubernetes
capability:
  exposes:
  - type: mcp
    namespace: gitops
    port: 8080
    tools:
    - name: get-sync-status
      description: Look up the sync status of an Argo CD application.
      inputParameters:
      - name: app_name
        in: body
        type: string
        description: Argo CD application name.
      call: argocd.get-application
      with:
        app_name: '{{app_name}}'
  consumes:
  - type: http
    namespace: argocd
    baseUri: https://argocd.abbvie.com/api/v1
    authentication:
      type: bearer
      token: $secrets.argocd_token
    resources:
    - name: applications
      path: /applications/{{app_name}}
      inputParameters:
      - name: app_name
        in: path
      operations:
      - name: get-application
        method: GET

Pulls open vulnerabilities from Qualys, correlates with ServiceNow CMDB assets, creates remediation tasks in Jira, and tracks SLA in Grafana.

naftiko: '0.5'
info:
  label: Vulnerability Remediation Tracker
  description: Pulls open vulnerabilities from Qualys, correlates with ServiceNow CMDB assets, creates remediation tasks in Jira, and tracks SLA in Grafana.
  tags:
  - security
  - qualys
  - servicenow
  - jira
  - grafana
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: vulnerability_remediation_tracker
      description: Orchestrate vulnerability remediation tracker workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-vulns
        type: call
        call: qualys.get-vulnerabilities
        with:
          scan_id: '{{resource_id}}'
      - name: get-assets
        type: call
        call: servicenow.get-cmdb-ci
        with:
          ip_address: '{{get-vulns.affected_ip}}'
      - name: create-remediation
        type: call
        call: jira.create-issue
        with:
          project: SEC
          summary: 'Remediate: {{get-vulns.cve_id}} on {{get-assets.name}}'
      - name: update-dashboard
        type: call
        call: grafana.annotate
        with:
          dashboard_uid: vuln-tracking
          text: 'New remediation: {{create-remediation.key}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: grafana
    baseUri: https://abbvie-grafana.com/api
    authentication:
      type: bearer
      token: $secrets.grafana_api_key
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: grafana-operation
        method: POST

When a pharmacovigilance team member logs an adverse event, creates a ServiceNow safety case, stores documentation in Box, and alerts the drug safety team in Microsoft Teams with full case context.

naftiko: '0.5'
info:
  label: Adverse Event Reporting Pipeline
  description: When a pharmacovigilance team member logs an adverse event, creates a ServiceNow safety case, stores documentation in Box, and alerts the drug safety team in Microsoft Teams with full case context.
  tags:
  - pharmacovigilance
  - drug-safety
  - adverse-event
  - servicenow
  - box
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: drug-safety
    port: 8080
    tools:
    - name: report-adverse-event
      description: Given adverse event details, create a safety case in ServiceNow, upload supporting documents to Box, and alert the drug safety team.
      inputParameters:
      - name: patient_id
        in: body
        type: string
        description: Anonymized patient identifier.
      - name: product_name
        in: body
        type: string
        description: AbbVie product associated with the event.
      - name: event_description
        in: body
        type: string
        description: Description of the adverse event.
      - name: severity
        in: body
        type: string
        description: 'Severity level: mild, moderate, severe, life-threatening.'
      - name: reporter_email
        in: body
        type: string
        description: Email of the reporting healthcare professional.
      steps:
      - name: create-safety-case
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'AE Report: {{product_name}} — {{severity}}'
          category: pharmacovigilance
          assigned_group: Drug_Safety
          description: 'Patient: {{patient_id}}. Product: {{product_name}}. Severity: {{severity}}. Event: {{event_description}}. Reporter: {{reporter_email}}.'
      - name: create-case-folder
        type: call
        call: box.create-folder
        with:
          parent_folder_id: pharmacovigilance_root
          folder_name: AE_{{create-safety-case.number}}_{{product_name}}
      - name: alert-safety-team
        type: call
        call: msteams.send-message
        with:
          channel: drug-safety-alerts
          text: 'New Adverse Event: {{product_name}} ({{severity}}). Case: {{create-safety-case.number}}. Patient: {{patient_id}}. Docs: {{create-case-folder.url}}. Reporter: {{reporter_email}}.'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: box
    baseUri: https://api.box.com/2.0
    authentication:
      type: bearer
      token: $secrets.box_token
    resources:
    - name: folders
      path: /folders
      operations:
      - name: create-folder
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Looks up a SAP purchase order by number and returns header status, vendor, total value, and delivery date. Used by procurement teams to check PO health for pharmaceutical raw materials and packaging.

naftiko: '0.5'
info:
  label: SAP Purchase Order Status
  description: Looks up a SAP purchase order by number and returns header status, vendor, total value, and delivery date. Used by procurement teams to check PO health for pharmaceutical raw materials and packaging.
  tags:
  - procurement
  - erp
  - sap
  - purchase-order
  - supply-chain
capability:
  exposes:
  - type: mcp
    namespace: erp-procurement
    port: 8080
    tools:
    - name: get-purchase-order
      description: Look up a SAP purchase order by PO number. Returns header status, vendor name, total value, currency, and delivery date.
      inputParameters:
      - name: po_number
        in: body
        type: string
        description: The SAP purchase order number (10-digit).
      call: sap.get-po
      with:
        po_number: '{{po_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.d.OverallStatus
      - name: vendor
        type: string
        mapping: $.d.Supplier.CompanyName
      - name: total_value
        type: string
        mapping: $.d.TotalAmount
      - name: currency
        type: string
        mapping: $.d.TransactionCurrency
      - name: delivery_date
        type: string
        mapping: $.d.DeliveryDate
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    inputParameters:
    - name: Accept
      in: header
      value: application/json
    - name: sap-client
      in: header
      value: '100'
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder('{{po_number}}')
      inputParameters:
      - name: po_number
        in: path
      operations:
      - name: get-po
        method: GET

Extracts contract metadata from Icertis CLM, validates terms in SharePoint, logs compliance in ServiceNow, updates Salesforce, and notifies legal via Teams.

naftiko: '0.5'
info:
  label: Contract Lifecycle Management Pipeline
  description: Extracts contract metadata from Icertis CLM, validates terms in SharePoint, logs compliance in ServiceNow, updates Salesforce, and notifies legal via Teams.
  tags:
  - legal
  - salesforce
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: contract_lifecycle_management_pipeline
      description: Orchestrate contract lifecycle management pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-contract
        type: call
        call: icertis.get-contract
        with:
          contract_id: '{{resource_id}}'
      - name: validate-terms
        type: call
        call: sharepoint.get-template
        with:
          template_id: legal_terms
      - name: log-compliance
        type: call
        call: servicenow.create-record
        with:
          table: contract_compliance
          contract_id: '{{resource_id}}'
      - name: notify-legal
        type: call
        call: msteams.send-message
        with:
          channel: legal
          text: 'Contract {{resource_id}} validated. Status: {{log-compliance.state}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: salesforce-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Extracts research data from Oracle, loads into Snowflake, runs quality checks, catalogs in Alation, and notifies data science in Slack.

naftiko: '0.5'
info:
  label: Research Data Lake Ingestion Pipeline
  description: Extracts research data from Oracle, loads into Snowflake, runs quality checks, catalogs in Alation, and notifies data science in Slack.
  tags:
  - data-engineering
  - oracle
  - snowflake
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: research_data_lake_ingestion_pipeline
      description: Orchestrate research data lake ingestion pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: extract-data
        type: call
        call: oracle.extract-table
        with:
          table_name: '{{resource_id}}'
      - name: load-data
        type: call
        call: snowflake.load-data
        with:
          source_ref: '{{extract-data.file_uri}}'
      - name: run-dq
        type: call
        call: greatexpectations.validate
        with:
          suite: '{{resource_id}}'
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: data-science
          text: 'Ingestion complete: {{resource_id}}. DQ: {{run-dq.success_percent}}%'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Receives ServiceNow request, generates Terraform plans, runs security scans, applies infrastructure, registers in CMDB, and notifies requestor.

naftiko: '0.5'
info:
  label: Terraform Environment Provisioning Orchestrator
  description: Receives ServiceNow request, generates Terraform plans, runs security scans, applies infrastructure, registers in CMDB, and notifies requestor.
  tags:
  - devops
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: terraform_environment_provisioning_orche
      description: Orchestrate terraform environment provisioning orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-request
        type: call
        call: servicenow.get-request
        with:
          request_id: '{{resource_id}}'
      - name: plan-infra
        type: call
        call: terraform.create-plan
        with:
          workspace: '{{get-request.workspace}}'
      - name: apply-infra
        type: call
        call: terraform.apply-plan
        with:
          plan_id: '{{plan-infra.plan_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: platform-eng
          text: 'Environment provisioned for {{resource_id}}: {{apply-infra.outputs}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

When an FDA label change is required, retrieves the current label from SharePoint, creates a review task in ServiceNow for regulatory affairs, notifies medical writing in Microsoft Teams, and logs the change in Confluence for audit trail.

naftiko: '0.5'
info:
  label: Drug Label Update Workflow
  description: When an FDA label change is required, retrieves the current label from SharePoint, creates a review task in ServiceNow for regulatory affairs, notifies medical writing in Microsoft Teams, and logs the change in Confluence for audit trail.
  tags:
  - regulatory
  - drug-labeling
  - fda
  - sharepoint
  - servicenow
  - microsoft-teams
  - confluence
capability:
  exposes:
  - type: mcp
    namespace: regulatory-labeling
    port: 8080
    tools:
    - name: initiate-label-update
      description: Given a product code and change reason, start the drug label update workflow across regulatory, medical writing, and QA systems.
      inputParameters:
      - name: product_code
        in: body
        type: string
        description: AbbVie product code.
      - name: ndc_code
        in: body
        type: string
        description: National Drug Code.
      - name: change_reason
        in: body
        type: string
        description: Reason for the label update (e.g., safety update, new indication).
      - name: priority
        in: body
        type: string
        description: 'Priority level: routine, urgent, safety.'
      steps:
      - name: get-current-label
        type: call
        call: sharepoint.list-folder
        with:
          site_id: regulatory_labels
          folder_path: Labels/{{product_code}}/Current
      - name: create-review-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Label update: {{product_code}} (NDC: {{ndc_code}}) — {{change_reason}}'
          assigned_group: Regulatory_Affairs
          category: label_update
          description: 'Product: {{product_code}}

            NDC: {{ndc_code}}

            Reason: {{change_reason}}

            Priority: {{priority}}

            Current label: {{get-current-label.folder_url}}'
      - name: notify-medical-writing
        type: call
        call: msteams.send-message
        with:
          channel: medical-writing
          text: 'Label Update Required: {{product_code}} ({{ndc_code}}). Reason: {{change_reason}}. Priority: {{priority}}. Task: {{create-review-task.number}}. Current label: {{get-current-label.folder_url}}'
      - name: log-change
        type: call
        call: confluence.create-page
        with:
          space_key: REGLABEL
          title: 'Label Change: {{product_code}} — {{create-review-task.number}}'
          body: 'Product: {{product_code}}

            NDC: {{ndc_code}}

            Reason: {{change_reason}}

            Priority: {{priority}}

            Task: {{create-review-task.number}}

            Initiated: {{create-review-task.created_at}}'
  consumes:
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: folder-contents
      path: /{{site_id}}/drive/root:/{{folder_path}}:/children
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: list-folder
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Queries New Relic for application error rate metrics over a specified time window. Used by engineering teams to monitor error trends for AbbVie's patient portal and commercial applications.

naftiko: '0.5'
info:
  label: New Relic Application Error Rate
  description: Queries New Relic for application error rate metrics over a specified time window. Used by engineering teams to monitor error trends for AbbVie's patient portal and commercial applications.
  tags:
  - devops
  - apm
  - new-relic
  - error-monitoring
capability:
  exposes:
  - type: mcp
    namespace: observability
    port: 8080
    tools:
    - name: get-error-rate
      description: Query New Relic for application error rate by app ID and time window.
      inputParameters:
      - name: app_id
        in: body
        type: string
        description: New Relic application ID.
      - name: time_window
        in: body
        type: string
        description: Time window for the query (e.g., last_30_minutes).
      call: newrelic.get-app-metrics
      with:
        app_id: '{{app_id}}'
        time_window: '{{time_window}}'
  consumes:
  - type: http
    namespace: newrelic
    baseUri: https://api.newrelic.com/v2
    authentication:
      type: apiKey
      key: $secrets.newrelic_api_key
      header: Api-Key
    resources:
    - name: applications
      path: /applications/{{app_id}}/metrics/data.json
      inputParameters:
      - name: app_id
        in: path
      operations:
      - name: get-app-metrics
        method: GET

Retrieves invoice from SAP, matches against PO and goods receipt, flags discrepancies, routes for approval in ServiceNow, and posts journal entry.

naftiko: '0.5'
info:
  label: SAP Invoice Three-Way Match
  description: Retrieves invoice from SAP, matches against PO and goods receipt, flags discrepancies, routes for approval in ServiceNow, and posts journal entry.
  tags:
  - finance
  - sap
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: sap_invoice_three_way_match
      description: Orchestrate sap invoice three-way match workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-invoice
        type: call
        call: sap.get-invoice
        with:
          invoice_id: '{{resource_id}}'
      - name: get-po
        type: call
        call: sap.get-purchase-order
        with:
          po_number: '{{get-invoice.po_number}}'
      - name: create-approval
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Invoice approval: {{resource_id}}'
          amount: '{{get-invoice.amount}}'
      - name: post-entry
        type: call
        call: sap.post-journal-entry
        with:
          invoice_id: '{{resource_id}}'
          status: '{{create-approval.state}}'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST

Assigns a Pluralsight learning path to an employee for GxP training compliance, logs the assignment in PeopleSoft, and notifies the employee and their manager via Microsoft Teams.

naftiko: '0.5'
info:
  label: Pluralsight Learning Assignment
  description: Assigns a Pluralsight learning path to an employee for GxP training compliance, logs the assignment in PeopleSoft, and notifies the employee and their manager via Microsoft Teams.
  tags:
  - hr
  - training
  - learning
  - pluralsight
  - peoplesoft
  - microsoft-teams
  - gxp
capability:
  exposes:
  - type: mcp
    namespace: learning-mgmt
    port: 8080
    tools:
    - name: assign-learning-path
      description: Given an employee ID and learning path, create the Pluralsight assignment, log in PeopleSoft, and notify via Teams.
      inputParameters:
      - name: employee_id
        in: body
        type: string
        description: PeopleSoft employee ID.
      - name: learning_path_id
        in: body
        type: string
        description: Pluralsight learning path ID.
      - name: due_date
        in: body
        type: string
        description: Assignment due date (YYYY-MM-DD).
      - name: compliance_type
        in: body
        type: string
        description: Compliance category (e.g., GxP, SOX, HIPAA).
      steps:
      - name: get-employee
        type: call
        call: peoplesoft.get-employee
        with:
          employee_id: '{{employee_id}}'
      - name: create-assignment
        type: call
        call: pluralsight.assign-path
        with:
          user_email: '{{get-employee.work_email}}'
          path_id: '{{learning_path_id}}'
          due_date: '{{due_date}}'
      - name: notify-employee
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{get-employee.work_email}}'
          text: 'New training assignment: {{create-assignment.path_name}} ({{compliance_type}}). Due: {{due_date}}. Start here: {{create-assignment.url}}'
      - name: notify-manager
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{get-employee.manager_email}}'
          text: 'Training assigned to {{get-employee.full_name}}: {{create-assignment.path_name}} ({{compliance_type}}). Due: {{due_date}}.'
  consumes:
  - type: http
    namespace: peoplesoft
    baseUri: https://abbvie-hr.peoplesoft.com/api/v1
    authentication:
      type: basic
      username: $secrets.peoplesoft_user
      password: $secrets.peoplesoft_password
    resources:
    - name: employees
      path: /employees/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-employee
        method: GET
  - type: http
    namespace: pluralsight
    baseUri: https://api.pluralsight.com/api/v1
    authentication:
      type: bearer
      token: $secrets.pluralsight_token
    resources:
    - name: assignments
      path: /assignments
      operations:
      - name: assign-path
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /users/{{recipient_upn}}/sendMail
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Runs schema comparison between Oracle and PostgreSQL, executes row count validation, generates diff report in Confluence, and creates Jira tasks.

naftiko: '0.5'
info:
  label: Database Migration Validation Pipeline
  description: Runs schema comparison between Oracle and PostgreSQL, executes row count validation, generates diff report in Confluence, and creates Jira tasks.
  tags:
  - data-engineering
  - confluence
  - jira
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: database_migration_validation_pipeline
      description: Orchestrate database migration validation pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: compare-schemas
        type: call
        call: oracle.get-schema
        with:
          table_name: '{{resource_id}}'
      - name: validate-counts
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT COUNT(*) FROM {{resource_id}}
          warehouse: MIGRATION_WH
      - name: create-report
        type: call
        call: confluence.create-page
        with:
          space: DBA
          title: 'Migration report: {{resource_id}}'
      - name: create-tasks
        type: call
        call: jira.create-issue
        with:
          project: DBA
          summary: 'Migration validation: {{resource_id}}'
  consumes:
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: confluence-operation
        method: POST
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Retrieves a ServiceNow incident by number and returns its state, priority, assigned group, and short description. Used across AbbVie IT teams for quick incident triage.

naftiko: '0.5'
info:
  label: ServiceNow Incident Lookup
  description: Retrieves a ServiceNow incident by number and returns its state, priority, assigned group, and short description. Used across AbbVie IT teams for quick incident triage.
  tags:
  - it-service
  - incident-management
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: it-service
    port: 8080
    tools:
    - name: get-incident
      description: Look up a ServiceNow incident by number.
      inputParameters:
      - name: incident_number
        in: body
        type: string
        description: The ServiceNow incident number (e.g., INC0012345).
      call: servicenow.get-incident
      with:
        incident_number: '{{incident_number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      inputParameters:
      - name: incident_number
        in: query
      operations:
      - name: get-incident
        method: GET

On protocol amendment approval in Oracle CTMS, updates EDC metadata, revises SharePoint documents, files with IRB via Veeva, and notifies clinical ops.

naftiko: '0.5'
info:
  label: Clinical Protocol Amendment Workflow
  description: On protocol amendment approval in Oracle CTMS, updates EDC metadata, revises SharePoint documents, files with IRB via Veeva, and notifies clinical ops.
  tags:
  - clinical-trials
  - oracle
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: clinical_protocol_amendment_workflow
      description: Orchestrate clinical protocol amendment workflow workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-amendment
        type: call
        call: oracle.get-amendment
        with:
          amendment_id: '{{resource_id}}'
      - name: update-edc
        type: call
        call: edc.update-protocol
        with:
          protocol_id: '{{get-amendment.protocol_id}}'
          version: '{{get-amendment.version}}'
      - name: update-docs
        type: call
        call: sharepoint.update-document
        with:
          site_id: clinical
          path: protocols/{{get-amendment.protocol_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: clinical-ops
          text: 'Protocol amendment {{resource_id}} processed. Version: {{get-amendment.version}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Pulls Google Analytics campaign performance data for an AbbVie HCP marketing campaign and posts a summary to a Confluence page for the brand marketing team.

naftiko: '0.5'
info:
  label: Google Analytics Marketing Report
  description: Pulls Google Analytics campaign performance data for an AbbVie HCP marketing campaign and posts a summary to a Confluence page for the brand marketing team.
  tags:
  - marketing
  - analytics
  - google-analytics
  - confluence
  - hcp-marketing
capability:
  exposes:
  - type: mcp
    namespace: marketing-analytics
    port: 8080
    tools:
    - name: generate-campaign-report
      description: Given a GA property ID and campaign name, pull performance metrics and create a Confluence report page.
      inputParameters:
      - name: property_id
        in: body
        type: string
        description: Google Analytics 4 property ID.
      - name: campaign_name
        in: body
        type: string
        description: Name of the HCP marketing campaign.
      - name: date_range
        in: body
        type: string
        description: Date range for the report (e.g., last_30_days).
      steps:
      - name: get-campaign-data
        type: call
        call: ga.run-report
        with:
          property_id: '{{property_id}}'
          campaign_name: '{{campaign_name}}'
          date_range: '{{date_range}}'
      - name: create-report-page
        type: call
        call: confluence.create-page
        with:
          space_key: MKT
          title: 'Campaign Report: {{campaign_name}} — {{date_range}}'
          body: 'Campaign: {{campaign_name}}

            Sessions: {{get-campaign-data.sessions}}

            Conversions: {{get-campaign-data.conversions}}

            Bounce Rate: {{get-campaign-data.bounce_rate}}

            Avg Session Duration: {{get-campaign-data.avg_session_duration}}'
  consumes:
  - type: http
    namespace: ga
    baseUri: https://analyticsdata.googleapis.com/v1beta
    authentication:
      type: bearer
      token: $secrets.google_analytics_token
    resources:
    - name: reports
      path: /properties/{{property_id}}:runReport
      inputParameters:
      - name: property_id
        in: path
      operations:
      - name: run-report
        method: POST
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Retrieves the status and findings summary of a Qualys vulnerability scan by scan reference. Used by information security teams at AbbVie.

naftiko: '0.5'
info:
  label: Qualys Vulnerability Scan Status
  description: Retrieves the status and findings summary of a Qualys vulnerability scan by scan reference. Used by information security teams at AbbVie.
  tags:
  - security
  - qualys
  - vulnerability-management
capability:
  exposes:
  - type: mcp
    namespace: security
    port: 8080
    tools:
    - name: get-scan-status
      description: Look up a Qualys vulnerability scan by reference ID.
      inputParameters:
      - name: scan_ref
        in: body
        type: string
        description: The Qualys scan reference.
      call: qualys.get-scan
      with:
        scan_ref: '{{scan_ref}}'
  consumes:
  - type: http
    namespace: qualys
    baseUri: https://qualysapi.qualys.com/api/2.0
    authentication:
      type: basic
      username: $secrets.qualys_user
      password: $secrets.qualys_password
    resources:
    - name: scans
      path: /fo/scan/{{scan_ref}}
      inputParameters:
      - name: scan_ref
        in: path
      operations:
      - name: get-scan
        method: GET

Retrieves application performance traces from Elastic APM by trace ID. Used to diagnose latency issues in AbbVie's microservices architecture.

naftiko: '0.5'
info:
  label: Elastic APM Trace Lookup
  description: Retrieves application performance traces from Elastic APM by trace ID. Used to diagnose latency issues in AbbVie's microservices architecture.
  tags:
  - observability
  - elastic
  - apm
capability:
  exposes:
  - type: mcp
    namespace: observability
    port: 8080
    tools:
    - name: get-trace
      description: Look up an Elastic APM trace by trace ID.
      inputParameters:
      - name: trace_id
        in: body
        type: string
        description: The distributed trace ID.
      call: elastic-apm.get-trace
      with:
        trace_id: '{{trace_id}}'
  consumes:
  - type: http
    namespace: elastic-apm
    baseUri: https://abbvie-elastic.com/api/apm
    authentication:
      type: bearer
      token: $secrets.elastic_api_key
    resources:
    - name: traces
      path: /traces/{{trace_id}}
      inputParameters:
      - name: trace_id
        in: path
      operations:
      - name: get-trace
        method: GET

Retrieves a Dynamics 365 account record by ID. Used by AbbVie's market access and key account management teams to check payer and provider account details.

naftiko: '0.5'
info:
  label: Microsoft Dynamics 365 Account Lookup
  description: Retrieves a Dynamics 365 account record by ID. Used by AbbVie's market access and key account management teams to check payer and provider account details.
  tags:
  - crm
  - market-access
  - microsoft-dynamics-365
capability:
  exposes:
  - type: mcp
    namespace: crm
    port: 8080
    tools:
    - name: get-account
      description: Look up a Dynamics 365 account by ID.
      inputParameters:
      - name: account_id
        in: body
        type: string
        description: Dynamics 365 account GUID.
      call: dynamics.get-account
      with:
        account_id: '{{account_id}}'
  consumes:
  - type: http
    namespace: dynamics
    baseUri: https://abbvie.crm.dynamics.com/api/data/v9.2
    authentication:
      type: bearer
      token: $secrets.dynamics_token
    resources:
    - name: accounts
      path: /accounts({{account_id}})
      inputParameters:
      - name: account_id
        in: path
      operations:
      - name: get-account
        method: GET

Retrieves expiring contracts from SAP Ariba, pulls performance metrics from Snowflake, creates approval workflows in ServiceNow, and notifies procurement in Teams.

naftiko: '0.5'
info:
  label: Vendor Contract Renewal Orchestrator
  description: Retrieves expiring contracts from SAP Ariba, pulls performance metrics from Snowflake, creates approval workflows in ServiceNow, and notifies procurement in Teams.
  tags:
  - procurement
  - sap
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: vendor_contract_renewal_orchestrator
      description: Orchestrate vendor contract renewal orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-contract
        type: call
        call: sap.get-contract
        with:
          contract_id: '{{resource_id}}'
      - name: get-performance
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT * FROM vendor_performance WHERE contract_id = '{{resource_id}}'
          warehouse: PROC_WH
      - name: create-approval
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Contract renewal: {{resource_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: procurement
          text: 'Contract {{resource_id}} renewal. Approval: {{create-approval.number}}'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Collects metrics from Google Analytics and Adobe Analytics, aggregates in Snowflake, refreshes Power BI, and sends a digest to marketing in Slack.

naftiko: '0.5'
info:
  label: Marketing Campaign Performance Aggregator
  description: Collects metrics from Google Analytics and Adobe Analytics, aggregates in Snowflake, refreshes Power BI, and sends a digest to marketing in Slack.
  tags:
  - marketing
  - google-analytics
  - adobe-analytics
  - snowflake
  - power-bi
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: marketing_campaign_performance_aggregato
      description: Orchestrate marketing campaign performance aggregator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-ga-data
        type: call
        call: ga.get-report
        with:
          campaign_id: '{{resource_id}}'
      - name: get-adobe-data
        type: call
        call: adobe.get-report
        with:
          campaign_id: '{{resource_id}}'
      - name: aggregate
        type: call
        call: snowflake.run-query
        with:
          sql_query: INSERT INTO campaign_metrics SELECT * FROM staging WHERE campaign = '{{resource_id}}'
          warehouse: MARKETING_WH
      - name: refresh-dashboard
        type: call
        call: powerbi.refresh-dataset
        with:
          dataset_id: marketing_campaigns
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: marketing-analytics
          text: Campaign {{resource_id}} metrics updated
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: powerbi-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Queries active Prometheus alerts for a given alertname pattern. Used by SRE teams to check alert states for AbbVie's microservices running on Azure Kubernetes Service.

naftiko: '0.5'
info:
  label: Prometheus Alert Query
  description: Queries active Prometheus alerts for a given alertname pattern. Used by SRE teams to check alert states for AbbVie's microservices running on Azure Kubernetes Service.
  tags:
  - devops
  - monitoring
  - prometheus
  - sre
capability:
  exposes:
  - type: mcp
    namespace: observability
    port: 8080
    tools:
    - name: get-active-alerts
      description: Query Prometheus for active alerts matching a given alertname pattern.
      inputParameters:
      - name: alertname
        in: body
        type: string
        description: Alert name or pattern to query.
      call: prometheus.get-alerts
      with:
        alertname: '{{alertname}}'
  consumes:
  - type: http
    namespace: prometheus
    baseUri: https://prometheus.abbvie.com/api/v1
    authentication:
      type: bearer
      token: $secrets.prometheus_token
    resources:
    - name: alerts
      path: /alerts
      inputParameters:
      - name: alertname
        in: query
      operations:
      - name: get-alerts
        method: GET

Fetches the latest workflow run status from GitHub Actions for a given repository and branch. Used by engineering teams to check build health for AbbVie's internal tools and data pipelines.

naftiko: '0.5'
info:
  label: GitHub Actions CI Pipeline Status
  description: Fetches the latest workflow run status from GitHub Actions for a given repository and branch. Used by engineering teams to check build health for AbbVie's internal tools and data pipelines.
  tags:
  - devops
  - ci-cd
  - github
  - github-actions
capability:
  exposes:
  - type: mcp
    namespace: ci-cd
    port: 8080
    tools:
    - name: get-pipeline-status
      description: Look up the latest GitHub Actions workflow run for a repository and branch.
      inputParameters:
      - name: repo
        in: body
        type: string
        description: Repository in owner/repo format.
      - name: branch
        in: body
        type: string
        description: Branch name to check.
      call: github.get-workflow-runs
      with:
        repo: '{{repo}}'
        branch: '{{branch}}'
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: workflow-runs
      path: /repos/{{repo}}/actions/runs
      inputParameters:
      - name: repo
        in: path
      - name: branch
        in: query
      operations:
      - name: get-workflow-runs
        method: GET

Queries ServiceNow CMDB for assets nearing EOL, retrieves warranty status, creates procurement requests, schedules decommission, and notifies IT ops.

naftiko: '0.5'
info:
  label: IT Asset Lifecycle Tracker
  description: Queries ServiceNow CMDB for assets nearing EOL, retrieves warranty status, creates procurement requests, schedules decommission, and notifies IT ops.
  tags:
  - it-operations
  - servicenow
  - jira
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: it_asset_lifecycle_tracker
      description: Orchestrate it asset lifecycle tracker workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-eol-assets
        type: call
        call: servicenow.get-cmdb-ci
        with:
          filter: eol_date<{{resource_id}}
      - name: check-warranty
        type: call
        call: servicenow.get-warranty
        with:
          asset_id: '{{get-eol-assets.asset_id}}'
      - name: create-procurement
        type: call
        call: jira.create-issue
        with:
          project: IT
          summary: 'Replace asset: {{get-eol-assets.name}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: it-ops
          text: 'EOL assets identified for {{resource_id}}. Procurement: {{create-procurement.key}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Exports clinical trial data from Oracle, transforms it via Apache NiFi, loads it into Elasticsearch for real-time querying, and notifies the biostatistics team in Microsoft Teams when the pipeline completes.

naftiko: '0.5'
info:
  label: Clinical Trial Data Export to Elasticsearch
  description: Exports clinical trial data from Oracle, transforms it via Apache NiFi, loads it into Elasticsearch for real-time querying, and notifies the biostatistics team in Microsoft Teams when the pipeline completes.
  tags:
  - clinical-data
  - data-pipeline
  - oracle
  - apache-nifi
  - elasticsearch
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: clinical-data-ops
    port: 8080
    tools:
    - name: export-trial-data
      description: Given a trial ID and data cutoff date, trigger the Oracle-to-Elasticsearch pipeline via NiFi and notify the biostatistics team.
      inputParameters:
      - name: trial_id
        in: body
        type: string
        description: Clinical trial identifier.
      - name: cutoff_date
        in: body
        type: string
        description: Data cutoff date (YYYY-MM-DD).
      - name: target_index
        in: body
        type: string
        description: Elasticsearch index name for the exported data.
      steps:
      - name: trigger-nifi-flow
        type: call
        call: nifi.start-process-group
        with:
          process_group_id: clinical-export-{{trial_id}}
          parameters: '{"trial_id": "{{trial_id}}", "cutoff_date": "{{cutoff_date}}", "target_index": "{{target_index}}"}'
      - name: verify-index
        type: call
        call: elasticsearch.get-index-health
        with:
          index_name: '{{target_index}}'
      - name: notify-biostat
        type: call
        call: msteams.send-message
        with:
          channel: biostatistics
          text: 'Clinical data export complete: Trial {{trial_id}} (cutoff: {{cutoff_date}}). Index {{target_index}}: {{verify-index.status}} with {{verify-index.doc_count}} documents.'
  consumes:
  - type: http
    namespace: nifi
    baseUri: https://nifi.abbvie.com/nifi-api
    authentication:
      type: bearer
      token: $secrets.nifi_token
    resources:
    - name: process-groups
      path: /process-groups/{{process_group_id}}
      inputParameters:
      - name: process_group_id
        in: path
      operations:
      - name: start-process-group
        method: PUT
  - type: http
    namespace: elasticsearch
    baseUri: https://es.abbvie.com:9200
    authentication:
      type: basic
      username: $secrets.es_user
      password: $secrets.es_password
    resources:
    - name: indices
      path: /_cluster/health/{{index_name}}
      inputParameters:
      - name: index_name
        in: path
      operations:
      - name: get-index-health
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Queries Azure Kubernetes Service for pod status in a given namespace. Used by platform engineering to monitor microservices health for AbbVie's digital health applications.

naftiko: '0.5'
info:
  label: Kubernetes Pod Health Check
  description: Queries Azure Kubernetes Service for pod status in a given namespace. Used by platform engineering to monitor microservices health for AbbVie's digital health applications.
  tags:
  - devops
  - kubernetes
  - azure-kubernetes-service
  - platform-engineering
capability:
  exposes:
  - type: mcp
    namespace: k8s-ops
    port: 8080
    tools:
    - name: get-pod-status
      description: List pods and their statuses in an AKS namespace.
      inputParameters:
      - name: namespace
        in: body
        type: string
        description: Kubernetes namespace to query.
      call: aks.list-pods
      with:
        namespace: '{{namespace}}'
  consumes:
  - type: http
    namespace: aks
    baseUri: https://abbvie-aks.hcp.eastus.azmk8s.io
    authentication:
      type: bearer
      token: $secrets.aks_token
    resources:
    - name: pods
      path: /api/v1/namespaces/{{namespace}}/pods
      inputParameters:
      - name: namespace
        in: path
      operations:
      - name: list-pods
        method: GET

Extracts master data changes from SAP MDG, validates via Informatica, synchronizes downstream, logs quality scores in Alation, and reports to stewards.

naftiko: '0.5'
info:
  label: Master Data Governance Pipeline
  description: Extracts master data changes from SAP MDG, validates via Informatica, synchronizes downstream, logs quality scores in Alation, and reports to stewards.
  tags:
  - data-governance
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: master_data_governance_pipeline
      description: Orchestrate master data governance pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-changes
        type: call
        call: sap.get-mdg-changes
        with:
          domain: '{{resource_id}}'
      - name: validate
        type: call
        call: informatica.run-dq-rules
        with:
          domain: '{{resource_id}}'
      - name: sync-downstream
        type: call
        call: snowflake.run-query
        with:
          sql_query: CALL sync_master_data('{{resource_id}}')
          warehouse: MDG_WH
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: data-governance
          text: 'MDG sync for {{resource_id}}: {{validate.quality_score}}% quality'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Reconciles clinical trial data between the EDC system and Snowflake warehouse, logs discrepancies in ServiceNow, and alerts the data management team in Slack.

naftiko: '0.5'
info:
  label: Clinical Data Reconciliation Pipeline
  description: Reconciles clinical trial data between the EDC system and Snowflake warehouse, logs discrepancies in ServiceNow, and alerts the data management team in Slack.
  tags:
  - clinical-trials
  - data-management
  - snowflake
  - servicenow
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: clinical_data_reconciliation_pipeline
      description: Orchestrate clinical data reconciliation pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-edc-counts
        type: call
        call: edc.get-subject-counts
        with:
          trial_id: '{{resource_id}}'
      - name: get-wh-counts
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT COUNT(*) FROM subjects WHERE trial_id = '{{resource_id}}'
          warehouse: CLINICAL_WH
      - name: log-discrepancy
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Data reconciliation: {{resource_id}}'
          category: data_quality
      - name: notify-team
        type: call
        call: slack.send-message
        with:
          channel: clinical-data-ops
          text: 'Reconciliation for {{resource_id}} complete. Ticket: {{log-discrepancy.number}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Retrieves details about a PagerDuty incident by ID including current status, assignees, and escalation level. Used by on-call engineers at AbbVie.

naftiko: '0.5'
info:
  label: PagerDuty Incident Lookup
  description: Retrieves details about a PagerDuty incident by ID including current status, assignees, and escalation level. Used by on-call engineers at AbbVie.
  tags:
  - devops
  - pagerduty
  - incident-management
capability:
  exposes:
  - type: mcp
    namespace: incident-mgmt
    port: 8080
    tools:
    - name: get-incident
      description: Look up a PagerDuty incident by ID.
      inputParameters:
      - name: incident_id
        in: body
        type: string
        description: The PagerDuty incident ID.
      call: pagerduty.get-incident
      with:
        incident_id: '{{incident_id}}'
  consumes:
  - type: http
    namespace: pagerduty
    baseUri: https://api.pagerduty.com
    authentication:
      type: bearer
      token: $secrets.pagerduty_token
    resources:
    - name: incidents
      path: /incidents/{{incident_id}}
      inputParameters:
      - name: incident_id
        in: path
      operations:
      - name: get-incident
        method: GET

Executes a read-only SQL query against AbbVie's Snowflake data warehouse and returns results. Used by analytics teams for ad-hoc reporting on clinical and commercial data.

naftiko: '0.5'
info:
  label: Snowflake Query Runner
  description: Executes a read-only SQL query against AbbVie's Snowflake data warehouse and returns results. Used by analytics teams for ad-hoc reporting on clinical and commercial data.
  tags:
  - data
  - snowflake
  - analytics
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: run-query
      description: Execute a SQL query against Snowflake and return the result set.
      inputParameters:
      - name: sql_query
        in: body
        type: string
        description: The SQL query to execute.
      - name: warehouse
        in: body
        type: string
        description: Snowflake warehouse name.
      call: snowflake.run-query
      with:
        sql_query: '{{sql_query}}'
        warehouse: '{{warehouse}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST

Retrieves MongoDB Atlas cluster status and metrics. Used by data engineering teams to monitor NoSQL databases supporting AbbVie's real-world evidence and patient registry platforms.

naftiko: '0.5'
info:
  label: MongoDB Atlas Cluster Status
  description: Retrieves MongoDB Atlas cluster status and metrics. Used by data engineering teams to monitor NoSQL databases supporting AbbVie's real-world evidence and patient registry platforms.
  tags:
  - data-engineering
  - database
  - mongodb
  - monitoring
capability:
  exposes:
  - type: mcp
    namespace: database-ops
    port: 8080
    tools:
    - name: get-cluster-status
      description: Look up MongoDB Atlas cluster status by project and cluster name.
      inputParameters:
      - name: project_id
        in: body
        type: string
        description: MongoDB Atlas project ID.
      - name: cluster_name
        in: body
        type: string
        description: Atlas cluster name.
      call: mongodb.get-cluster
      with:
        project_id: '{{project_id}}'
        cluster_name: '{{cluster_name}}'
  consumes:
  - type: http
    namespace: mongodb
    baseUri: https://cloud.mongodb.com/api/atlas/v2
    authentication:
      type: basic
      username: $secrets.mongodb_atlas_public_key
      password: $secrets.mongodb_atlas_private_key
    resources:
    - name: clusters
      path: /groups/{{project_id}}/clusters/{{cluster_name}}
      inputParameters:
      - name: project_id
        in: path
      - name: cluster_name
        in: path
      operations:
      - name: get-cluster
        method: GET

On new patient enrollment, verifies insurance, creates Salesforce Health Cloud record, provisions a ServiceNow case, and sends confirmation via Twilio.

naftiko: '0.5'
info:
  label: Patient Hub Enrollment Orchestrator
  description: On new patient enrollment, verifies insurance, creates Salesforce Health Cloud record, provisions a ServiceNow case, and sends confirmation via Twilio.
  tags:
  - patient-services
  - salesforce
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: patient_hub_enrollment_orchestrator
      description: Orchestrate patient hub enrollment orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: verify-insurance
        type: call
        call: availity.check-eligibility
        with:
          patient_id: '{{resource_id}}'
      - name: create-record
        type: call
        call: salesforce.create-patient
        with:
          patient_id: '{{resource_id}}'
          eligibility: '{{verify-insurance.status}}'
      - name: create-case
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Patient enrollment: {{resource_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: patient-services
          text: 'Patient {{resource_id}} enrolled. Case: {{create-case.number}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: salesforce-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Retrieves batch record data from Oracle E-Business Suite, validates against SAP BW quality metrics, and creates a QA review task in ServiceNow for GMP compliance sign-off.

naftiko: '0.5'
info:
  label: Manufacturing Batch Record Review
  description: Retrieves batch record data from Oracle E-Business Suite, validates against SAP BW quality metrics, and creates a QA review task in ServiceNow for GMP compliance sign-off.
  tags:
  - manufacturing
  - quality
  - gmp
  - oracle-ebs
  - sap-bw
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: manufacturing-qa
    port: 8080
    tools:
    - name: review-batch-record
      description: Given a batch number and product code, pull batch record from Oracle EBS, validate quality metrics from SAP BW, and create a QA review task.
      inputParameters:
      - name: batch_number
        in: body
        type: string
        description: Manufacturing batch number.
      - name: product_code
        in: body
        type: string
        description: Product code for the manufactured drug.
      - name: manufacturing_site
        in: body
        type: string
        description: Manufacturing site identifier.
      steps:
      - name: get-batch-record
        type: call
        call: oracle-ebs.get-batch
        with:
          batch_number: '{{batch_number}}'
      - name: get-quality-metrics
        type: call
        call: sap-bw.get-quality-report
        with:
          batch_number: '{{batch_number}}'
          product_code: '{{product_code}}'
      - name: create-qa-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Batch review: {{batch_number}} — {{product_code}} at {{manufacturing_site}}'
          description: 'Batch: {{batch_number}}

            Product: {{product_code}}

            Site: {{manufacturing_site}}

            Yield: {{get-batch-record.yield_percent}}%

            Status: {{get-batch-record.status}}

            Quality Score: {{get-quality-metrics.overall_score}}

            Deviations: {{get-quality-metrics.deviation_count}}'
          assigned_group: QA_Manufacturing
          category: batch_review
  consumes:
  - type: http
    namespace: oracle-ebs
    baseUri: https://abbvie-ebs.oraclecloud.com/api/v1
    authentication:
      type: basic
      username: $secrets.oracle_ebs_user
      password: $secrets.oracle_ebs_password
    resources:
    - name: batches
      path: /manufacturing/batches/{{batch_number}}
      inputParameters:
      - name: batch_number
        in: path
      operations:
      - name: get-batch
        method: GET
  - type: http
    namespace: sap-bw
    baseUri: https://abbvie-bw.sap.com/sap/opu/odata/sap/QUALITY_METRICS_SRV
    authentication:
      type: basic
      username: $secrets.sap_bw_user
      password: $secrets.sap_bw_password
    resources:
    - name: quality-reports
      path: /QualityReports(Batch='{{batch_number}}',Product='{{product_code}}')
      inputParameters:
      - name: batch_number
        in: path
      - name: product_code
        in: path
      operations:
      - name: get-quality-report
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST

Retrieves the current status and details of a Datadog monitor by ID. Used by DevOps and SRE teams to quickly check infrastructure alert states for AbbVie's cloud environments.

naftiko: '0.5'
info:
  label: Datadog Alert Lookup
  description: Retrieves the current status and details of a Datadog monitor by ID. Used by DevOps and SRE teams to quickly check infrastructure alert states for AbbVie's cloud environments.
  tags:
  - devops
  - monitoring
  - datadog
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: observability
    port: 8080
    tools:
    - name: get-monitor-status
      description: Look up a Datadog monitor by ID and return its current status, name, and last triggered timestamp.
      inputParameters:
      - name: monitor_id
        in: body
        type: string
        description: The Datadog monitor ID.
      call: datadog.get-monitor
      with:
        monitor_id: '{{monitor_id}}'
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apiKey
      key: $secrets.datadog_api_key
      header: DD-API-KEY
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET

Extracts claims data from Teradata, links to clinical outcomes in Snowflake, runs models via Databricks, and notifies the HEOR team in Teams.

naftiko: '0.5'
info:
  label: Real World Evidence Data Pipeline
  description: Extracts claims data from Teradata, links to clinical outcomes in Snowflake, runs models via Databricks, and notifies the HEOR team in Teams.
  tags:
  - heor
  - teradata
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: real_world_evidence_data_pipeline
      description: Orchestrate real world evidence data pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: extract-claims
        type: call
        call: teradata.run-query
        with:
          sql_query: SELECT * FROM claims WHERE study = '{{resource_id}}'
      - name: link-outcomes
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT * FROM outcomes WHERE study = '{{resource_id}}'
          warehouse: HEOR_WH
      - name: run-model
        type: call
        call: databricks.run-job
        with:
          job_id: rwe_{{resource_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: heor
          text: RWE pipeline complete for {{resource_id}}
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Ingests biomarker results from LIMS, maps to clinical subjects in EDC, loads into Snowflake, and publishes to the biomarker Tableau dashboard.

naftiko: '0.5'
info:
  label: Biomarker Data Integration Pipeline
  description: Ingests biomarker results from LIMS, maps to clinical subjects in EDC, loads into Snowflake, and publishes to the biomarker Tableau dashboard.
  tags:
  - clinical-trials
  - lims
  - snowflake
  - tableau
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: biomarker_data_integration_pipeline
      description: Orchestrate biomarker data integration pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-results
        type: call
        call: lims.get-assay-results
        with:
          assay_id: '{{resource_id}}'
      - name: map-subjects
        type: call
        call: edc.get-subject-mapping
        with:
          assay_id: '{{resource_id}}'
      - name: load-data
        type: call
        call: snowflake.load-data
        with:
          source_ref: '{{get-results.data_uri}}'
          schema: biomarkers
      - name: refresh-dash
        type: call
        call: tableau.refresh-extract
        with:
          workbook_id: biomarker_analytics
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: tableau
    baseUri: https://abbvie-tableau.com/api/3.19
    authentication:
      type: bearer
      token: $secrets.tableau_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: tableau-operation
        method: POST

Retrieves employee profile information from Workday by employee ID. Used by HR teams at AbbVie to verify employment details and org structure.

naftiko: '0.5'
info:
  label: Workday Employee Lookup
  description: Retrieves employee profile information from Workday by employee ID. Used by HR teams at AbbVie to verify employment details and org structure.
  tags:
  - hr
  - workday
  - employee-data
capability:
  exposes:
  - type: mcp
    namespace: hr
    port: 8080
    tools:
    - name: get-employee
      description: Look up a Workday employee by ID and return profile details.
      inputParameters:
      - name: employee_id
        in: body
        type: string
        description: The Workday employee ID.
      call: workday.get-employee
      with:
        employee_id: '{{employee_id}}'
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/abbvie
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /workers/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-employee
        method: GET

Monitors clinical supply in SAP, identifies at-risk sites, generates transfer orders, creates ServiceNow logistics tickets, and alerts supply management via Teams.

naftiko: '0.5'
info:
  label: Clinical Supply Chain Rebalancing
  description: Monitors clinical supply in SAP, identifies at-risk sites, generates transfer orders, creates ServiceNow logistics tickets, and alerts supply management via Teams.
  tags:
  - clinical-supply
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: clinical_supply_chain_rebalancing
      description: Orchestrate clinical supply chain rebalancing workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: check-inventory
        type: call
        call: sap.get-inventory
        with:
          material_id: '{{resource_id}}'
      - name: identify-risks
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT * FROM supply_forecast WHERE material = '{{resource_id}}'
          warehouse: SUPPLY_WH
      - name: create-transfer
        type: call
        call: sap.create-transfer-order
        with:
          material_id: '{{resource_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: clinical-supply
          text: Rebalancing initiated for {{resource_id}}
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Checks certificate expiration in Kong, generates new certs via Azure Key Vault, deploys to gateway, validates via Postman, and logs in ServiceNow.

naftiko: '0.5'
info:
  label: API Gateway Certificate Rotation
  description: Checks certificate expiration in Kong, generates new certs via Azure Key Vault, deploys to gateway, validates via Postman, and logs in ServiceNow.
  tags:
  - devops
  - kong
  - azure
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: api_gateway_certificate_rotation
      description: Orchestrate api gateway certificate rotation workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: check-cert
        type: call
        call: kong.get-certificate
        with:
          cert_id: '{{resource_id}}'
      - name: generate-cert
        type: call
        call: keyvault.create-certificate
        with:
          name: '{{resource_id}}'
      - name: deploy-cert
        type: call
        call: kong.update-certificate
        with:
          cert_id: '{{resource_id}}'
          cert_data: '{{generate-cert.value}}'
      - name: log-rotation
        type: call
        call: servicenow.create-record
        with:
          table: cert_rotations
          cert_id: '{{resource_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST

Retrieves a secret value from Azure Key Vault by name and version. Used by DevOps pipelines to access configuration secrets securely.

naftiko: '0.5'
info:
  label: Azure Key Vault Secret Retrieval
  description: Retrieves a secret value from Azure Key Vault by name and version. Used by DevOps pipelines to access configuration secrets securely.
  tags:
  - security
  - azure
  - key-vault
capability:
  exposes:
  - type: mcp
    namespace: security
    port: 8080
    tools:
    - name: get-secret
      description: Retrieve a secret from Azure Key Vault by name.
      inputParameters:
      - name: vault_name
        in: body
        type: string
        description: The Key Vault name.
      - name: secret_name
        in: body
        type: string
        description: The secret name.
      call: keyvault.get-secret
      with:
        vault_name: '{{vault_name}}'
        secret_name: '{{secret_name}}'
  consumes:
  - type: http
    namespace: keyvault
    baseUri: https://{{vault_name}}.vault.azure.net
    authentication:
      type: bearer
      token: $secrets.azure_kv_token
    resources:
    - name: secrets
      path: /secrets/{{secret_name}}
      inputParameters:
      - name: secret_name
        in: path
      operations:
      - name: get-secret
        method: GET

Retrieves recent WAF events from Cloudflare for a given zone, filters by rule ID, and creates a security incident in ServiceNow if attack patterns are detected against AbbVie's public-facing applications.

naftiko: '0.5'
info:
  label: Cloudflare WAF Event Investigation
  description: Retrieves recent WAF events from Cloudflare for a given zone, filters by rule ID, and creates a security incident in ServiceNow if attack patterns are detected against AbbVie's public-facing applications.
  tags:
  - security
  - web-application-firewall
  - cloudflare
  - servicenow
  - incident-response
capability:
  exposes:
  - type: mcp
    namespace: web-security
    port: 8080
    tools:
    - name: investigate-waf-events
      description: Given a Cloudflare zone ID and rule ID, retrieve WAF events and escalate to ServiceNow if thresholds are exceeded.
      inputParameters:
      - name: zone_id
        in: body
        type: string
        description: Cloudflare zone ID.
      - name: rule_id
        in: body
        type: string
        description: WAF rule ID to investigate.
      - name: time_range
        in: body
        type: string
        description: Time range for event lookup (e.g., last_1_hour).
      steps:
      - name: get-waf-events
        type: call
        call: cloudflare.get-firewall-events
        with:
          zone_id: '{{zone_id}}'
          rule_id: '{{rule_id}}'
          time_range: '{{time_range}}'
      - name: create-security-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'WAF Alert: Rule {{rule_id}} triggered on zone {{zone_id}}'
          category: security_incident
          assigned_group: Security_Operations
          urgency: '2'
          description: 'Cloudflare WAF rule {{rule_id}} triggered {{get-waf-events.event_count}} times in {{time_range}}. Top source IPs: {{get-waf-events.top_source_ips}}. Zone: {{zone_id}}.'
  consumes:
  - type: http
    namespace: cloudflare
    baseUri: https://api.cloudflare.com/client/v4
    authentication:
      type: bearer
      token: $secrets.cloudflare_token
    resources:
    - name: firewall-events
      path: /zones/{{zone_id}}/firewall/events
      inputParameters:
      - name: zone_id
        in: path
      - name: rule_id
        in: query
      - name: time_range
        in: query
      operations:
      - name: get-firewall-events
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Checks the status of a Veritas NetBackup job for GxP-validated system backups. Used by infrastructure teams to verify backup compliance for FDA-regulated environments.

naftiko: '0.5'
info:
  label: Veritas NetBackup Job Status
  description: Checks the status of a Veritas NetBackup job for GxP-validated system backups. Used by infrastructure teams to verify backup compliance for FDA-regulated environments.
  tags:
  - infrastructure
  - backup
  - veritas-netbackup
  - compliance
  - gxp
capability:
  exposes:
  - type: mcp
    namespace: backup-ops
    port: 8080
    tools:
    - name: get-backup-status
      description: Look up a NetBackup job by ID and return its status, start time, and data transferred.
      inputParameters:
      - name: job_id
        in: body
        type: string
        description: Veritas NetBackup job ID.
      call: netbackup.get-job
      with:
        job_id: '{{job_id}}'
  consumes:
  - type: http
    namespace: netbackup
    baseUri: https://netbackup.abbvie.com/netbackup/admin/v3
    authentication:
      type: bearer
      token: $secrets.netbackup_token
    resources:
    - name: jobs
      path: /jobs/{{job_id}}
      inputParameters:
      - name: job_id
        in: path
      operations:
      - name: get-job
        method: GET

Extracts GL data from SAP S/4HANA, validates against business rules, loads into Snowflake, triggers Power BI refresh, and logs sync status in ServiceNow.

naftiko: '0.5'
info:
  label: SAP to Snowflake Financial Sync
  description: Extracts GL data from SAP S/4HANA, validates against business rules, loads into Snowflake, triggers Power BI refresh, and logs sync status in ServiceNow.
  tags:
  - finance
  - sap
  - snowflake
  - power-bi
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: sap_to_snowflake_financial_sync
      description: Orchestrate sap to snowflake financial sync workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: extract-gl
        type: call
        call: sap.extract-gl-data
        with:
          period: '{{resource_id}}'
      - name: load-snowflake
        type: call
        call: snowflake.load-data
        with:
          source_ref: '{{extract-gl.file_uri}}'
          schema: finance
      - name: refresh-bi
        type: call
        call: powerbi.refresh-dataset
        with:
          dataset_id: financial_reporting
      - name: log-sync
        type: call
        call: servicenow.create-record
        with:
          table: data_syncs
          period: '{{resource_id}}'
          status: complete
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: powerbi-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST

Queries overdue training from Cornerstone LMS, looks up managers in Workday, sends reminders via Outlook, escalates to HR in ServiceNow, and reports in Power BI.

naftiko: '0.5'
info:
  label: Compliance Training Enforcement Pipeline
  description: Queries overdue training from Cornerstone LMS, looks up managers in Workday, sends reminders via Outlook, escalates to HR in ServiceNow, and reports in Power BI.
  tags:
  - compliance
  - workday
  - servicenow
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: compliance_training_enforcement_pipeline
      description: Orchestrate compliance training enforcement pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-overdue
        type: call
        call: cornerstone.get-overdue-training
        with:
          department: '{{resource_id}}'
      - name: get-managers
        type: call
        call: workday.get-managers
        with:
          department: '{{resource_id}}'
      - name: escalate
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Overdue training: {{resource_id}}'
      - name: refresh-report
        type: call
        call: powerbi.refresh-dataset
        with:
          dataset_id: compliance_training
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/abbvie
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: workday-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: powerbi-operation
        method: POST

Queries AWS Cost Explorer for anomalies, cross-references Azure costs, creates a Jira ticket, updates Grafana dashboard, and alerts the cloud team in Teams.

naftiko: '0.5'
info:
  label: Cloud Cost Anomaly Detector
  description: Queries AWS Cost Explorer for anomalies, cross-references Azure costs, creates a Jira ticket, updates Grafana dashboard, and alerts the cloud team in Teams.
  tags:
  - finops
  - aws
  - jira
  - grafana
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: cloud_cost_anomaly_detector
      description: Orchestrate cloud cost anomaly detector workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-aws-costs
        type: call
        call: aws.get-cost-report
        with:
          date_range: '{{resource_id}}'
      - name: create-ticket
        type: call
        call: jira.create-issue
        with:
          project: FINOPS
          summary: 'Cost anomaly detected: {{resource_id}}'
      - name: update-dashboard
        type: call
        call: grafana.annotate
        with:
          dashboard_uid: finops
          text: 'Anomaly: {{resource_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: cloud-finops
          text: 'Cost anomaly for {{resource_id}}. Ticket: {{create-ticket.key}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: grafana
    baseUri: https://abbvie-grafana.com/api
    authentication:
      type: bearer
      token: $secrets.grafana_api_key
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: grafana-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

When a new lead is captured in HubSpot from AbbVie's patient or HCP website, syncs the contact to Salesforce and notifies the commercial team in Microsoft Teams.

naftiko: '0.5'
info:
  label: HubSpot Lead Capture to Salesforce
  description: When a new lead is captured in HubSpot from AbbVie's patient or HCP website, syncs the contact to Salesforce and notifies the commercial team in Microsoft Teams.
  tags:
  - marketing
  - lead-management
  - hubspot
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: lead-mgmt
    port: 8080
    tools:
    - name: sync-lead
      description: Given a HubSpot contact ID, sync the lead to Salesforce and notify the commercial team.
      inputParameters:
      - name: hubspot_contact_id
        in: body
        type: string
        description: HubSpot contact ID.
      - name: campaign_source
        in: body
        type: string
        description: Marketing campaign that generated the lead.
      steps:
      - name: get-hubspot-contact
        type: call
        call: hubspot.get-contact
        with:
          contact_id: '{{hubspot_contact_id}}'
      - name: create-salesforce-lead
        type: call
        call: salesforce.create-lead
        with:
          first_name: '{{get-hubspot-contact.first_name}}'
          last_name: '{{get-hubspot-contact.last_name}}'
          email: '{{get-hubspot-contact.email}}'
          company: '{{get-hubspot-contact.company}}'
          lead_source: '{{campaign_source}}'
      - name: notify-commercial
        type: call
        call: msteams.send-message
        with:
          channel: commercial-leads
          text: 'New lead synced: {{get-hubspot-contact.first_name}} {{get-hubspot-contact.last_name}} ({{get-hubspot-contact.company}}). Source: {{campaign_source}}. Salesforce ID: {{create-salesforce-lead.id}}.'
  consumes:
  - type: http
    namespace: hubspot
    baseUri: https://api.hubapi.com/crm/v3
    authentication:
      type: bearer
      token: $secrets.hubspot_token
    resources:
    - name: contacts
      path: /objects/contacts/{{contact_id}}
      inputParameters:
      - name: contact_id
        in: path
      operations:
      - name: get-contact
        method: GET
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: leads
      path: /sobjects/Lead
      operations:
      - name: create-lead
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Extracts prescription data from IQVIA, blends with Salesforce CRM data, loads into Snowflake, triggers Tableau refresh, and publishes dashboards.

naftiko: '0.5'
info:
  label: Commercial Analytics Refresh Pipeline
  description: Extracts prescription data from IQVIA, blends with Salesforce CRM data, loads into Snowflake, triggers Tableau refresh, and publishes dashboards.
  tags:
  - commercial
  - salesforce
  - snowflake
  - tableau
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: commercial_analytics_refresh_pipeline
      description: Orchestrate commercial analytics refresh pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: extract-rx
        type: call
        call: iqvia.get-rx-data
        with:
          product_id: '{{resource_id}}'
      - name: get-crm-data
        type: call
        call: salesforce.get-territory-data
        with:
          product_id: '{{resource_id}}'
      - name: load-data
        type: call
        call: snowflake.load-data
        with:
          source_ref: '{{extract-rx.data_uri}}'
          schema: commercial
      - name: refresh-tableau
        type: call
        call: tableau.refresh-extract
        with:
          workbook_id: commercial_insights
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: salesforce-operation
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: tableau
    baseUri: https://abbvie-tableau.com/api/3.19
    authentication:
      type: bearer
      token: $secrets.tableau_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: tableau-operation
        method: POST

Monitors document readiness in Veeva Vault, validates against checklists in SharePoint, submits to the eCTD gateway, and logs status in ServiceNow.

naftiko: '0.5'
info:
  label: Regulatory Document Submission Tracker
  description: Monitors document readiness in Veeva Vault, validates against checklists in SharePoint, submits to the eCTD gateway, and logs status in ServiceNow.
  tags:
  - regulatory
  - veeva
  - sharepoint
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: regulatory_document_submission_tracker
      description: Orchestrate regulatory document submission tracker workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-docs
        type: call
        call: veeva.get-submission-docs
        with:
          submission_id: '{{resource_id}}'
      - name: validate
        type: call
        call: sharepoint.get-checklist
        with:
          site_id: regulatory
          path: checklists/{{resource_id}}
      - name: submit
        type: call
        call: ectd.submit-package
        with:
          submission_id: '{{resource_id}}'
      - name: log-status
        type: call
        call: servicenow.create-record
        with:
          table: regulatory_submissions
          submission_id: '{{resource_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST

On approval of a new clinical trial site in Oracle, creates a ServiceNow activation ticket, provisions a SharePoint document library for site files, and notifies the clinical operations team in Microsoft Teams.

naftiko: '0.5'
info:
  label: Clinical Trial Site Activation Orchestrator
  description: On approval of a new clinical trial site in Oracle, creates a ServiceNow activation ticket, provisions a SharePoint document library for site files, and notifies the clinical operations team in Microsoft Teams.
  tags:
  - clinical-trials
  - site-activation
  - oracle
  - servicenow
  - sharepoint
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: clinical-ops
    port: 8080
    tools:
    - name: activate-trial-site
      description: Given an Oracle clinical trial ID and site code, orchestrate site activation across ServiceNow, SharePoint, and Microsoft Teams.
      inputParameters:
      - name: trial_id
        in: body
        type: string
        description: The Oracle clinical trial identifier.
      - name: site_code
        in: body
        type: string
        description: The investigator site code.
      - name: principal_investigator
        in: body
        type: string
        description: Name of the principal investigator at the site.
      steps:
      - name: get-trial
        type: call
        call: oracle.get-trial
        with:
          trial_id: '{{trial_id}}'
      - name: open-activation-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Site activation: {{site_code}} for trial {{get-trial.trial_name}}'
          category: clinical_site_activation
          assigned_group: Clinical_Ops
          description: 'Activate site {{site_code}} for trial {{trial_id}} ({{get-trial.trial_name}}). PI: {{principal_investigator}}. Phase: {{get-trial.phase}}.'
      - name: provision-site-library
        type: call
        call: sharepoint.create-folder
        with:
          site_id: clinical_trials_site
          folder_path: Trials/{{trial_id}}/Sites/{{site_code}}
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel: clinical-operations
          text: 'Site {{site_code}} activated for trial {{get-trial.trial_name}} (PI: {{principal_investigator}}). Ticket: {{open-activation-ticket.number}}. Documents: {{provision-site-library.url}}'
  consumes:
  - type: http
    namespace: oracle
    baseUri: https://abbvie-cloud.oraclecloud.com/api/v1/clinical
    authentication:
      type: bearer
      token: $secrets.oracle_token
    resources:
    - name: trials
      path: /trials/{{trial_id}}
      inputParameters:
      - name: trial_id
        in: path
      operations:
      - name: get-trial
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: drive-items
      path: /{{site_id}}/drive/root:/{{folder_path}}
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: create-folder
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Queries Redis cluster info to check memory usage, connected clients, and replication status. Used by platform teams to monitor caching layers for AbbVie's high-throughput applications.

naftiko: '0.5'
info:
  label: Redis Cache Health Check
  description: Queries Redis cluster info to check memory usage, connected clients, and replication status. Used by platform teams to monitor caching layers for AbbVie's high-throughput applications.
  tags:
  - devops
  - caching
  - redis
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: cache-ops
    port: 8080
    tools:
    - name: get-cache-health
      description: Retrieve Redis cluster health metrics including memory, clients, and replication status.
      inputParameters:
      - name: cluster_endpoint
        in: body
        type: string
        description: Redis cluster endpoint identifier.
      call: redis.get-info
      with:
        cluster_endpoint: '{{cluster_endpoint}}'
  consumes:
  - type: http
    namespace: redis
    baseUri: https://redis-mgmt.abbvie.com/api/v1
    authentication:
      type: bearer
      token: $secrets.redis_mgmt_token
    resources:
    - name: cluster-info
      path: /clusters/{{cluster_endpoint}}/info
      inputParameters:
      - name: cluster_endpoint
        in: path
      operations:
      - name: get-info
        method: GET

Retrieves a snapshot of a Grafana dashboard by UID. Used by SRE teams to review infrastructure and application metrics for AbbVie's cloud environments.

naftiko: '0.5'
info:
  label: Grafana Dashboard Viewer
  description: Retrieves a snapshot of a Grafana dashboard by UID. Used by SRE teams to review infrastructure and application metrics for AbbVie's cloud environments.
  tags:
  - monitoring
  - grafana
  - observability
capability:
  exposes:
  - type: mcp
    namespace: observability
    port: 8080
    tools:
    - name: get-dashboard
      description: Retrieve a Grafana dashboard by UID and return panel data.
      inputParameters:
      - name: dashboard_uid
        in: body
        type: string
        description: The Grafana dashboard UID.
      call: grafana.get-dashboard
      with:
        dashboard_uid: '{{dashboard_uid}}'
  consumes:
  - type: http
    namespace: grafana
    baseUri: https://abbvie-grafana.com/api
    authentication:
      type: bearer
      token: $secrets.grafana_api_key
    resources:
    - name: dashboards
      path: /dashboards/uid/{{dashboard_uid}}
      inputParameters:
      - name: dashboard_uid
        in: path
      operations:
      - name: get-dashboard
        method: GET

When a patient applies for AbbVie's assistance program, verifies eligibility via Salesforce, creates a case in ServiceNow, stores consent documents in Box, and sends confirmation via Microsoft Teams to the patient services team.

naftiko: '0.5'
info:
  label: Patient Assistance Program Enrollment
  description: When a patient applies for AbbVie's assistance program, verifies eligibility via Salesforce, creates a case in ServiceNow, stores consent documents in Box, and sends confirmation via Microsoft Teams to the patient services team.
  tags:
  - patient-services
  - enrollment
  - salesforce
  - servicenow
  - box
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: patient-services
    port: 8080
    tools:
    - name: enroll-patient
      description: Given a patient application, verify eligibility, create a case, store documents, and notify the patient services team.
      inputParameters:
      - name: patient_id
        in: body
        type: string
        description: Anonymized patient identifier.
      - name: program_code
        in: body
        type: string
        description: Assistance program code.
      - name: product_name
        in: body
        type: string
        description: AbbVie product the patient needs assistance with.
      - name: prescriber_npi
        in: body
        type: string
        description: Prescribing physician NPI number.
      steps:
      - name: check-eligibility
        type: call
        call: salesforce.get-eligibility
        with:
          patient_id: '{{patient_id}}'
          program_code: '{{program_code}}'
      - name: create-case
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'PAP Enrollment: {{patient_id}} — {{product_name}}'
          category: patient_assistance
          assigned_group: Patient_Services
          description: 'Patient: {{patient_id}}. Program: {{program_code}}. Product: {{product_name}}. Prescriber NPI: {{prescriber_npi}}. Eligibility: {{check-eligibility.status}}.'
      - name: store-consent
        type: call
        call: box.create-folder
        with:
          parent_folder_id: patient_assistance_root
          folder_name: PAP_{{patient_id}}_{{program_code}}
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel: patient-services
          text: 'PAP Enrollment: Patient {{patient_id}} for {{product_name}} ({{program_code}}). Eligibility: {{check-eligibility.status}}. Case: {{create-case.number}}. Docs: {{store-consent.url}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: eligibility
      path: /sobjects/Eligibility__c/{{patient_id}}
      inputParameters:
      - name: patient_id
        in: path
      operations:
      - name: get-eligibility
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: box
    baseUri: https://api.box.com/2.0
    authentication:
      type: bearer
      token: $secrets.box_token
    resources:
    - name: folders
      path: /folders
      operations:
      - name: create-folder
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Monitors cluster utilization via Prometheus, evaluates scaling policies, applies HPA adjustments, logs changes in ServiceNow, and notifies platform team in Slack.

naftiko: '0.5'
info:
  label: Kubernetes Cluster Scaling Orchestrator
  description: Monitors cluster utilization via Prometheus, evaluates scaling policies, applies HPA adjustments, logs changes in ServiceNow, and notifies platform team in Slack.
  tags:
  - devops
  - prometheus
  - servicenow
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: kubernetes_cluster_scaling_orchestrator
      description: Orchestrate kubernetes cluster scaling orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-metrics
        type: call
        call: prometheus.query
        with:
          query: cluster_cpu_utilization{cluster='{{resource_id}}'}
      - name: apply-scaling
        type: call
        call: k8s.patch-hpa
        with:
          namespace: '{{resource_id}}'
          replicas: '{{get-metrics.recommended}}'
      - name: log-change
        type: call
        call: servicenow.create-record
        with:
          table: scaling_events
          cluster: '{{resource_id}}'
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: platform-eng
          text: 'Cluster {{resource_id}} scaled. New replicas: {{get-metrics.recommended}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Retrieves the current status and details of a Jira issue by key. Used by engineering teams at AbbVie to check ticket progress and sprint assignments.

naftiko: '0.5'
info:
  label: Jira Issue Lookup
  description: Retrieves the current status and details of a Jira issue by key. Used by engineering teams at AbbVie to check ticket progress and sprint assignments.
  tags:
  - devops
  - jira
  - project-management
capability:
  exposes:
  - type: mcp
    namespace: project-mgmt
    port: 8080
    tools:
    - name: get-issue
      description: Look up a Jira issue by key and return its status, assignee, and summary.
      inputParameters:
      - name: issue_key
        in: body
        type: string
        description: The Jira issue key (e.g. PROJ-123).
      call: jira.get-issue
      with:
        issue_key: '{{issue_key}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue/{{issue_key}}
      inputParameters:
      - name: issue_key
        in: path
      operations:
      - name: get-issue
        method: GET

Retrieves a Zendesk support ticket by ID including status, priority, assignee, and subject. Used by AbbVie patient services and IT help desk teams.

naftiko: '0.5'
info:
  label: Zendesk Support Ticket Lookup
  description: Retrieves a Zendesk support ticket by ID including status, priority, assignee, and subject. Used by AbbVie patient services and IT help desk teams.
  tags:
  - support
  - customer-service
  - zendesk
capability:
  exposes:
  - type: mcp
    namespace: support
    port: 8080
    tools:
    - name: get-ticket
      description: Look up a Zendesk ticket by ID and return its status, priority, assignee, and subject.
      inputParameters:
      - name: ticket_id
        in: body
        type: string
        description: The Zendesk ticket ID.
      call: zendesk.get-ticket
      with:
        ticket_id: '{{ticket_id}}'
  consumes:
  - type: http
    namespace: zendesk
    baseUri: https://abbvie.zendesk.com/api/v2
    authentication:
      type: bearer
      token: $secrets.zendesk_token
    resources:
    - name: tickets
      path: /tickets/{{ticket_id}}
      inputParameters:
      - name: ticket_id
        in: path
      operations:
      - name: get-ticket
        method: GET

Retrieves submitted expense reports from SAP Concur, validates against PeopleSoft cost center data, and opens a ServiceNow task for finance review when policy exceptions are detected.

naftiko: '0.5'
info:
  label: Expense Report Processing
  description: Retrieves submitted expense reports from SAP Concur, validates against PeopleSoft cost center data, and opens a ServiceNow task for finance review when policy exceptions are detected.
  tags:
  - finance
  - expense
  - sap-concur
  - peoplesoft
  - servicenow
  - policy-compliance
capability:
  exposes:
  - type: mcp
    namespace: finance-expense
    port: 8080
    tools:
    - name: review-expense-report
      description: Given a Concur expense report ID and employee ID, fetch the report details, validate cost center against PeopleSoft, and flag policy violations to ServiceNow.
      inputParameters:
      - name: expense_report_id
        in: body
        type: string
        description: The SAP Concur expense report ID.
      - name: employee_id
        in: body
        type: string
        description: The PeopleSoft employee ID of the expense submitter.
      steps:
      - name: get-expense-report
        type: call
        call: concur.get-expense-report
        with:
          report_id: '{{expense_report_id}}'
      - name: get-employee
        type: call
        call: peoplesoft.get-employee
        with:
          employee_id: '{{employee_id}}'
      - name: open-review-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Expense policy review: {{get-expense-report.report_name}} — {{get-employee.full_name}}'
          description: 'Report {{expense_report_id}} total: {{get-expense-report.total_amount}} {{get-expense-report.currency}}. Cost center: {{get-employee.cost_center}}. Submitted: {{get-expense-report.submit_date}}.'
          assigned_group: Finance_Audit
          category: expense_review
  consumes:
  - type: http
    namespace: concur
    baseUri: https://us.api.concursolutions.com/api/v3.0
    authentication:
      type: bearer
      token: $secrets.concur_token
    resources:
    - name: expense-reports
      path: /expense/reports/{{report_id}}
      inputParameters:
      - name: report_id
        in: path
      operations:
      - name: get-expense-report
        method: GET
  - type: http
    namespace: peoplesoft
    baseUri: https://abbvie-hr.peoplesoft.com/api/v1
    authentication:
      type: basic
      username: $secrets.peoplesoft_user
      password: $secrets.peoplesoft_password
    resources:
    - name: employees
      path: /employees/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-employee
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST

Assembles a regulatory submission package by pulling the latest approved documents from SharePoint, generating a submission manifest in Confluence, and notifying the regulatory affairs team in Microsoft Teams.

naftiko: '0.5'
info:
  label: Regulatory Submission Document Assembly
  description: Assembles a regulatory submission package by pulling the latest approved documents from SharePoint, generating a submission manifest in Confluence, and notifying the regulatory affairs team in Microsoft Teams.
  tags:
  - regulatory
  - submission
  - sharepoint
  - confluence
  - microsoft-teams
  - compliance
capability:
  exposes:
  - type: mcp
    namespace: regulatory-affairs
    port: 8080
    tools:
    - name: assemble-submission
      description: Given a submission ID and product code, pull approved documents from SharePoint, create a Confluence manifest page, and notify the regulatory team.
      inputParameters:
      - name: submission_id
        in: body
        type: string
        description: The regulatory submission identifier.
      - name: product_code
        in: body
        type: string
        description: The AbbVie product code for the submission.
      - name: target_agency
        in: body
        type: string
        description: Target regulatory agency (e.g., FDA, EMA, PMDA).
      steps:
      - name: get-documents
        type: call
        call: sharepoint.list-folder
        with:
          site_id: regulatory_submissions
          folder_path: Submissions/{{product_code}}/{{submission_id}}
      - name: create-manifest
        type: call
        call: confluence.create-page
        with:
          space_key: REG
          title: 'Submission Manifest: {{submission_id}} — {{product_code}} ({{target_agency}})'
          body: 'Submission: {{submission_id}}

            Product: {{product_code}}

            Agency: {{target_agency}}

            Documents: {{get-documents.file_count}} files

            Assembled: {{get-documents.folder_url}}'
      - name: notify-reg-team
        type: call
        call: msteams.send-message
        with:
          channel: regulatory-affairs
          text: 'Submission package assembled: {{submission_id}} for {{product_code}} ({{target_agency}}). {{get-documents.file_count}} documents ready. Manifest: {{create-manifest.url}}'
  consumes:
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: folder-contents
      path: /{{site_id}}/drive/root:/{{folder_path}}:/children
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: list-folder
        method: GET
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

On new hire creation in PeopleSoft, opens a ServiceNow onboarding ticket, provisions an Azure AD account, shares a SharePoint onboarding folder, and sends a Microsoft Teams welcome message.

naftiko: '0.5'
info:
  label: New Hire Onboarding Orchestrator
  description: On new hire creation in PeopleSoft, opens a ServiceNow onboarding ticket, provisions an Azure AD account, shares a SharePoint onboarding folder, and sends a Microsoft Teams welcome message.
  tags:
  - hr
  - onboarding
  - peoplesoft
  - servicenow
  - azure-active-directory
  - sharepoint
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-onboarding
    port: 8080
    tools:
    - name: trigger-onboarding
      description: Given a PeopleSoft employee ID and start date, orchestrate the full onboarding sequence across ServiceNow, Azure AD, SharePoint, and Microsoft Teams.
      inputParameters:
      - name: employee_id
        in: body
        type: string
        description: The PeopleSoft employee ID for the new hire.
      - name: start_date
        in: body
        type: string
        description: The employee start date in YYYY-MM-DD format.
      - name: department
        in: body
        type: string
        description: The department or business unit the new hire is joining.
      steps:
      - name: get-employee
        type: call
        call: peoplesoft.get-employee
        with:
          employee_id: '{{employee_id}}'
      - name: open-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'New hire onboarding: {{get-employee.full_name}}'
          category: hr_onboarding
          assigned_group: IT_Onboarding
          description: Onboarding for {{get-employee.full_name}} starting {{start_date}} in {{department}}.
      - name: provision-ad-account
        type: call
        call: azuread.create-user
        with:
          displayName: '{{get-employee.full_name}}'
          userPrincipalName: '{{get-employee.work_email}}'
          department: '{{department}}'
      - name: provision-folder
        type: call
        call: sharepoint.create-folder
        with:
          site_id: hr_onboarding_site
          folder_path: OnboardingDocs/{{get-employee.full_name}}_{{start_date}}
      - name: send-welcome
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{get-employee.work_email}}'
          text: Welcome to AbbVie, {{get-employee.first_name}}! Your IT onboarding ticket is {{open-ticket.number}}. Documents are ready at {{provision-folder.url}}.
  consumes:
  - type: http
    namespace: peoplesoft
    baseUri: https://abbvie-hr.peoplesoft.com/api/v1
    authentication:
      type: basic
      username: $secrets.peoplesoft_user
      password: $secrets.peoplesoft_password
    resources:
    - name: employees
      path: /employees/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-employee
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: azuread
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: users
      path: /users
      operations:
      - name: create-user
        method: POST
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: drive-items
      path: /{{site_id}}/drive/root:/{{folder_path}}
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: create-folder
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /users/{{recipient_upn}}/sendMail
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves metadata about a GitHub repository including last commit, open PRs, and branch protection status. Used by platform engineering at AbbVie.

naftiko: '0.5'
info:
  label: GitHub Repository Info
  description: Retrieves metadata about a GitHub repository including last commit, open PRs, and branch protection status. Used by platform engineering at AbbVie.
  tags:
  - devops
  - github
  - source-control
capability:
  exposes:
  - type: mcp
    namespace: source-control
    port: 8080
    tools:
    - name: get-repo
      description: Retrieve GitHub repository metadata by owner and repo name.
      inputParameters:
      - name: repo_name
        in: body
        type: string
        description: Repository name in owner/repo format.
      call: github.get-repo
      with:
        repo_name: '{{repo_name}}'
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: repos
      path: /repos/{{repo_name}}
      inputParameters:
      - name: repo_name
        in: path
      operations:
      - name: get-repo
        method: GET

Searches for documents in Box by keyword. Used by regulatory, legal, and clinical operations teams to quickly find SOPs, protocols, and submission documents stored in AbbVie's enterprise content management.

naftiko: '0.5'
info:
  label: Box Document Search
  description: Searches for documents in Box by keyword. Used by regulatory, legal, and clinical operations teams to quickly find SOPs, protocols, and submission documents stored in AbbVie's enterprise content management.
  tags:
  - document-management
  - content
  - box
  - search
capability:
  exposes:
  - type: mcp
    namespace: document-mgmt
    port: 8080
    tools:
    - name: search-documents
      description: Search Box for documents matching a keyword query.
      inputParameters:
      - name: query
        in: body
        type: string
        description: Search keyword or phrase.
      - name: folder_id
        in: body
        type: string
        description: Optional Box folder ID to scope the search.
      call: box.search
      with:
        query: '{{query}}'
        ancestor_folder_ids: '{{folder_id}}'
  consumes:
  - type: http
    namespace: box
    baseUri: https://api.box.com/2.0
    authentication:
      type: bearer
      token: $secrets.box_token
    resources:
    - name: search
      path: /search
      inputParameters:
      - name: query
        in: query
      - name: ancestor_folder_ids
        in: query
      operations:
      - name: search
        method: GET

Checks backup status in Veritas NetBackup, validates Azure snapshots, confirms S3 replication, logs results in ServiceNow, and escalates failures via PagerDuty.

naftiko: '0.5'
info:
  label: Multi-Cloud Backup Verification
  description: Checks backup status in Veritas NetBackup, validates Azure snapshots, confirms S3 replication, logs results in ServiceNow, and escalates failures via PagerDuty.
  tags:
  - infrastructure
  - servicenow
  - pagerduty
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: multi_cloud_backup_verification
      description: Orchestrate multi-cloud backup verification workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: check-netbackup
        type: call
        call: netbackup.get-job-status
        with:
          policy_name: '{{resource_id}}'
      - name: check-azure
        type: call
        call: azure.get-snapshot-status
        with:
          resource_group: '{{resource_id}}'
      - name: log-results
        type: call
        call: servicenow.create-record
        with:
          table: backup_verifications
          policy: '{{resource_id}}'
      - name: escalate
        type: call
        call: pagerduty.create-incident
        with:
          title: 'Backup verification: {{resource_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: pagerduty
    baseUri: https://api.pagerduty.com
    authentication:
      type: bearer
      token: $secrets.pagerduty_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: pagerduty-operation
        method: POST

Creates a snapshot of a VMware virtual machine before a GxP system maintenance window, logs the snapshot in ServiceNow as a change task, and notifies the infrastructure team.

naftiko: '0.5'
info:
  label: VMware VM Snapshot Management
  description: Creates a snapshot of a VMware virtual machine before a GxP system maintenance window, logs the snapshot in ServiceNow as a change task, and notifies the infrastructure team.
  tags:
  - infrastructure
  - virtualization
  - vmware
  - servicenow
  - microsoft-teams
  - gxp
capability:
  exposes:
  - type: mcp
    namespace: infra-ops
    port: 8080
    tools:
    - name: create-vm-snapshot
      description: Given a VM name and change ticket, create a VMware snapshot, update the ServiceNow change task, and notify the infra team.
      inputParameters:
      - name: vm_name
        in: body
        type: string
        description: VMware virtual machine name.
      - name: change_number
        in: body
        type: string
        description: ServiceNow change request number.
      - name: snapshot_description
        in: body
        type: string
        description: Description for the snapshot.
      steps:
      - name: create-snapshot
        type: call
        call: vmware.create-snapshot
        with:
          vm_name: '{{vm_name}}'
          description: '{{snapshot_description}}'
      - name: update-change
        type: call
        call: servicenow.update-change
        with:
          change_number: '{{change_number}}'
          work_notes: 'VM snapshot created for {{vm_name}}. Snapshot ID: {{create-snapshot.snapshot_id}}. Timestamp: {{create-snapshot.created_at}}'
      - name: notify-infra
        type: call
        call: msteams.send-message
        with:
          channel: infrastructure-ops
          text: 'VM Snapshot: {{vm_name}} — Snapshot {{create-snapshot.snapshot_id}} created for change {{change_number}}. Ready for maintenance.'
  consumes:
  - type: http
    namespace: vmware
    baseUri: https://vcenter.abbvie.com/rest/vcenter
    authentication:
      type: bearer
      token: $secrets.vmware_session_token
    resources:
    - name: snapshots
      path: /vm/{{vm_name}}/snapshots
      inputParameters:
      - name: vm_name
        in: path
      operations:
      - name: create-snapshot
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request/{{change_number}}
      inputParameters:
      - name: change_number
        in: path
      operations:
      - name: update-change
        method: PATCH
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Provisions a new user in Azure Active Directory, assigns them to the appropriate security group, and sends credentials via Microsoft Teams direct message.

naftiko: '0.5'
info:
  label: Azure AD User Provisioning
  description: Provisions a new user in Azure Active Directory, assigns them to the appropriate security group, and sends credentials via Microsoft Teams direct message.
  tags:
  - identity
  - security
  - azure-active-directory
  - microsoft-teams
  - user-provisioning
capability:
  exposes:
  - type: mcp
    namespace: identity-mgmt
    port: 8080
    tools:
    - name: provision-user
      description: Create a new Azure AD user, assign to a security group, and send welcome credentials via Teams.
      inputParameters:
      - name: display_name
        in: body
        type: string
        description: Full name of the new user.
      - name: user_principal_name
        in: body
        type: string
        description: UPN for the new user (email format).
      - name: department
        in: body
        type: string
        description: Department the user belongs to.
      - name: security_group_id
        in: body
        type: string
        description: Azure AD security group ID to assign the user to.
      steps:
      - name: create-user
        type: call
        call: azuread.create-user
        with:
          displayName: '{{display_name}}'
          userPrincipalName: '{{user_principal_name}}'
          department: '{{department}}'
      - name: add-to-group
        type: call
        call: azuread.add-group-member
        with:
          group_id: '{{security_group_id}}'
          member_id: '{{create-user.id}}'
      - name: send-welcome
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{user_principal_name}}'
          text: Welcome to AbbVie, {{display_name}}! Your account has been provisioned. Please set up MFA at https://aka.ms/MFASetup.
  consumes:
  - type: http
    namespace: azuread
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: users
      path: /users
      operations:
      - name: create-user
        method: POST
    - name: group-members
      path: /groups/{{group_id}}/members/$ref
      inputParameters:
      - name: group_id
        in: path
      operations:
      - name: add-group-member
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /users/{{recipient_upn}}/sendMail
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves an Okta user profile by email or user ID. Used by IT security to verify identity and access status for AbbVie employees.

naftiko: '0.5'
info:
  label: Okta User Lookup
  description: Retrieves an Okta user profile by email or user ID. Used by IT security to verify identity and access status for AbbVie employees.
  tags:
  - security
  - okta
  - identity
capability:
  exposes:
  - type: mcp
    namespace: identity
    port: 8080
    tools:
    - name: get-user
      description: Look up an Okta user by email or ID.
      inputParameters:
      - name: user_identifier
        in: body
        type: string
        description: Email or Okta user ID.
      call: okta.get-user
      with:
        user_identifier: '{{user_identifier}}'
  consumes:
  - type: http
    namespace: okta
    baseUri: https://abbvie.okta.com/api/v1
    authentication:
      type: apiKey
      key: $secrets.okta_api_token
      header: Authorization
    resources:
    - name: users
      path: /users/{{user_identifier}}
      inputParameters:
      - name: user_identifier
        in: path
      operations:
      - name: get-user
        method: GET

Checks the health and throughput metrics for a MuleSoft API gateway endpoint. Used by integration teams to monitor API connectivity for AbbVie's enterprise integrations.

naftiko: '0.5'
info:
  label: MuleSoft API Gateway Health
  description: Checks the health and throughput metrics for a MuleSoft API gateway endpoint. Used by integration teams to monitor API connectivity for AbbVie's enterprise integrations.
  tags:
  - integration
  - api-management
  - mulesoft
  - monitoring
capability:
  exposes:
  - type: mcp
    namespace: api-management
    port: 8080
    tools:
    - name: get-api-health
      description: Look up MuleSoft API health metrics for a given environment and API ID.
      inputParameters:
      - name: environment_id
        in: body
        type: string
        description: MuleSoft environment ID.
      - name: api_id
        in: body
        type: string
        description: MuleSoft API ID.
      call: mulesoft.get-api-status
      with:
        environment_id: '{{environment_id}}'
        api_id: '{{api_id}}'
  consumes:
  - type: http
    namespace: mulesoft
    baseUri: https://anypoint.mulesoft.com/apimanager/api/v1
    authentication:
      type: bearer
      token: $secrets.mulesoft_token
    resources:
    - name: apis
      path: /organizations/{{environment_id}}/apis/{{api_id}}
      inputParameters:
      - name: environment_id
        in: path
      - name: api_id
        in: path
      operations:
      - name: get-api-status
        method: GET

Detects safety signals in ARGUS, queries adverse event records in Snowflake, creates a Jira ticket for the safety team, and notifies pharmacovigilance leadership in Teams.

naftiko: '0.5'
info:
  label: Pharmacovigilance Signal Detection Pipeline
  description: Detects safety signals in ARGUS, queries adverse event records in Snowflake, creates a Jira ticket for the safety team, and notifies pharmacovigilance leadership in Teams.
  tags:
  - pharmacovigilance
  - safety
  - snowflake
  - jira
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: pharmacovigilance_signal_detection_pipel
      description: Orchestrate pharmacovigilance signal detection pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-signal-data
        type: call
        call: argus.get-signal
        with:
          signal_id: '{{resource_id}}'
      - name: run-ae-analysis
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT * FROM adverse_events WHERE signal_id = '{{resource_id}}'
          warehouse: PHARMA_WH
      - name: create-ticket
        type: call
        call: jira.create-issue
        with:
          project: PV
          summary: 'Safety signal: {{get-signal-data.signal_type}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel: pharmacovigilance
          text: 'Signal {{resource_id}}: {{get-signal-data.signal_type}}. Ticket: {{create-ticket.key}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

On SIEM alert in Splunk, enriches with CrowdStrike threat intel, creates a PagerDuty incident, blocks IP in firewall, and documents in ServiceNow.

naftiko: '0.5'
info:
  label: Security Incident Response Pipeline
  description: On SIEM alert in Splunk, enriches with CrowdStrike threat intel, creates a PagerDuty incident, blocks IP in firewall, and documents in ServiceNow.
  tags:
  - security
  - splunk
  - pagerduty
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: security_incident_response_pipeline
      description: Orchestrate security incident response pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-alert
        type: call
        call: splunk.get-alert
        with:
          alert_id: '{{resource_id}}'
      - name: create-incident
        type: call
        call: pagerduty.create-incident
        with:
          title: 'Security alert: {{get-alert.rule_name}}'
      - name: document
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Security: {{get-alert.rule_name}}'
          description: Alert {{resource_id}}
  consumes:
  - type: http
    namespace: splunk
    baseUri: https://abbvie-splunk.com/services
    authentication:
      type: bearer
      token: $secrets.splunk_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: splunk-operation
        method: POST
  - type: http
    namespace: pagerduty
    baseUri: https://api.pagerduty.com
    authentication:
      type: bearer
      token: $secrets.pagerduty_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: pagerduty-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST

Captures HCP meeting notes from Veeva CRM, syncs to Salesforce, updates compliance records, refreshes Tableau analytics, and sends summary to field team.

naftiko: '0.5'
info:
  label: HCP Engagement Tracking Pipeline
  description: Captures HCP meeting notes from Veeva CRM, syncs to Salesforce, updates compliance records, refreshes Tableau analytics, and sends summary to field team.
  tags:
  - commercial
  - salesforce
  - tableau
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: hcp_engagement_tracking_pipeline
      description: Orchestrate hcp engagement tracking pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-meetings
        type: call
        call: veeva.get-hcp-meetings
        with:
          rep_id: '{{resource_id}}'
      - name: sync-salesforce
        type: call
        call: salesforce.update-engagement
        with:
          rep_id: '{{resource_id}}'
          meetings: '{{get-meetings.count}}'
      - name: refresh-analytics
        type: call
        call: tableau.refresh-extract
        with:
          workbook_id: hcp_engagement
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: field-force
          text: 'HCP engagement synced for rep {{resource_id}}: {{get-meetings.count}} meetings'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: salesforce-operation
        method: POST
  - type: http
    namespace: tableau
    baseUri: https://abbvie-tableau.com/api/3.19
    authentication:
      type: bearer
      token: $secrets.tableau_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: tableau-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

Searches for PII across Salesforce, Workday, and Snowflake, compiles results, logs in OneTrust, and sends the response via encrypted email.

naftiko: '0.5'
info:
  label: Data Privacy DSAR Processor
  description: Searches for PII across Salesforce, Workday, and Snowflake, compiles results, logs in OneTrust, and sends the response via encrypted email.
  tags:
  - privacy
  - salesforce
  - workday
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: data_privacy_dsar_processor
      description: Orchestrate data privacy dsar processor workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: search-sf
        type: call
        call: salesforce.search-pii
        with:
          subject_id: '{{resource_id}}'
      - name: search-wd
        type: call
        call: workday.search-employee
        with:
          subject_id: '{{resource_id}}'
      - name: search-sf-data
        type: call
        call: snowflake.run-query
        with:
          sql_query: SELECT * FROM pii_catalog WHERE subject = '{{resource_id}}'
          warehouse: PRIVACY_WH
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: privacy
          text: DSAR complete for {{resource_id}}
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: salesforce-operation
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/abbvie
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: workday-operation
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://abbvie.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Retrieves the status of a Coupa purchase requisition by requisition number. Used by procurement teams at AbbVie to track order progress.

naftiko: '0.5'
info:
  label: Coupa Purchase Requisition Status
  description: Retrieves the status of a Coupa purchase requisition by requisition number. Used by procurement teams at AbbVie to track order progress.
  tags:
  - procurement
  - coupa
  - purchasing
capability:
  exposes:
  - type: mcp
    namespace: procurement
    port: 8080
    tools:
    - name: get-requisition
      description: Look up a Coupa purchase requisition by number.
      inputParameters:
      - name: requisition_number
        in: body
        type: string
        description: The Coupa requisition number.
      call: coupa.get-requisition
      with:
        requisition_number: '{{requisition_number}}'
  consumes:
  - type: http
    namespace: coupa
    baseUri: https://abbvie.coupahost.com/api
    authentication:
      type: bearer
      token: $secrets.coupa_api_key
    resources:
    - name: requisitions
      path: /requisitions/{{requisition_number}}
      inputParameters:
      - name: requisition_number
        in: path
      operations:
      - name: get-requisition
        method: GET

Queries active user sessions in Keycloak for a given realm and user. Used by identity and access management teams to troubleshoot SSO issues for AbbVie's internal applications.

naftiko: '0.5'
info:
  label: Keycloak User Session Lookup
  description: Queries active user sessions in Keycloak for a given realm and user. Used by identity and access management teams to troubleshoot SSO issues for AbbVie's internal applications.
  tags:
  - security
  - identity
  - keycloak
  - sso
capability:
  exposes:
  - type: mcp
    namespace: iam
    port: 8080
    tools:
    - name: get-user-sessions
      description: Look up active Keycloak sessions for a user in a given realm.
      inputParameters:
      - name: realm
        in: body
        type: string
        description: Keycloak realm name.
      - name: user_id
        in: body
        type: string
        description: Keycloak user ID.
      call: keycloak.get-sessions
      with:
        realm: '{{realm}}'
        user_id: '{{user_id}}'
  consumes:
  - type: http
    namespace: keycloak
    baseUri: https://sso.abbvie.com/auth/admin/realms
    authentication:
      type: bearer
      token: $secrets.keycloak_admin_token
    resources:
    - name: sessions
      path: /{{realm}}/users/{{user_id}}/sessions
      inputParameters:
      - name: realm
        in: path
      - name: user_id
        in: path
      operations:
      - name: get-sessions
        method: GET

Triggers GitHub Actions workflow, monitors build, deploys to staging via ArgoCD, runs smoke tests, and promotes to production after Slack approval.

naftiko: '0.5'
info:
  label: Release Management Deployment Pipeline
  description: Triggers GitHub Actions workflow, monitors build, deploys to staging via ArgoCD, runs smoke tests, and promotes to production after Slack approval.
  tags:
  - devops
  - github
  - servicenow
  - slack
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: release_management_deployment_pipeline
      description: Orchestrate release management deployment pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: trigger-build
        type: call
        call: github.trigger-workflow
        with:
          repo: '{{resource_id}}'
          workflow: release.yml
      - name: deploy-staging
        type: call
        call: argocd.sync-app
        with:
          app_name: '{{resource_id}}-staging'
      - name: run-tests
        type: call
        call: postman.run-collection
        with:
          collection_id: '{{resource_id}}_smoke'
      - name: notify
        type: call
        call: slack.send-message
        with:
          channel: releases
          text: 'Release {{resource_id}} deployed to staging. Tests: {{run-tests.status}}'
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: github-operation
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-operation
        method: POST

On a GitHub Actions pipeline failure, creates a Datadog event marker, opens a ServiceNow incident, and alerts the engineering team in Microsoft Teams.

naftiko: '0.5'
info:
  label: CI/CD Failure Observability Chain
  description: On a GitHub Actions pipeline failure, creates a Datadog event marker, opens a ServiceNow incident, and alerts the engineering team in Microsoft Teams.
  tags:
  - devops
  - ci-cd
  - observability
  - github-actions
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: devops-alerts
    port: 8080
    tools:
    - name: handle-pipeline-failure
      description: Given a pipeline failure event, create a Datadog event, open a ServiceNow incident, and alert Teams with full context.
      inputParameters:
      - name: pipeline_id
        in: body
        type: string
      - name: repo
        in: body
        type: string
      - name: branch
        in: body
        type: string
      - name: failed_job_name
        in: body
        type: string
      - name: log_url
        in: body
        type: string
      - name: commit_sha
        in: body
        type: string
      steps:
      - name: create-event
        type: call
        call: datadog.create-event
        with:
          title: 'Pipeline failure: {{repo}} / {{branch}}'
          text: 'Job: {{failed_job_name}}. Commit: {{commit_sha}}. Log: {{log_url}}'
          alert_type: error
      - name: create-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: '[CI Failure] {{repo}} / {{branch}} — {{failed_job_name}}'
          category: ci_cd_failure
          assigned_group: Engineering
          description: 'Pipeline: {{pipeline_id}}

            Branch: {{branch}}

            Commit: {{commit_sha}}

            Log: {{log_url}}

            Datadog event: {{create-event.id}}'
      - name: post-alert
        type: call
        call: msteams.send-message
        with:
          channel: engineering-alerts
          text: 'Pipeline Failure: {{repo}} | Branch: {{branch}} | Job: {{failed_job_name}} | Incident: {{create-incident.number}} | Log: {{log_url}}'
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apiKey
      key: $secrets.datadog_api_key
      header: DD-API-KEY
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Pulls user access from SailPoint, compares against Workday roles, flags anomalies, creates certification tasks in ServiceNow, and emails managers.

naftiko: '0.5'
info:
  label: IT Access Review Certification Workflow
  description: Pulls user access from SailPoint, compares against Workday roles, flags anomalies, creates certification tasks in ServiceNow, and emails managers.
  tags:
  - security
  - sailpoint
  - workday
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: it_access_review_certification_workflow
      description: Orchestrate it access review certification workflow workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-access
        type: call
        call: sailpoint.get-user-access
        with:
          user_id: '{{resource_id}}'
      - name: get-role
        type: call
        call: workday.get-employee
        with:
          employee_id: '{{resource_id}}'
      - name: create-cert
        type: call
        call: servicenow.create-request
        with:
          short_description: 'Access review: {{resource_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: security-ops
          text: 'Access review created for {{resource_id}}: {{create-cert.number}}'
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/abbvie
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: workday-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Searches Splunk indexes for log entries matching a given query. Used by IT operations to investigate application errors across AbbVie's cloud infrastructure.

naftiko: '0.5'
info:
  label: Splunk Log Search
  description: Searches Splunk indexes for log entries matching a given query. Used by IT operations to investigate application errors across AbbVie's cloud infrastructure.
  tags:
  - devops
  - logging
  - splunk
capability:
  exposes:
  - type: mcp
    namespace: logging
    port: 8080
    tools:
    - name: search-logs
      description: Search Splunk logs by query string and time range.
      inputParameters:
      - name: query
        in: body
        type: string
        description: SPL search query.
      - name: time_range
        in: body
        type: string
        description: Relative time range such as -1h.
      call: splunk.search-logs
      with:
        query: '{{query}}'
        time_range: '{{time_range}}'
  consumes:
  - type: http
    namespace: splunk
    baseUri: https://abbvie-splunk.com/services/search/jobs
    authentication:
      type: bearer
      token: $secrets.splunk_token
    resources:
    - name: search-jobs
      path: /export
      operations:
      - name: search-logs
        method: POST

Retrieves a Salesforce opportunity by ID including stage, amount, close date, and account name. Used by commercial teams to check deal status for AbbVie therapeutic areas.

naftiko: '0.5'
info:
  label: Salesforce Opportunity Lookup
  description: Retrieves a Salesforce opportunity by ID including stage, amount, close date, and account name. Used by commercial teams to check deal status for AbbVie therapeutic areas.
  tags:
  - sales
  - crm
  - salesforce
  - commercial
capability:
  exposes:
  - type: mcp
    namespace: sales-crm
    port: 8080
    tools:
    - name: get-opportunity
      description: Look up a Salesforce opportunity by ID and return its stage, amount, close date, and account.
      inputParameters:
      - name: opportunity_id
        in: body
        type: string
        description: The Salesforce opportunity ID.
      call: salesforce.get-opportunity
      with:
        opportunity_id: '{{opportunity_id}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://abbvie.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /sobjects/Opportunity/{{opportunity_id}}
      inputParameters:
      - name: opportunity_id
        in: path
      operations:
      - name: get-opportunity
        method: GET

Runs a Terraform plan via Azure DevOps pipeline, checks for infrastructure drift, and creates a ServiceNow change request if drift is detected in AbbVie's Azure environments.

naftiko: '0.5'
info:
  label: Terraform Infrastructure Drift Detection
  description: Runs a Terraform plan via Azure DevOps pipeline, checks for infrastructure drift, and creates a ServiceNow change request if drift is detected in AbbVie's Azure environments.
  tags:
  - devops
  - infrastructure
  - terraform
  - azure-devops
  - servicenow
  - cloud
capability:
  exposes:
  - type: mcp
    namespace: infra-ops
    port: 8080
    tools:
    - name: detect-drift
      description: Trigger a Terraform plan in Azure DevOps and create a ServiceNow change request if drift is found.
      inputParameters:
      - name: project
        in: body
        type: string
        description: Azure DevOps project name.
      - name: pipeline_id
        in: body
        type: string
        description: Azure DevOps pipeline ID for the Terraform plan.
      - name: environment
        in: body
        type: string
        description: Target environment (dev, staging, prod).
      steps:
      - name: trigger-plan
        type: call
        call: azuredevops.run-pipeline
        with:
          project: '{{project}}'
          pipeline_id: '{{pipeline_id}}'
          parameters: '{"environment": "{{environment}}"}'
      - name: create-change-request
        type: call
        call: servicenow.create-change
        with:
          short_description: 'Terraform drift detected: {{project}} / {{environment}}'
          description: Pipeline run {{trigger-plan.run_id}} detected infrastructure drift in {{environment}}. Review Terraform plan output and apply corrections.
          assigned_group: Cloud_Engineering
          category: infrastructure
  consumes:
  - type: http
    namespace: azuredevops
    baseUri: https://dev.azure.com/abbvie
    authentication:
      type: bearer
      token: $secrets.azuredevops_token
    resources:
    - name: pipelines
      path: /{{project}}/_apis/pipelines/{{pipeline_id}}/runs
      inputParameters:
      - name: project
        in: path
      - name: pipeline_id
        in: path
      operations:
      - name: run-pipeline
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request
      operations:
      - name: create-change
        method: POST

Launches vulnerability scan via Qualys, runs OWASP ZAP against web apps, creates prioritized remediation tickets in Jira, and summarizes in Confluence.

naftiko: '0.5'
info:
  label: Automated Penetration Test Orchestrator
  description: Launches vulnerability scan via Qualys, runs OWASP ZAP against web apps, creates prioritized remediation tickets in Jira, and summarizes in Confluence.
  tags:
  - security
  - jira
  - confluence
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: automated_pen_test_orchestrator
      description: Orchestrate automated penetration test orchestrator workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: run-qualys
        type: call
        call: qualys.launch-scan
        with:
          target: '{{resource_id}}'
      - name: run-zap
        type: call
        call: zap.run-scan
        with:
          target_url: '{{resource_id}}'
      - name: create-tickets
        type: call
        call: jira.create-issue
        with:
          project: SEC
          summary: 'Pen test findings: {{resource_id}}'
      - name: create-report
        type: call
        call: confluence.create-page
        with:
          space: SEC
          title: 'Pen test: {{resource_id}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: confluence-operation
        method: POST

Pulls cost and usage data from Oracle Cloud for a given compartment and date range, formats a summary, and posts it to a Confluence finance report page for budget tracking.

naftiko: '0.5'
info:
  label: Oracle Cloud Infrastructure Cost Report
  description: Pulls cost and usage data from Oracle Cloud for a given compartment and date range, formats a summary, and posts it to a Confluence finance report page for budget tracking.
  tags:
  - finance
  - cloud
  - oracle-cloud
  - confluence
  - cost-management
capability:
  exposes:
  - type: mcp
    namespace: cloud-finance
    port: 8080
    tools:
    - name: generate-cost-report
      description: Given an OCI compartment and date range, pull cost data and publish a Confluence report.
      inputParameters:
      - name: compartment_id
        in: body
        type: string
        description: Oracle Cloud compartment OCID.
      - name: start_date
        in: body
        type: string
        description: Report start date (YYYY-MM-DD).
      - name: end_date
        in: body
        type: string
        description: Report end date (YYYY-MM-DD).
      steps:
      - name: get-cost-data
        type: call
        call: oci.get-usage
        with:
          compartment_id: '{{compartment_id}}'
          start_date: '{{start_date}}'
          end_date: '{{end_date}}'
      - name: publish-report
        type: call
        call: confluence.create-page
        with:
          space_key: CLOUDFINANCE
          title: 'OCI Cost Report: {{compartment_id}} ({{start_date}} to {{end_date}})'
          body: 'Compartment: {{compartment_id}}

            Period: {{start_date}} to {{end_date}}

            Total Cost: {{get-cost-data.total_cost}} {{get-cost-data.currency}}

            Compute: {{get-cost-data.compute_cost}}

            Storage: {{get-cost-data.storage_cost}}

            Network: {{get-cost-data.network_cost}}'
  consumes:
  - type: http
    namespace: oci
    baseUri: https://usagereports.us-ashburn-1.oci.oraclecloud.com/20200107
    authentication:
      type: bearer
      token: $secrets.oci_token
    resources:
    - name: usage
      path: /usage
      operations:
      - name: get-usage
        method: POST
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Captures EHS incidents from Intelex, correlates with SAP site data, generates a CAPA investigation, and alerts site leadership via Teams.

naftiko: '0.5'
info:
  label: Environmental Health Safety Incident Pipeline
  description: Captures EHS incidents from Intelex, correlates with SAP site data, generates a CAPA investigation, and alerts site leadership via Teams.
  tags:
  - ehs
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: ehs_incident_pipeline
      description: Orchestrate environmental health safety incident pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-incident
        type: call
        call: intelex.get-incident
        with:
          incident_id: '{{resource_id}}'
      - name: get-site-data
        type: call
        call: sap.get-plant
        with:
          plant_id: '{{get-incident.plant_id}}'
      - name: create-capa
        type: call
        call: servicenow.create-request
        with:
          short_description: 'EHS CAPA: {{resource_id}}'
          description: '{{get-incident.description}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel: ehs-leadership
          text: 'EHS incident {{resource_id}} at {{get-site-data.plant_name}}. CAPA: {{create-capa.number}}'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Executes a predefined analytics query against AbbVie's Teradata data warehouse and returns summary results. Used by data analysts for pharma sales and market access reporting.

naftiko: '0.5'
info:
  label: Teradata Data Warehouse Query
  description: Executes a predefined analytics query against AbbVie's Teradata data warehouse and returns summary results. Used by data analysts for pharma sales and market access reporting.
  tags:
  - data-analytics
  - data-warehouse
  - teradata
  - reporting
capability:
  exposes:
  - type: mcp
    namespace: data-warehouse
    port: 8080
    tools:
    - name: run-analytics-query
      description: Execute a named query against Teradata and return results.
      inputParameters:
      - name: query_name
        in: body
        type: string
        description: Name of the predefined analytics query.
      - name: parameters
        in: body
        type: string
        description: JSON string of query parameters.
      call: teradata.execute-query
      with:
        query_name: '{{query_name}}'
        parameters: '{{parameters}}'
  consumes:
  - type: http
    namespace: teradata
    baseUri: https://teradata.abbvie.com/api/v1
    authentication:
      type: bearer
      token: $secrets.teradata_token
    resources:
    - name: queries
      path: /queries/{{query_name}}/execute
      inputParameters:
      - name: query_name
        in: path
      operations:
      - name: execute-query
        method: POST

When an SAP supply chain alert fires for a critical raw material, creates a ServiceNow priority incident, notifies the supply chain team in Microsoft Teams, and logs an entry in Confluence for audit tracking.

naftiko: '0.5'
info:
  label: Drug Supply Chain Disruption Escalation
  description: When an SAP supply chain alert fires for a critical raw material, creates a ServiceNow priority incident, notifies the supply chain team in Microsoft Teams, and logs an entry in Confluence for audit tracking.
  tags:
  - supply-chain
  - manufacturing
  - sap
  - servicenow
  - microsoft-teams
  - confluence
capability:
  exposes:
  - type: mcp
    namespace: supply-chain
    port: 8080
    tools:
    - name: escalate-disruption
      description: Given a material shortage alert from SAP, create a priority incident, notify the supply chain team, and log the disruption for GMP audit trail.
      inputParameters:
      - name: material_number
        in: body
        type: string
        description: SAP material number for the affected raw material.
      - name: plant_code
        in: body
        type: string
        description: SAP plant code where the shortage is detected.
      - name: shortage_quantity
        in: body
        type: string
        description: Quantity shortfall in base unit of measure.
      - name: affected_product
        in: body
        type: string
        description: The finished drug product affected by the shortage.
      steps:
      - name: get-material
        type: call
        call: sap.get-material
        with:
          material_number: '{{material_number}}'
      - name: create-priority-incident
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Supply disruption: {{get-material.material_name}} at plant {{plant_code}}'
          category: supply_chain_disruption
          assigned_group: Supply_Chain_Ops
          urgency: '1'
          description: 'Material: {{material_number}} ({{get-material.material_name}}). Plant: {{plant_code}}. Shortage: {{shortage_quantity}} {{get-material.unit}}. Affected product: {{affected_product}}.'
      - name: notify-supply-team
        type: call
        call: msteams.send-message
        with:
          channel: supply-chain-alerts
          text: 'SUPPLY DISRUPTION: {{get-material.material_name}} at plant {{plant_code}}. Shortage: {{shortage_quantity}} {{get-material.unit}}. Affected: {{affected_product}}. Incident: {{create-priority-incident.number}}'
      - name: log-audit-entry
        type: call
        call: confluence.create-page
        with:
          space_key: SUPPLY
          title: 'Disruption Log: {{material_number}} — {{plant_code}} — {{create-priority-incident.number}}'
          body: 'Material: {{material_number}} ({{get-material.material_name}})

            Plant: {{plant_code}}

            Shortage: {{shortage_quantity}}

            Product: {{affected_product}}

            Incident: {{create-priority-incident.number}}

            Timestamp: {{create-priority-incident.created_at}}'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: materials
      path: /A_Material('{{material_number}}')
      inputParameters:
      - name: material_number
        in: path
      operations:
      - name: get-material
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Sends a message to a specified Slack channel. Used by automation workflows to notify teams about pipeline events and alerts.

naftiko: '0.5'
info:
  label: Slack Channel Message Sender
  description: Sends a message to a specified Slack channel. Used by automation workflows to notify teams about pipeline events and alerts.
  tags:
  - collaboration
  - slack
  - messaging
capability:
  exposes:
  - type: mcp
    namespace: messaging
    port: 8080
    tools:
    - name: send-message
      description: Send a message to a Slack channel.
      inputParameters:
      - name: channel
        in: body
        type: string
        description: The Slack channel name or ID.
      - name: text
        in: body
        type: string
        description: The message text.
      call: slack.send-message
      with:
        channel: '{{channel}}'
        text: '{{text}}'
  consumes:
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: messages
      path: /chat.postMessage
      operations:
      - name: send-message
        method: POST

Triggers a dataset refresh in Power BI for a specified workspace and dataset. Used by analytics teams to ensure pharma sales dashboards reflect the latest data from Teradata.

naftiko: '0.5'
info:
  label: Power BI Report Refresh Trigger
  description: Triggers a dataset refresh in Power BI for a specified workspace and dataset. Used by analytics teams to ensure pharma sales dashboards reflect the latest data from Teradata.
  tags:
  - analytics
  - business-intelligence
  - power-bi
  - data-refresh
capability:
  exposes:
  - type: mcp
    namespace: bi-analytics
    port: 8080
    tools:
    - name: refresh-dataset
      description: Trigger a Power BI dataset refresh for a given workspace and dataset ID.
      inputParameters:
      - name: workspace_id
        in: body
        type: string
        description: The Power BI workspace (group) ID.
      - name: dataset_id
        in: body
        type: string
        description: The Power BI dataset ID to refresh.
      call: powerbi.refresh-dataset
      with:
        workspace_id: '{{workspace_id}}'
        dataset_id: '{{dataset_id}}'
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: datasets
      path: /groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: workspace_id
        in: path
      - name: dataset_id
        in: path
      operations:
      - name: refresh-dataset
        method: POST

When a manufacturing deviation is reported in SAP, creates a quality investigation in Veeva, assigns corrective actions in Jira, and notifies QA via Teams.

naftiko: '0.5'
info:
  label: Drug Manufacturing Deviation Handler
  description: When a manufacturing deviation is reported in SAP, creates a quality investigation in Veeva, assigns corrective actions in Jira, and notifies QA via Teams.
  tags:
  - manufacturing
  - quality
  - sap
  - jira
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: abbvie
    port: 8080
    tools:
    - name: drug_manufacturing_deviation_handler
      description: Orchestrate drug manufacturing deviation handler workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-deviation
        type: call
        call: sap.get-deviation
        with:
          deviation_id: '{{resource_id}}'
      - name: create-investigation
        type: call
        call: veeva.create-investigation
        with:
          deviation_id: '{{resource_id}}'
          description: '{{get-deviation.description}}'
      - name: create-capa
        type: call
        call: jira.create-issue
        with:
          project: QA
          summary: CAPA for deviation {{resource_id}}
      - name: notify-qa
        type: call
        call: msteams.send-message
        with:
          channel: quality-assurance
          text: 'Deviation {{resource_id}}: {{get-deviation.description}}. CAPA: {{create-capa.key}}'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://abbvie-sap.com/api/v1
    authentication:
      type: bearer
      token: $secrets.sap_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: sap-operation
        method: POST
  - type: http
    namespace: jira
    baseUri: https://abbvie.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-operation
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: msteams-operation
        method: POST

Retrieves metadata and preview URL for a Tableau workbook view. Used by business users to quickly access pharma analytics dashboards without logging into Tableau Server.

naftiko: '0.5'
info:
  label: Tableau Dashboard Viewer
  description: Retrieves metadata and preview URL for a Tableau workbook view. Used by business users to quickly access pharma analytics dashboards without logging into Tableau Server.
  tags:
  - analytics
  - business-intelligence
  - tableau
  - visualization
capability:
  exposes:
  - type: mcp
    namespace: bi-analytics
    port: 8080
    tools:
    - name: get-tableau-view
      description: Look up a Tableau view by workbook and view name, returning the embed URL and last refresh time.
      inputParameters:
      - name: site_id
        in: body
        type: string
        description: Tableau site ID.
      - name: view_id
        in: body
        type: string
        description: Tableau view ID.
      call: tableau.get-view
      with:
        site_id: '{{site_id}}'
        view_id: '{{view_id}}'
  consumes:
  - type: http
    namespace: tableau
    baseUri: https://tableau.abbvie.com/api/3.19
    authentication:
      type: bearer
      token: $secrets.tableau_token
    resources:
    - name: views
      path: /sites/{{site_id}}/views/{{view_id}}
      inputParameters:
      - name: site_id
        in: path
      - name: view_id
        in: path
      operations:
      - name: get-view
        method: GET

Checks the quality gate status for a SonarQube project. Used by AbbVie engineering teams to validate code quality before merging changes to GxP-validated systems.

naftiko: '0.5'
info:
  label: SonarQube Code Quality Gate Check
  description: Checks the quality gate status for a SonarQube project. Used by AbbVie engineering teams to validate code quality before merging changes to GxP-validated systems.
  tags:
  - devops
  - code-quality
  - sonarqube
  - gxp
capability:
  exposes:
  - type: mcp
    namespace: code-quality
    port: 8080
    tools:
    - name: check-quality-gate
      description: Look up the quality gate status for a SonarQube project key.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: The SonarQube project key.
      call: sonarqube.get-quality-gate
      with:
        project_key: '{{project_key}}'
  consumes:
  - type: http
    namespace: sonarqube
    baseUri: https://sonarqube.abbvie.com/api
    authentication:
      type: bearer
      token: $secrets.sonarqube_token
    resources:
    - name: quality-gates
      path: /qualitygates/project_status
      inputParameters:
      - name: project_key
        in: query
      operations:
      - name: get-quality-gate
        method: GET

Retrieves a Confluence page by space key and title. Used across AbbVie teams to quickly access SOPs, process documentation, and regulatory guidelines.

naftiko: '0.5'
info:
  label: Confluence Page Lookup
  description: Retrieves a Confluence page by space key and title. Used across AbbVie teams to quickly access SOPs, process documentation, and regulatory guidelines.
  tags:
  - knowledge-management
  - documentation
  - confluence
capability:
  exposes:
  - type: mcp
    namespace: knowledge-base
    port: 8080
    tools:
    - name: get-confluence-page
      description: Look up a Confluence page by space key and title.
      inputParameters:
      - name: space_key
        in: body
        type: string
        description: Confluence space key.
      - name: title
        in: body
        type: string
        description: Page title to search for.
      call: confluence.get-page
      with:
        space_key: '{{space_key}}'
        title: '{{title}}'
  consumes:
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      inputParameters:
      - name: space_key
        in: query
      - name: title
        in: query
      operations:
      - name: get-page
        method: GET

When a code change is merged to a GxP-validated system, creates a change control record in ServiceNow, runs SonarQube quality gate, uploads evidence to SharePoint, and notifies QA in Microsoft Teams.

naftiko: '0.5'
info:
  label: GxP Validation Change Control
  description: When a code change is merged to a GxP-validated system, creates a change control record in ServiceNow, runs SonarQube quality gate, uploads evidence to SharePoint, and notifies QA in Microsoft Teams.
  tags:
  - quality
  - gxp
  - change-control
  - servicenow
  - sonarqube
  - sharepoint
  - microsoft-teams
  - compliance
capability:
  exposes:
  - type: mcp
    namespace: gxp-quality
    port: 8080
    tools:
    - name: process-gxp-change
      description: Given a repository, commit SHA, and system name, execute GxP change control workflow including quality gate check and evidence archival.
      inputParameters:
      - name: repo
        in: body
        type: string
        description: Repository in owner/repo format.
      - name: commit_sha
        in: body
        type: string
        description: The merge commit SHA.
      - name: system_name
        in: body
        type: string
        description: Name of the GxP-validated system.
      - name: change_description
        in: body
        type: string
        description: Description of the change being deployed.
      steps:
      - name: create-change-control
        type: call
        call: servicenow.create-change
        with:
          short_description: 'GxP Change: {{system_name}} — {{commit_sha}}'
          description: 'Repository: {{repo}}. Commit: {{commit_sha}}. Change: {{change_description}}'
          assigned_group: QA_Validation
          category: gxp_change_control
      - name: check-quality
        type: call
        call: sonarqube.get-quality-gate
        with:
          project_key: '{{repo}}'
      - name: archive-evidence
        type: call
        call: sharepoint.create-folder
        with:
          site_id: gxp_validation
          folder_path: ChangeControl/{{system_name}}/{{create-change-control.number}}
      - name: notify-qa
        type: call
        call: msteams.send-message
        with:
          channel: qa-validation
          text: 'GxP Change Control: {{system_name}} — {{create-change-control.number}}. Quality Gate: {{check-quality.status}}. Evidence: {{archive-evidence.url}}. Change: {{change_description}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://abbvie.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: sonarqube
    baseUri: https://sonarqube.abbvie.com/api
    authentication:
      type: bearer
      token: $secrets.sonarqube_token
    resources:
    - name: quality-gates
      path: /qualitygates/project_status
      inputParameters:
      - name: project_key
        in: query
      operations:
      - name: get-quality-gate
        method: GET
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: drive-items
      path: /{{site_id}}/drive/root:/{{folder_path}}
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: create-folder
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves metadata and a pre-signed URL for an object in an S3 bucket. Used by data teams to access research datasets and clinical data exports.

naftiko: '0.5'
info:
  label: AWS S3 Object Retrieval
  description: Retrieves metadata and a pre-signed URL for an object in an S3 bucket. Used by data teams to access research datasets and clinical data exports.
  tags:
  - cloud
  - aws
  - s3
  - storage
capability:
  exposes:
  - type: mcp
    namespace: cloud-storage
    port: 8080
    tools:
    - name: get-object
      description: Get S3 object metadata and download URL by bucket and key.
      inputParameters:
      - name: bucket
        in: body
        type: string
        description: S3 bucket name.
      - name: object_key
        in: body
        type: string
        description: Object key path.
      call: s3.get-object
      with:
        bucket: '{{bucket}}'
        object_key: '{{object_key}}'
  consumes:
  - type: http
    namespace: s3
    baseUri: https://s3.amazonaws.com
    authentication:
      type: awsSigV4
      accessKeyId: $secrets.aws_access_key
      secretAccessKey: $secrets.aws_secret_key
    resources:
    - name: objects
      path: /{{bucket}}/{{object_key}}
      inputParameters:
      - name: bucket
        in: path
      - name: object_key
        in: path
      operations:
      - name: get-object
        method: GET

Checks the status of an Apache NiFi data flow that processes clinical trial data, verifies the downstream Elasticsearch index health, and alerts the data engineering team via Microsoft Teams if issues are detected.

naftiko: '0.5'
info:
  label: Clinical Data Pipeline Monitoring
  description: Checks the status of an Apache NiFi data flow that processes clinical trial data, verifies the downstream Elasticsearch index health, and alerts the data engineering team via Microsoft Teams if issues are detected.
  tags:
  - data-engineering
  - clinical-data
  - apache-nifi
  - elasticsearch
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: data-ops
    port: 8080
    tools:
    - name: check-clinical-pipeline
      description: Given a NiFi process group ID, check flow status and Elasticsearch index health, alerting the team on failures.
      inputParameters:
      - name: process_group_id
        in: body
        type: string
        description: The NiFi process group ID for the clinical data flow.
      - name: index_name
        in: body
        type: string
        description: The Elasticsearch index name for clinical data.
      steps:
      - name: get-flow-status
        type: call
        call: nifi.get-process-group
        with:
          process_group_id: '{{process_group_id}}'
      - name: check-index
        type: call
        call: elasticsearch.get-index-health
        with:
          index_name: '{{index_name}}'
      - name: alert-team
        type: call
        call: msteams.send-message
        with:
          channel: data-engineering
          text: 'Clinical Pipeline Status — NiFi flow {{process_group_id}}: {{get-flow-status.status}}. Queued: {{get-flow-status.queued_count}}. ES index {{index_name}}: {{check-index.status}} ({{check-index.doc_count}} docs).'
  consumes:
  - type: http
    namespace: nifi
    baseUri: https://nifi.abbvie.com/nifi-api
    authentication:
      type: bearer
      token: $secrets.nifi_token
    resources:
    - name: process-groups
      path: /process-groups/{{process_group_id}}/status
      inputParameters:
      - name: process_group_id
        in: path
      operations:
      - name: get-process-group
        method: GET
  - type: http
    namespace: elasticsearch
    baseUri: https://es.abbvie.com:9200
    authentication:
      type: basic
      username: $secrets.es_user
      password: $secrets.es_password
    resources:
    - name: indices
      path: /_cluster/health/{{index_name}}
      inputParameters:
      - name: index_name
        in: path
      operations:
      - name: get-index-health
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: messages
      path: /teams/{{channel}}/channels/general/messages
      inputParameters:
      - name: channel
        in: path
      operations:
      - name: send-message
        method: POST

Queries Palo Alto Networks firewall for a specific security rule by name. Used by network security teams to audit firewall configurations protecting AbbVie's data center and cloud perimeters.

naftiko: '0.5'
info:
  label: Palo Alto Networks Firewall Rule Lookup
  description: Queries Palo Alto Networks firewall for a specific security rule by name. Used by network security teams to audit firewall configurations protecting AbbVie's data center and cloud perimeters.
  tags:
  - security
  - network
  - palo-alto-networks
  - firewall
capability:
  exposes:
  - type: mcp
    namespace: network-security
    port: 8080
    tools:
    - name: get-firewall-rule
      description: Look up a Palo Alto Networks security rule by name.
      inputParameters:
      - name: rule_name
        in: body
        type: string
        description: Name of the firewall security rule.
      call: paloalto.get-security-rule
      with:
        rule_name: '{{rule_name}}'
  consumes:
  - type: http
    namespace: paloalto
    baseUri: https://firewall.abbvie.com/restapi/v10.2
    authentication:
      type: apiKey
      key: $secrets.paloalto_api_key
      header: X-PAN-KEY
    resources:
    - name: security-rules
      path: /Policies/SecurityRules
      inputParameters:
      - name: rule_name
        in: query
      operations:
      - name: get-security-rule
        method: GET

Pulls engagement metrics from LinkedIn, Facebook, and Instagram for an AbbVie brand campaign, aggregates the data, and publishes a summary report to Confluence for the digital marketing team.

naftiko: '0.5'
info:
  label: Social Media Brand Monitoring
  description: Pulls engagement metrics from LinkedIn, Facebook, and Instagram for an AbbVie brand campaign, aggregates the data, and publishes a summary report to Confluence for the digital marketing team.
  tags:
  - marketing
  - social-media
  - linkedin
  - facebook
  - instagram
  - confluence
  - brand-monitoring
capability:
  exposes:
  - type: mcp
    namespace: social-media
    port: 8080
    tools:
    - name: generate-social-report
      description: Given a campaign identifier, pull engagement data from LinkedIn, Facebook, and Instagram, then publish a consolidated report.
      inputParameters:
      - name: campaign_id
        in: body
        type: string
        description: Internal campaign identifier.
      - name: campaign_name
        in: body
        type: string
        description: Campaign display name.
      - name: date_range
        in: body
        type: string
        description: Reporting date range.
      steps:
      - name: get-linkedin-metrics
        type: call
        call: linkedin.get-campaign-analytics
        with:
          campaign_id: '{{campaign_id}}'
      - name: get-facebook-metrics
        type: call
        call: facebook.get-campaign-insights
        with:
          campaign_id: '{{campaign_id}}'
      - name: get-instagram-metrics
        type: call
        call: instagram.get-media-insights
        with:
          campaign_id: '{{campaign_id}}'
      - name: publish-report
        type: call
        call: confluence.create-page
        with:
          space_key: DIGITAL
          title: 'Social Media Report: {{campaign_name}} — {{date_range}}'
          body: 'Campaign: {{campaign_name}}


            LinkedIn — Impressions: {{get-linkedin-metrics.impressions}}, Clicks: {{get-linkedin-metrics.clicks}}, Engagement Rate: {{get-linkedin-metrics.engagement_rate}}


            Facebook — Reach: {{get-facebook-metrics.reach}}, Clicks: {{get-facebook-metrics.clicks}}, Reactions: {{get-facebook-metrics.reactions}}


            Instagram — Impressions: {{get-instagram-metrics.impressions}}, Likes: {{get-instagram-metrics.likes}}, Comments: {{get-instagram-metrics.comments}}'
  consumes:
  - type: http
    namespace: linkedin
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: analytics
      path: /adAnalyticsV2
      inputParameters:
      - name: campaign_id
        in: query
      operations:
      - name: get-campaign-analytics
        method: GET
  - type: http
    namespace: facebook
    baseUri: https://graph.facebook.com/v18.0
    authentication:
      type: bearer
      token: $secrets.facebook_token
    resources:
    - name: insights
      path: /{{campaign_id}}/insights
      inputParameters:
      - name: campaign_id
        in: path
      operations:
      - name: get-campaign-insights
        method: GET
  - type: http
    namespace: instagram
    baseUri: https://graph.facebook.com/v18.0
    authentication:
      type: bearer
      token: $secrets.instagram_token
    resources:
    - name: media-insights
      path: /{{campaign_id}}/insights
      inputParameters:
      - name: campaign_id
        in: path
      operations:
      - name: get-media-insights
        method: GET
  - type: http
    namespace: confluence
    baseUri: https://abbvie.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.confluence_user
      password: $secrets.confluence_token
    resources:
    - name: pages
      path: /content
      operations:
      - name: create-page
        method: POST

Queries promo data for Albertsons.

naftiko: '0.5'
info:
  label: Snowflake Promo Performance
  description: Queries promo data for Albertsons.
  tags:
  - analytics
  - snowflake
  - e-commerce
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: get-promo
      description: Query promos.
      inputParameters:
      - name: promo
        type: string
        description: Promo ID.
      call: snowflake.run-query
      with:
        promo: '{{promo}}'
      outputParameters:
      - name: redemptions
        type: integer
        mapping: $.data[0].REDEMPTIONS
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST

When Datadog detects an AWS cloud spend anomaly above threshold, creates a ServiceNow incident and alerts the FinOps team in Microsoft Teams. Enables rapid cost containment for Albertsons cloud-hosted retail and e-commerce platforms.

naftiko: '0.5'
info:
  label: Cloud FinOps Cost Anomaly Responder
  description: When Datadog detects an AWS cloud spend anomaly above threshold, creates a ServiceNow incident and alerts the FinOps team in Microsoft Teams. Enables rapid cost containment for Albertsons cloud-hosted retail and e-commerce platforms.
  tags:
  - finops
  - cloud
  - datadog
  - aws
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: finops-ops
    port: 8080
    tools:
    - name: handle-cost-anomaly
      description: Given a Datadog alert ID and AWS account ID, retrieve alert context, open a ServiceNow incident, and notify the FinOps Teams channel. Use when AWS cloud spend exceeds expected thresholds.
      inputParameters:
      - name: alert_id
        in: body
        type: string
        description: The Datadog monitor alert ID for the cost anomaly.
      - name: aws_account_id
        in: body
        type: string
        description: The AWS account ID where the anomaly was detected.
      - name: threshold_percent
        in: body
        type: number
        description: The percentage over budget that triggered the alert.
      steps:
      - name: get-datadog-alert
        type: call
        call: datadog-finops.get-monitor
        with:
          monitor_id: '{{alert_id}}'
      - name: create-snow-incident
        type: call
        call: servicenow-finops.create-incident
        with:
          short_description: 'AWS cost anomaly: {{threshold_percent}}% over budget on {{aws_account_id}}'
          category: Cloud
          urgency: '2'
      - name: notify-finops
        type: call
        call: msteams-finops.send-message
        with:
          channel_id: finops-alerts
          message: 'Cost anomaly: {{threshold_percent}}% over budget. Account: {{aws_account_id}}. Incident: {{create-snow-incident.number}}'
  consumes:
  - type: http
    namespace: datadog-finops
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: monitor
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: servicenow-finops
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_pass
    resources:
    - name: incident
      path: /table/incident
      inputParameters:
      - name: short_description
        in: body
      - name: category
        in: body
      - name: urgency
        in: body
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-finops
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates labor schedule optimizer for Albertsons across store-ops, snowflake, workday.

naftiko: '0.5'
info:
  label: Labor Schedule Optimizer
  description: Orchestrates labor schedule optimizer for Albertsons across store-ops, snowflake, workday.
  tags:
  - store-ops
  - snowflake
  - workday
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: workforce
    port: 8080
    tools:
    - name: labor-schedule-optimizer
      description: Orchestrates labor schedule optimizer for Albertsons across store-ops, snowflake, workday.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM LABOR_SCHEDULE_OPTIMIZER
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Labor Schedule Optimizer done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Gets PO items for Albertsons.

naftiko: '0.5'
info:
  label: SAP PO Items
  description: Gets PO items for Albertsons.
  tags:
  - procurement
  - sap
  - supply-chain
capability:
  exposes:
  - type: mcp
    namespace: erp
    port: 8080
    tools:
    - name: get-po-items
      description: Get PO items.
      inputParameters:
      - name: po
        type: string
        description: PO.
      call: sap.get-items
      with:
        po: '{{po}}'
      outputParameters:
      - name: items
        type: array
        mapping: $.d.results
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: items
      path: /A_PurchaseOrder('{{po}}')/to_PurchaseOrderItem
      inputParameters:
      - name: po
        in: path
      operations:
      - name: get-items
        method: GET

Pulls headcount totals from Workday by division and publishes the snapshot to Snowflake and Power BI for HR and finance leadership. Supports monthly workforce planning for Albertsons' 285,000+ employees across stores, distribution, and corporate.

naftiko: '0.5'
info:
  label: Workday Headcount Snapshot Report
  description: Pulls headcount totals from Workday by division and publishes the snapshot to Snowflake and Power BI for HR and finance leadership. Supports monthly workforce planning for Albertsons' 285,000+ employees across stores, distribution, and corporate.
  tags:
  - hr
  - reporting
  - workday
  - snowflake
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: hr-reporting
    port: 8080
    tools:
    - name: publish-headcount-snapshot
      description: Given a division code and reporting period, retrieve headcount from Workday, write the snapshot to Snowflake, and trigger a Power BI refresh. Use for monthly workforce headcount reporting.
      inputParameters:
      - name: division_code
        in: body
        type: string
        description: The Albertsons division code (e.g., SAFEWAY-WEST, VONS, JEWEL-OSCO).
      - name: reporting_period
        in: body
        type: string
        description: The reporting period in YYYY-MM format.
      steps:
      - name: get-headcount
        type: call
        call: workday-hr.get-workers
        with:
          division: '{{division_code}}'
      - name: write-snowflake
        type: call
        call: snowflake-hr.insert-rows
        with:
          table: HR.HEADCOUNT_SNAPSHOTS
          data: '{{get-headcount.workers}}'
      - name: refresh-powerbi
        type: call
        call: powerbi-hr.trigger-refresh
        with:
          dataset_id: $secrets.powerbi_headcount_dataset_id
  consumes:
  - type: http
    namespace: workday-hr
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      inputParameters:
      - name: division
        in: query
      operations:
      - name: get-workers
        method: GET
  - type: http
    namespace: snowflake-hr
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: rows
      path: /statements
      inputParameters:
      - name: table
        in: body
      - name: data
        in: body
      operations:
      - name: insert-rows
        method: POST
  - type: http
    namespace: powerbi-hr
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: refresh
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Orchestrates customer order resolution workflow for Albertsons across customer-service, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Customer Order Resolution Workflow
  description: Orchestrates customer order resolution workflow for Albertsons across customer-service, salesforce, snowflake.
  tags:
  - customer-service
  - salesforce
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: customer-ops
    port: 8080
    tools:
    - name: customer-order-resolution-workflow
      description: Orchestrates customer order resolution workflow for Albertsons across customer-service, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM CUSTOMER_ORDER_RESOLUTION_WORKFLOW
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Customer Order Resolution Workflow — {{store_id}}
          category: customer-service
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Orchestrates eod reconciliation for Albertsons across store-ops, snowflake, sap.

naftiko: '0.5'
info:
  label: Eod Reconciliation
  description: Orchestrates eod reconciliation for Albertsons across store-ops, snowflake, sap.
  tags:
  - store-ops
  - snowflake
  - sap
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: finance-ops
    port: 8080
    tools:
    - name: eod-reconciliation
      description: Orchestrates eod reconciliation for Albertsons across store-ops, snowflake, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM EOD_RECONCILIATION
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Eod Reconciliation — {{store_id}}
          category: store-ops
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Looks up SAP vendor for Albertsons.

naftiko: '0.5'
info:
  label: SAP Vendor Lookup
  description: Looks up SAP vendor for Albertsons.
  tags:
  - procurement
  - sap
  - supply-chain
capability:
  exposes:
  - type: mcp
    namespace: erp
    port: 8080
    tools:
    - name: get-vendor
      description: Look up vendor.
      inputParameters:
      - name: vendor
        type: string
        description: Vendor number.
      call: sap.get-vendor
      with:
        vendor: '{{vendor}}'
      outputParameters:
      - name: name
        type: string
        mapping: $.d.SupplierName
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: suppliers
      path: /A_Supplier('{{vendor}}')
      inputParameters:
      - name: vendor
        in: path
      operations:
      - name: get-vendor
        method: GET

When a vendor invoice is submitted in SAP Ariba, retrieves the matching SAP purchase order, validates line-item amounts, and triggers approval or routes an exception. Streamlines Albertsons accounts payable three-way matching for grocery and pharmacy suppliers.

naftiko: '0.5'
info:
  label: SAP Ariba Vendor Invoice Approval
  description: When a vendor invoice is submitted in SAP Ariba, retrieves the matching SAP purchase order, validates line-item amounts, and triggers approval or routes an exception. Streamlines Albertsons accounts payable three-way matching for grocery and pharmacy suppliers.
  tags:
  - finance
  - procurement
  - sap-ariba
  - sap-s4hana
capability:
  exposes:
  - type: mcp
    namespace: ap-approval
    port: 8080
    tools:
    - name: process-vendor-invoice
      description: Given an Ariba invoice ID and SAP PO number, retrieve both records, validate amounts, and approve or flag an exception in Ariba. Use when a vendor invoice requires three-way match validation for Albertsons grocery or pharmacy suppliers.
      inputParameters:
      - name: invoice_id
        in: body
        type: string
        description: The SAP Ariba invoice ID to process.
      - name: po_number
        in: body
        type: string
        description: The related SAP purchase order number.
      steps:
      - name: get-ariba-invoice
        type: call
        call: sap-ariba-ap.get-invoice
        with:
          invoiceId: '{{invoice_id}}'
      - name: get-sap-po
        type: call
        call: sap-s4-ap.get-purchase-order
        with:
          PurchaseOrder: '{{po_number}}'
      - name: approve-invoice
        type: call
        call: sap-ariba-ap.approve-invoice
        with:
          invoiceId: '{{invoice_id}}'
          status: Approved
  consumes:
  - type: http
    namespace: sap-ariba-ap
    baseUri: https://openapi.ariba.com/api/invoice/v1
    authentication:
      type: apikey
      key: apiKey
      value: $secrets.ariba_api_key
      placement: query
    resources:
    - name: invoice
      path: /invoices/{{invoiceId}}
      inputParameters:
      - name: invoiceId
        in: path
      operations:
      - name: get-invoice
        method: GET
      - name: approve-invoice
        method: PATCH
  - type: http
    namespace: sap-s4-ap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_PURCHASEORDER_PROCESS_SRV
    authentication:
      type: basic
      username: $secrets.sap_s4_user
      password: $secrets.sap_s4_pass
    resources:
    - name: purchase-order
      path: /A_PurchaseOrder('{{PurchaseOrder}}')
      inputParameters:
      - name: PurchaseOrder
        in: path
      operations:
      - name: get-purchase-order
        method: GET

Queries SAP S/4HANA for Albertsons financial period close status across legal entities, identifies open posting periods, and triggers a Power BI executive finance dashboard refresh. Supports month-end close for retail finance.

naftiko: '0.5'
info:
  label: SAP Period Close Status Check
  description: Queries SAP S/4HANA for Albertsons financial period close status across legal entities, identifies open posting periods, and triggers a Power BI executive finance dashboard refresh. Supports month-end close for retail finance.
  tags:
  - finance
  - period-close
  - sap-s4hana
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: finance-close
    port: 8080
    tools:
    - name: get-period-close-status
      description: Given a fiscal year and period number, retrieve SAP posting period status and trigger a Power BI finance refresh. Use during month-end close to monitor financial period status for Albertsons divisions.
      inputParameters:
      - name: fiscal_year
        in: body
        type: string
        description: The fiscal year to check (e.g., 2025).
      - name: period
        in: body
        type: string
        description: The fiscal period number (e.g., 01 for January).
      steps:
      - name: get-posting-periods
        type: call
        call: sap-s4-close.get-posting-periods
        with:
          FiscalYear: '{{fiscal_year}}'
          FiscalPeriod: '{{period}}'
      - name: refresh-powerbi
        type: call
        call: powerbi-finance.trigger-refresh
        with:
          dataset_id: $secrets.powerbi_period_close_dataset_id
  consumes:
  - type: http
    namespace: sap-s4-close
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_FINANCIALACCOUNTING_SRV
    authentication:
      type: basic
      username: $secrets.sap_s4_user
      password: $secrets.sap_s4_pass
    resources:
    - name: posting-periods
      path: /A_FinancialAccountingPeriod
      inputParameters:
      - name: FiscalYear
        in: query
      - name: FiscalPeriod
        in: query
      operations:
      - name: get-posting-periods
        method: GET
  - type: http
    namespace: powerbi-finance
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: refresh
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Triggers GitHub Advanced Security code scanning on an Albertsons digital commerce or pharmacy repository, retrieves critical findings, and creates Jira security issues for remediation. Ensures PCI DSS compliance for cardholder data environments.

naftiko: '0.5'
info:
  label: GitHub Security Code Scan
  description: Triggers GitHub Advanced Security code scanning on an Albertsons digital commerce or pharmacy repository, retrieves critical findings, and creates Jira security issues for remediation. Ensures PCI DSS compliance for cardholder data environments.
  tags:
  - devops
  - security
  - github
  - jira
capability:
  exposes:
  - type: mcp
    namespace: code-security
    port: 8080
    tools:
    - name: scan-repository-security
      description: Given a GitHub repository name and branch, retrieve code scanning alerts for critical vulnerabilities and create Jira security issues. Use for pre-release PCI compliance validation of Albertsons payment and e-commerce repositories.
      inputParameters:
      - name: repo_owner
        in: body
        type: string
        description: The GitHub organization or owner name (e.g., albertsons-digital).
      - name: repo_name
        in: body
        type: string
        description: The repository name (e.g., checkout-api, pharmacy-portal).
      - name: branch
        in: body
        type: string
        description: The branch to scan (e.g., main, release/2025).
      steps:
      - name: get-code-alerts
        type: call
        call: github-sec.list-code-alerts
        with:
          owner: '{{repo_owner}}'
          repo: '{{repo_name}}'
          ref: '{{branch}}'
          severity: critical
      - name: create-jira-security-issue
        type: call
        call: jira-security.create-issue
        with:
          project_key: SEC
          summary: 'Security findings: {{repo_name}} on {{branch}}'
          description: '{{get-code-alerts.total_count}} critical findings detected. PCI remediation required.'
          issue_type: Bug
          priority: Critical
  consumes:
  - type: http
    namespace: github-sec
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: code-alerts
      path: /repos/{{owner}}/{{repo}}/code-scanning/alerts
      inputParameters:
      - name: owner
        in: path
      - name: repo
        in: path
      - name: ref
        in: query
      - name: severity
        in: query
      operations:
      - name: list-code-alerts
        method: GET
  - type: http
    namespace: jira-security
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: description
        in: body
      - name: issue_type
        in: body
      - name: priority
        in: body
      operations:
      - name: create-issue
        method: POST

Orchestrates app release pipeline for Albertsons across devops, github, datadog.

naftiko: '0.5'
info:
  label: App Release Pipeline
  description: Orchestrates app release pipeline for Albertsons across devops, github, datadog.
  tags:
  - devops
  - github
  - datadog
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: platform-ops
    port: 8080
    tools:
    - name: app-release-pipeline
      description: Orchestrates app release pipeline for Albertsons across devops, github, datadog.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: App Release Pipeline — {{store_id}}
          category: devops
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: check-repo
        type: call
        call: github.get-repo
        with:
          repo: albertsons/{{store_id}}
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: repos
      path: /repos/{{repo}}
      inputParameters:
      - name: repo
        in: path
      operations:
      - name: get-repo
        method: GET

When a Priority-1 incident impacting store POS or pharmacy systems is created in ServiceNow, retrieves Datadog alert context, pages the on-call engineer via PagerDuty, and notifies the store operations Teams channel. Ensures rapid resolution of retail-impacting outages across Albertsons' 2,200+ stores.

naftiko: '0.5'
info:
  label: Store IT Priority-1 Incident Triage
  description: When a Priority-1 incident impacting store POS or pharmacy systems is created in ServiceNow, retrieves Datadog alert context, pages the on-call engineer via PagerDuty, and notifies the store operations Teams channel. Ensures rapid resolution of retail-impacting outages across Albertsons' 2,200+ stores.
  tags:
  - itsm
  - incident-response
  - servicenow
  - datadog
  - pagerduty
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: it-ops
    port: 8080
    tools:
    - name: handle-store-p1-incident
      description: Given a ServiceNow incident number and Datadog monitor ID, retrieve alert context, page the on-call team via PagerDuty, and alert the store operations Teams channel. Use when a P1 incident affecting store POS, pharmacy, or loyalty systems is opened.
      inputParameters:
      - name: incident_number
        in: body
        type: string
        description: The ServiceNow incident number (e.g., INC0012345).
      - name: monitor_id
        in: body
        type: string
        description: The Datadog monitor ID for the triggering alert.
      - name: affected_system
        in: body
        type: string
        description: The name of the affected system (e.g., POS, pharmacy-rx, loyalty-api).
      steps:
      - name: get-snow-incident
        type: call
        call: servicenow-it.get-incident
        with:
          number: '{{incident_number}}'
      - name: get-datadog-monitor
        type: call
        call: datadog-it.get-monitor
        with:
          monitor_id: '{{monitor_id}}'
      - name: page-oncall
        type: call
        call: pagerduty-it.create-incident
        with:
          title: 'P1: {{get-snow-incident.short_description}} — {{affected_system}}'
          service_id: $secrets.pagerduty_store_service_id
          urgency: high
      - name: notify-store-ops
        type: call
        call: msteams-it.send-message
        with:
          channel_id: store-operations-alerts
          message: 'P1 ACTIVE: {{affected_system}} — {{get-snow-incident.short_description}}. PD: {{page-oncall.incident_number}}'
  consumes:
  - type: http
    namespace: servicenow-it
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_pass
    resources:
    - name: incident
      path: /table/incident
      inputParameters:
      - name: number
        in: query
      operations:
      - name: get-incident
        method: GET
  - type: http
    namespace: datadog-it
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: monitor
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: pagerduty-it
    baseUri: https://api.pagerduty.com
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.pagerduty_token
      placement: header
    resources:
    - name: incident
      path: /incidents
      inputParameters:
      - name: title
        in: body
      - name: service_id
        in: body
      - name: urgency
        in: body
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-it
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Fetches weekly promotion performance data from Snowflake and sends it to Anthropic Claude for natural language summarization, then posts the summary to the marketing Teams channel and a Confluence page. Accelerates promotion review for Albertsons marketing teams.

naftiko: '0.5'
info:
  label: AI-Assisted Grocery Promotion Performance Summarization
  description: Fetches weekly promotion performance data from Snowflake and sends it to Anthropic Claude for natural language summarization, then posts the summary to the marketing Teams channel and a Confluence page. Accelerates promotion review for Albertsons marketing teams.
  tags:
  - ai
  - marketing
  - anthropic
  - snowflake
  - confluence
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: promo-ai
    port: 8080
    tools:
    - name: summarize-promotion-performance
      description: Given a promotion ID and reporting week, retrieve performance metrics from Snowflake, send to Anthropic Claude for natural language summarization, and publish to Confluence and Teams. Use for weekly promotion performance reviews.
      inputParameters:
      - name: promotion_id
        in: body
        type: string
        description: The Albertsons promotion ID (e.g., PROMO-2025-WK14-FRESH).
      - name: report_week
        in: body
        type: string
        description: The ISO week identifier for the report (e.g., 2025-W14).
      steps:
      - name: get-promo-data
        type: call
        call: snowflake-promo.query-promotion
        with:
          promotion_id: '{{promotion_id}}'
          week: '{{report_week}}'
      - name: summarize-with-claude
        type: call
        call: anthropic-promo.create-message
        with:
          model: claude-opus-4-5
          max_tokens: 512
          messages: '[{"role":"user","content":"Summarize the following grocery promotion performance data for week {{report_week}}: {{get-promo-data.metrics}}"}]'
      - name: publish-confluence
        type: call
        call: confluence-promo.create-page
        with:
          space_key: MKT
          title: 'Promotion Summary: {{promotion_id}} — {{report_week}}'
          body: '{{summarize-with-claude.content}}'
      - name: notify-marketing-team
        type: call
        call: msteams-promo.send-message
        with:
          channel_id: marketing-analytics
          message: 'Promo summary for {{promotion_id}} ({{report_week}}) published. View: {{publish-confluence.url}}'
  consumes:
  - type: http
    namespace: snowflake-promo
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: promotion
      path: /statements
      inputParameters:
      - name: promotion_id
        in: body
      - name: week
        in: body
      operations:
      - name: query-promotion
        method: POST
  - type: http
    namespace: anthropic-promo
    baseUri: https://api.anthropic.com/v1
    authentication:
      type: apikey
      key: x-api-key
      value: $secrets.anthropic_api_key
      placement: header
    resources:
    - name: message
      path: /messages
      inputParameters:
      - name: model
        in: body
      - name: max_tokens
        in: body
      - name: messages
        in: body
      operations:
      - name: create-message
        method: POST
  - type: http
    namespace: confluence-promo
    baseUri: https://albertsons.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: page
      path: /content
      inputParameters:
      - name: space_key
        in: body
      - name: title
        in: body
      - name: body
        in: body
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: msteams-promo
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Submits a change request in ServiceNow for planned infrastructure or application changes, and notifies change advisory board approvers in Microsoft Teams. Supports Albertsons ITIL-compliant change governance for retail and e-commerce systems.

naftiko: '0.5'
info:
  label: ServiceNow Change Management Approval
  description: Submits a change request in ServiceNow for planned infrastructure or application changes, and notifies change advisory board approvers in Microsoft Teams. Supports Albertsons ITIL-compliant change governance for retail and e-commerce systems.
  tags:
  - itsm
  - change-management
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: change-mgmt
    port: 8080
    tools:
    - name: submit-change-request
      description: Given a change title, risk level, and planned start date, create a ServiceNow change request and notify the CAB approval group in Teams. Use when planned changes to Albertsons POS, loyalty, or e-commerce systems require formal approval.
      inputParameters:
      - name: change_title
        in: body
        type: string
        description: The change request title (e.g., SAP S/4HANA quarterly patch).
      - name: risk_level
        in: body
        type: string
        description: The change risk level (low, medium, high).
      - name: planned_start
        in: body
        type: string
        description: Planned start date and time in ISO 8601 format.
      - name: assigned_group
        in: body
        type: string
        description: The ServiceNow assignment group responsible for the change.
      steps:
      - name: create-change-request
        type: call
        call: servicenow-change.create-change
        with:
          short_description: '{{change_title}}'
          risk: '{{risk_level}}'
          start_date: '{{planned_start}}'
          assignment_group: '{{assigned_group}}'
      - name: notify-cab
        type: call
        call: msteams-change.send-message
        with:
          channel_id: cab-approvals
          message: 'New change request: {{change_title}} ({{risk_level}} risk). CHG: {{create-change-request.number}}. Planned: {{planned_start}}'
  consumes:
  - type: http
    namespace: servicenow-change
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_pass
    resources:
    - name: change
      path: /table/change_request
      inputParameters:
      - name: short_description
        in: body
      - name: risk
        in: body
      - name: start_date
        in: body
      - name: assignment_group
        in: body
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: msteams-change
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Checks SAP material availability for Albertsons.

naftiko: '0.5'
info:
  label: SAP Material Availability
  description: Checks SAP material availability for Albertsons.
  tags:
  - inventory
  - sap
  - supply-chain
capability:
  exposes:
  - type: mcp
    namespace: erp
    port: 8080
    tools:
    - name: check-material
      description: Check material availability.
      inputParameters:
      - name: material
        type: string
        description: Material.
      - name: plant
        type: string
        description: Plant.
      call: sap.get-stock
      with:
        material: '{{material}}'
        plant: '{{plant}}'
      outputParameters:
      - name: on_hand
        type: number
        mapping: $.d.Quantity
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: stock
      path: /A_MatlStkInAcctMod
      operations:
      - name: get-stock
        method: GET

Orchestrates employee promotion workflow for Albertsons across hr, workday, servicenow.

naftiko: '0.5'
info:
  label: Employee Promotion Workflow
  description: Orchestrates employee promotion workflow for Albertsons across hr, workday, servicenow.
  tags:
  - hr
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-ops
    port: 8080
    tools:
    - name: employee-promotion-workflow
      description: Orchestrates employee promotion workflow for Albertsons across hr, workday, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Employee Promotion Workflow — {{store_id}}
          category: hr
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Employee Promotion Workflow done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Orchestrates site incident response for Albertsons across e-commerce, datadog, servicenow.

naftiko: '0.5'
info:
  label: Site Incident Response
  description: Orchestrates site incident response for Albertsons across e-commerce, datadog, servicenow.
  tags:
  - e-commerce
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: platform-ops
    port: 8080
    tools:
    - name: site-incident-response
      description: Orchestrates site incident response for Albertsons across e-commerce, datadog, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Site Incident Response — {{store_id}}
          category: e-commerce
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Site Incident Response done.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates store inventory replenishment pipeline for Albertsons across inventory, snowflake, sap.

naftiko: '0.5'
info:
  label: Store Inventory Replenishment Pipeline
  description: Orchestrates store inventory replenishment pipeline for Albertsons across inventory, snowflake, sap.
  tags:
  - inventory
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: inventory-ops
    port: 8080
    tools:
    - name: store-inventory-replenishment-pipeline
      description: Orchestrates store inventory replenishment pipeline for Albertsons across inventory, snowflake, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM STORE_INVENTORY_REPLENISHMENT_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Store Inventory Replenishment Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Enrolls customers in Albertsons loyalty program by creating Salesforce profiles, syncing Snowflake data, and sending confirmations via Teams.

naftiko: '0.5'
info:
  label: Customer Loyalty Enrollment
  description: Enrolls customers in Albertsons loyalty program by creating Salesforce profiles, syncing Snowflake data, and sending confirmations via Teams.
  tags:
  - loyalty
  - salesforce
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: loyalty-ops
    port: 8080
    tools:
    - name: customer-loyalty-enrollment
      description: Enrolls customers in Albertsons loyalty by creating Salesforce profiles and syncing Snowflake data.
      inputParameters:
      - name: customer_email
        type: string
        description: Customer email.
      - name: store_id
        type: string
        description: Enrollment store.
      steps:
      - name: create-profile
        type: call
        call: salesforce.create-contact
        with:
          email: '{{customer_email}}'
          store: '{{store_id}}'
      - name: sync-data
        type: call
        call: snowflake.run-query
        with:
          statement: INSERT INTO LOYALTY_ENROLLMENTS VALUES ('{{customer_email}}', '{{store_id}}', CURRENT_TIMESTAMP())
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: loyalty-ops
          text: 'New loyalty enrollment: {{customer_email}} at Store {{store_id}}.'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: contacts
      path: /sobjects/Contact
      operations:
      - name: create-contact
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates warehouse capacity planner for Albertsons across supply-chain, snowflake, sap.

naftiko: '0.5'
info:
  label: Warehouse Capacity Planner
  description: Orchestrates warehouse capacity planner for Albertsons across supply-chain, snowflake, sap.
  tags:
  - supply-chain
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: logistics
    port: 8080
    tools:
    - name: warehouse-capacity-planner
      description: Orchestrates warehouse capacity planner for Albertsons across supply-chain, snowflake, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM WAREHOUSE_CAPACITY_PLANNER
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Warehouse Capacity Planner done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates daily ops report for Albertsons across store-ops, snowflake, datadog.

naftiko: '0.5'
info:
  label: Daily Ops Report
  description: Orchestrates daily ops report for Albertsons across store-ops, snowflake, datadog.
  tags:
  - store-ops
  - snowflake
  - datadog
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: store-ops
    port: 8080
    tools:
    - name: daily-ops-report
      description: Orchestrates daily ops report for Albertsons across store-ops, snowflake, datadog.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM DAILY_OPS_REPORT
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Daily Ops Report done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Searches contacts for Albertsons.

naftiko: '0.5'
info:
  label: Salesforce Contact Search
  description: Searches contacts for Albertsons.
  tags:
  - crm
  - salesforce
  - customer-service
capability:
  exposes:
  - type: mcp
    namespace: crm
    port: 8080
    tools:
    - name: search-contacts
      description: Search contacts.
      inputParameters:
      - name: email
        type: string
        description: Email.
      call: salesforce.search
      with:
        email: '{{email}}'
      outputParameters:
      - name: name
        type: string
        mapping: $.Name
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: contacts
      path: /parameterizedSearch/?q={{email}}&sobject=Contact
      inputParameters:
      - name: email
        in: query
      operations:
      - name: search
        method: GET

When a GitHub Actions pipeline fails on a critical retail or e-commerce repository, creates a Jira incident ticket, alerts the engineering team in Microsoft Teams, and logs the failure in Datadog. Supports Albertsons digital commerce platform reliability.

naftiko: '0.5'
info:
  label: CI/CD Pipeline Failure Response
  description: When a GitHub Actions pipeline fails on a critical retail or e-commerce repository, creates a Jira incident ticket, alerts the engineering team in Microsoft Teams, and logs the failure in Datadog. Supports Albertsons digital commerce platform reliability.
  tags:
  - devops
  - cicd
  - github
  - jira
  - datadog
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: cicd-ops
    port: 8080
    tools:
    - name: handle-pipeline-failure
      description: Given a GitHub repository name, workflow run ID, and branch, create a Jira incident, alert engineering in Teams, and log a Datadog event. Use when a CI/CD pipeline failure occurs on a critical branch for Albertsons digital systems.
      inputParameters:
      - name: repo_name
        in: body
        type: string
        description: The GitHub repository name (e.g., albertsons-ecommerce, pharmacy-api).
      - name: run_id
        in: body
        type: string
        description: The GitHub Actions workflow run ID.
      - name: branch
        in: body
        type: string
        description: The branch where the failure occurred (e.g., main, release/2025).
      steps:
      - name: create-jira-issue
        type: call
        call: jira-eng.create-issue
        with:
          project_key: ENG
          summary: 'Pipeline failure: {{repo_name}} on {{branch}}'
          issue_type: Bug
          priority: High
      - name: notify-engineering
        type: call
        call: msteams-eng.send-message
        with:
          channel_id: engineering-alerts
          message: 'CI/CD failure in {{repo_name}} ({{branch}}). Jira: {{create-jira-issue.key}}. Run: {{run_id}}'
      - name: log-datadog
        type: call
        call: datadog-cicd.create-event
        with:
          title: 'Pipeline failure: {{repo_name}}'
          text: Run {{run_id}} failed on {{branch}}
          tags: repo:{{repo_name}},branch:{{branch}}
  consumes:
  - type: http
    namespace: jira-eng
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: issue_type
        in: body
      - name: priority
        in: body
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-eng
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: datadog-cicd
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: event
      path: /events
      inputParameters:
      - name: title
        in: body
      - name: text
        in: body
      - name: tags
        in: body
      operations:
      - name: create-event
        method: POST

Orchestrates offboarding pipeline for Albertsons across hr, workday, servicenow.

naftiko: '0.5'
info:
  label: Offboarding Pipeline
  description: Orchestrates offboarding pipeline for Albertsons across hr, workday, servicenow.
  tags:
  - hr
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-ops
    port: 8080
    tools:
    - name: offboarding-pipeline
      description: Orchestrates offboarding pipeline for Albertsons across hr, workday, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Offboarding Pipeline — {{store_id}}
          category: hr
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Offboarding Pipeline done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Orchestrates staffing gap alerts for Albertsons across store-ops, workday, snowflake.

naftiko: '0.5'
info:
  label: Staffing Gap Alerts
  description: Orchestrates staffing gap alerts for Albertsons across store-ops, workday, snowflake.
  tags:
  - store-ops
  - workday
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: workforce
    port: 8080
    tools:
    - name: staffing-gap-alerts
      description: Orchestrates staffing gap alerts for Albertsons across store-ops, workday, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM STAFFING_GAP_ALERTS
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Staffing Gap Alerts done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Retrieves PTO balance for Albertsons.

naftiko: '0.5'
info:
  label: Workday PTO Balance
  description: Retrieves PTO balance for Albertsons.
  tags:
  - hr
  - workday
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: hr
    port: 8080
    tools:
    - name: get-pto
      description: Check PTO balance.
      inputParameters:
      - name: worker_id
        type: string
        description: Worker ID.
      call: workday.get-pto
      with:
        worker_id: '{{worker_id}}'
      outputParameters:
      - name: available
        type: number
        mapping: $.timeOff.available
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: time-off
      path: /albertsons/workers/{{worker_id}}/timeOff
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-pto
        method: GET

Orchestrates it incident escalation for Albertsons across infrastructure, datadog, servicenow.

naftiko: '0.5'
info:
  label: It Incident Escalation
  description: Orchestrates it incident escalation for Albertsons across infrastructure, datadog, servicenow.
  tags:
  - infrastructure
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: it-ops
    port: 8080
    tools:
    - name: it-incident-escalation
      description: Orchestrates it incident escalation for Albertsons across infrastructure, datadog, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: It Incident Escalation — {{store_id}}
          category: infrastructure
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: It Incident Escalation done.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Schedules bakery production for Albertsons by pulling Snowflake demand data, checking SAP ingredients, and notifying bakers via Teams.

naftiko: '0.5'
info:
  label: Bakery Production Schedule
  description: Schedules bakery production for Albertsons by pulling Snowflake demand data, checking SAP ingredients, and notifying bakers via Teams.
  tags:
  - store-ops
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: store-ops
    port: 8080
    tools:
    - name: bakery-production-schedule
      description: Schedules bakery production for Albertsons by pulling Snowflake demand and checking SAP ingredients.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: date
        type: string
        description: Production date.
      steps:
      - name: get-demand
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT item, projected_qty FROM BAKERY_DEMAND WHERE store='{{store_id}}' AND date='{{date}}'
      - name: check-ingredients
        type: call
        call: sap.get-stock
        with:
          plant: '{{store_id}}'
          category: bakery
      - name: notify-bakers
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-bakery
          text: Bakery production schedule for {{date}} is ready.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: stock
      path: /A_MatlStkInAcctMod
      operations:
      - name: get-stock
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates inventory audit pipeline for Albertsons across inventory, sap, snowflake.

naftiko: '0.5'
info:
  label: Inventory Audit Pipeline
  description: Orchestrates inventory audit pipeline for Albertsons across inventory, sap, snowflake.
  tags:
  - inventory
  - sap
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: inventory-ops
    port: 8080
    tools:
    - name: inventory-audit-pipeline
      description: Orchestrates inventory audit pipeline for Albertsons across inventory, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM INVENTORY_AUDIT_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Inventory Audit Pipeline — {{store_id}}
          category: inventory
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Orchestrates associate onboarding flow for Albertsons across hr, workday, servicenow.

naftiko: '0.5'
info:
  label: Associate Onboarding Flow
  description: Orchestrates associate onboarding flow for Albertsons across hr, workday, servicenow.
  tags:
  - hr
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-ops
    port: 8080
    tools:
    - name: associate-onboarding-flow
      description: Orchestrates associate onboarding flow for Albertsons across hr, workday, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Associate Onboarding Flow — {{store_id}}
          category: hr
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Associate Onboarding Flow done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Audits meat department compliance for Albertsons by pulling ServiceNow inspection data, checking Snowflake temperature logs, and notifying via Teams.

naftiko: '0.5'
info:
  label: Meat Department Compliance Audit
  description: Audits meat department compliance for Albertsons by pulling ServiceNow inspection data, checking Snowflake temperature logs, and notifying via Teams.
  tags:
  - compliance
  - servicenow
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: compliance
    port: 8080
    tools:
    - name: meat-department-compliance-audit
      description: Audits meat department compliance for Albertsons by pulling inspections and temperature logs.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: date
        type: string
        description: Audit date.
      steps:
      - name: get-inspections
        type: call
        call: servicenow.get-tasks
        with:
          store: '{{store_id}}'
          category: meat_compliance
      - name: check-temps
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT zone, avg_temp, max_temp FROM MEAT_TEMP_LOGS WHERE store='{{store_id}}' AND date='{{date}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: compliance-audits
          text: Meat dept compliance audit for Store {{store_id}} on {{date}} complete.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: get-tasks
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Sends Teams notification for Albertsons.

naftiko: '0.5'
info:
  label: Teams Notification
  description: Sends Teams notification for Albertsons.
  tags:
  - communication
  - microsoft-teams
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: messaging
    port: 8080
    tools:
    - name: send-notif
      description: Send notification.
      inputParameters:
      - name: channel
        type: string
        description: Channel.
      - name: text
        type: string
        description: Message.
      call: msteams.send
      with:
        channel: '{{channel}}'
        text: '{{text}}'
      outputParameters:
      - name: id
        type: string
        mapping: $.id
  consumes:
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel}}/messages
      operations:
      - name: send
        method: POST

Orchestrates benefits enrollment pipeline for Albertsons across hr, workday, servicenow.

naftiko: '0.5'
info:
  label: Benefits Enrollment Pipeline
  description: Orchestrates benefits enrollment pipeline for Albertsons across hr, workday, servicenow.
  tags:
  - hr
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-ops
    port: 8080
    tools:
    - name: benefits-enrollment-pipeline
      description: Orchestrates benefits enrollment pipeline for Albertsons across hr, workday, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Benefits Enrollment Pipeline — {{store_id}}
          category: hr
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Benefits Enrollment Pipeline done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Triggers a Power BI dataset refresh for the Albertsons executive store sales dashboard and notifies the retail leadership team in Microsoft Teams. Ensures leadership has current same-store sales and division performance data.

naftiko: '0.5'
info:
  label: Power BI Store Sales Executive Dashboard Refresh
  description: Triggers a Power BI dataset refresh for the Albertsons executive store sales dashboard and notifies the retail leadership team in Microsoft Teams. Ensures leadership has current same-store sales and division performance data.
  tags:
  - reporting
  - power-bi
  - microsoft-teams
  - retail
capability:
  exposes:
  - type: mcp
    namespace: store-reporting
    port: 8080
    tools:
    - name: refresh-sales-dashboard
      description: Given a Power BI dataset ID and reporting date, trigger a refresh of the store sales executive dashboard and notify retail leadership in Teams. Use at the start of each business day or before executive sales reviews.
      inputParameters:
      - name: dataset_id
        in: body
        type: string
        description: The Power BI dataset ID for the store sales dashboard.
      - name: report_date
        in: body
        type: string
        description: The reporting date in YYYY-MM-DD format.
      steps:
      - name: trigger-powerbi-refresh
        type: call
        call: powerbi-store.trigger-refresh
        with:
          dataset_id: '{{dataset_id}}'
      - name: notify-retail-leadership
        type: call
        call: msteams-store.send-message
        with:
          channel_id: retail-leadership
          message: 'Store sales dashboard refreshed for {{report_date}}. Dataset: {{dataset_id}}'
  consumes:
  - type: http
    namespace: powerbi-store
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: refresh
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST
  - type: http
    namespace: msteams-store
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Queries Snowflake for the execution status of retail data ingestion pipelines covering sales, inventory, and loyalty data feeds, identifies failures, and creates Jira tickets for data engineering remediation.

naftiko: '0.5'
info:
  label: Snowflake Retail Data Pipeline Health Check
  description: Queries Snowflake for the execution status of retail data ingestion pipelines covering sales, inventory, and loyalty data feeds, identifies failures, and creates Jira tickets for data engineering remediation.
  tags:
  - data
  - analytics
  - snowflake
  - jira
  - retail
capability:
  exposes:
  - type: mcp
    namespace: data-ops
    port: 8080
    tools:
    - name: check-retail-pipeline-health
      description: Given a pipeline prefix and lookback window in hours, query Snowflake task history for failures and open Jira tickets for each failed pipeline. Use for daily retail data pipeline health reviews.
      inputParameters:
      - name: pipeline_prefix
        in: body
        type: string
        description: The Snowflake task name prefix (e.g., SALES_, INVENTORY_, LOYALTY_).
      - name: lookback_hours
        in: body
        type: integer
        description: Number of hours to look back for failed pipeline tasks.
      steps:
      - name: query-snowflake-tasks
        type: call
        call: snowflake-data.query-tasks
        with:
          prefix: '{{pipeline_prefix}}'
          hours: '{{lookback_hours}}'
      - name: create-jira-task
        type: call
        call: jira-data.create-issue
        with:
          project_key: DATA
          summary: 'Retail pipeline failures: {{pipeline_prefix}}'
          description: '{{query-snowflake-tasks.failed_count}} tasks failed in the last {{lookback_hours}} hours.'
          issue_type: Task
  consumes:
  - type: http
    namespace: snowflake-data
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: tasks
      path: /statements
      inputParameters:
      - name: prefix
        in: body
      - name: hours
        in: body
      operations:
      - name: query-tasks
        method: POST
  - type: http
    namespace: jira-data
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: description
        in: body
      - name: issue_type
        in: body
      operations:
      - name: create-issue
        method: POST

Orchestrates store opening readiness check for Albertsons across store-ops, datadog, workday.

naftiko: '0.5'
info:
  label: Store Opening Readiness Check
  description: Orchestrates store opening readiness check for Albertsons across store-ops, datadog, workday.
  tags:
  - store-ops
  - datadog
  - workday
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: store-ops
    port: 8080
    tools:
    - name: store-opening-readiness-check
      description: Orchestrates store opening readiness check for Albertsons across store-ops, datadog, workday.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Store Opening Readiness Check done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Orchestrates security incident handler for Albertsons across security, servicenow, datadog.

naftiko: '0.5'
info:
  label: Security Incident Handler
  description: Orchestrates security incident handler for Albertsons across security, servicenow, datadog.
  tags:
  - security
  - servicenow
  - datadog
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: security-ops
    port: 8080
    tools:
    - name: security-incident-handler
      description: Orchestrates security incident handler for Albertsons across security, servicenow, datadog.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Security Incident Handler — {{store_id}}
          category: security
      - name: check-health
        type: call
        call: datadog.get-monitor
        with:
          monitor_id: store-{{store_id}}
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Security Incident Handler done.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates marketing roi tracker for Albertsons across marketing, snowflake, salesforce.

naftiko: '0.5'
info:
  label: Marketing Roi Tracker
  description: Orchestrates marketing roi tracker for Albertsons across marketing, snowflake, salesforce.
  tags:
  - marketing
  - snowflake
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: marketing-ops
    port: 8080
    tools:
    - name: marketing-roi-tracker
      description: Orchestrates marketing roi tracker for Albertsons across marketing, snowflake, salesforce.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM MARKETING_ROI_TRACKER
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Marketing Roi Tracker done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Retrieves Net Promoter Score survey responses from Salesforce for Albertsons store shoppers, computes NPS by banner and region, and writes the results to Snowflake for the customer experience analytics team.

naftiko: '0.5'
info:
  label: Salesforce Customer NPS Survey Sync
  description: Retrieves Net Promoter Score survey responses from Salesforce for Albertsons store shoppers, computes NPS by banner and region, and writes the results to Snowflake for the customer experience analytics team.
  tags:
  - crm
  - customer-experience
  - salesforce
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: cx-analytics
    port: 8080
    tools:
    - name: sync-nps-survey-results
      description: Given a date range and store banner filter, retrieve NPS survey responses from Salesforce, and write aggregate results to Snowflake. Use for weekly CX reporting across Albertsons, Safeway, Vons, and other banners.
      inputParameters:
      - name: date_from
        in: body
        type: string
        description: Start date for NPS survey retrieval in YYYY-MM-DD format.
      - name: date_to
        in: body
        type: string
        description: End date for NPS survey retrieval in YYYY-MM-DD format.
      - name: banner
        in: body
        type: string
        description: The store banner to filter (e.g., ALBERTSONS, SAFEWAY, VONS, ALL).
      steps:
      - name: get-nps-responses
        type: call
        call: salesforce-nps.query-surveys
        with:
          q: SELECT Id, ABS_NPS_Score__c, ABS_Banner__c, ABS_Region__c, CreatedDate FROM ABS_Survey__c WHERE CreatedDate >= {{date_from}} AND CreatedDate <= {{date_to}} AND ABS_Banner__c = '{{banner}}'
      - name: write-snowflake-nps
        type: call
        call: snowflake-nps.insert-rows
        with:
          table: CX.NPS_SURVEY_RESPONSES
          data: '{{get-nps-responses.records}}'
  consumes:
  - type: http
    namespace: salesforce-nps
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: surveys
      path: /query
      inputParameters:
      - name: q
        in: query
      operations:
      - name: query-surveys
        method: GET
  - type: http
    namespace: snowflake-nps
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: rows
      path: /statements
      inputParameters:
      - name: table
        in: body
      - name: data
        in: body
      operations:
      - name: insert-rows
        method: POST

Checks change request for Albertsons.

naftiko: '0.5'
info:
  label: ServiceNow Change Status
  description: Checks change request for Albertsons.
  tags:
  - itsm
  - servicenow
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: itsm
    port: 8080
    tools:
    - name: get-change
      description: Look up change.
      inputParameters:
      - name: change
        type: string
        description: Change number.
      call: servicenow.get-change
      with:
        change: '{{change}}'
      outputParameters:
      - name: state
        type: string
        mapping: $.result.state
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: changes
      path: /table/change_request?sysparm_query=number={{change}}
      inputParameters:
      - name: change
        in: query
      operations:
      - name: get-change
        method: GET

Retrieves payroll results from Workday for a pay cycle, compares totals against the prior period stored in Snowflake, and creates a Jira variance review task if the delta exceeds threshold. Supports Albertsons payroll integrity across all divisions and employment types.

naftiko: '0.5'
info:
  label: Workday Payroll Reconciliation
  description: Retrieves payroll results from Workday for a pay cycle, compares totals against the prior period stored in Snowflake, and creates a Jira variance review task if the delta exceeds threshold. Supports Albertsons payroll integrity across all divisions and employment types.
  tags:
  - hr
  - payroll
  - workday
  - snowflake
  - jira
capability:
  exposes:
  - type: mcp
    namespace: payroll-ops
    port: 8080
    tools:
    - name: reconcile-payroll
      description: Given a Workday pay group ID and variance threshold percentage, retrieve payroll totals, compare against prior period from Snowflake, and create a Jira review task if variance exceeds the threshold. Use for weekly or bi-weekly payroll reconciliation.
      inputParameters:
      - name: pay_group_id
        in: body
        type: string
        description: The Workday pay group ID (e.g., WEEKLY-STORE, BIWEEKLY-CORP).
      - name: variance_threshold_pct
        in: body
        type: number
        description: The percentage variance above which a Jira review task is created (e.g., 3.0 for 3%).
      steps:
      - name: get-payroll-results
        type: call
        call: workday-payroll.get-pay-run
        with:
          pay_group_id: '{{pay_group_id}}'
      - name: query-prior-period
        type: call
        call: snowflake-payroll.query-prior
        with:
          pay_group_id: '{{pay_group_id}}'
      - name: create-variance-task
        type: call
        call: jira-payroll.create-issue
        with:
          project_key: PAY
          summary: 'Payroll variance: {{pay_group_id}}'
          description: Variance above {{variance_threshold_pct}}% detected versus prior period. Finance review required.
          issue_type: Task
  consumes:
  - type: http
    namespace: workday-payroll
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: pay-run
      path: /albertsons/payrollResults
      inputParameters:
      - name: pay_group_id
        in: query
      operations:
      - name: get-pay-run
        method: GET
  - type: http
    namespace: snowflake-payroll
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: prior
      path: /statements
      inputParameters:
      - name: pay_group_id
        in: body
      operations:
      - name: query-prior
        method: POST
  - type: http
    namespace: jira-payroll
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: description
        in: body
      - name: issue_type
        in: body
      operations:
      - name: create-issue
        method: POST

Orchestrates vendor invoice matching pipeline for Albertsons across procurement, sap, servicenow.

naftiko: '0.5'
info:
  label: Vendor Invoice Matching Pipeline
  description: Orchestrates vendor invoice matching pipeline for Albertsons across procurement, sap, servicenow.
  tags:
  - procurement
  - sap
  - servicenow
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: finance-ops
    port: 8080
    tools:
    - name: vendor-invoice-matching-pipeline
      description: Orchestrates vendor invoice matching pipeline for Albertsons across procurement, sap, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM VENDOR_INVOICE_MATCHING_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Vendor Invoice Matching Pipeline — {{store_id}}
          category: procurement
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Queries Snowflake sales data for Albertsons.

naftiko: '0.5'
info:
  label: Snowflake Sales Query
  description: Queries Snowflake sales data for Albertsons.
  tags:
  - analytics
  - snowflake
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: query-sales
      description: Query sales data.
      inputParameters:
      - name: store_id
        type: string
        description: Store ID.
      - name: period
        type: string
        description: Period.
      call: snowflake.run-query
      with:
        store_id: '{{store_id}}'
        period: '{{period}}'
      outputParameters:
      - name: revenue
        type: number
        mapping: $.data[0].REVENUE
      - name: count
        type: integer
        mapping: $.data[0].TXN_COUNT
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST

Checks synthetic test for Albertsons.

naftiko: '0.5'
info:
  label: Datadog Synthetic Test
  description: Checks synthetic test for Albertsons.
  tags:
  - monitoring
  - datadog
  - e-commerce
capability:
  exposes:
  - type: mcp
    namespace: monitoring
    port: 8080
    tools:
    - name: get-synthetic
      description: Check synthetic.
      inputParameters:
      - name: test_id
        type: string
        description: Test ID.
      call: datadog.get-test
      with:
        test_id: '{{test_id}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.results[0].status
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: synthetics
      path: /synthetics/tests/{{test_id}}/results
      inputParameters:
      - name: test_id
        in: path
      operations:
      - name: get-test
        method: GET

Plans deli production for Albertsons by pulling Snowflake demand forecasts, checking SAP ingredient inventory, and notifying deli teams via Teams.

naftiko: '0.5'
info:
  label: Deli Production Planning
  description: Plans deli production for Albertsons by pulling Snowflake demand forecasts, checking SAP ingredient inventory, and notifying deli teams via Teams.
  tags:
  - store-ops
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: store-ops
    port: 8080
    tools:
    - name: deli-production-planning
      description: Plans deli production for Albertsons by pulling Snowflake demand forecasts and SAP ingredient checks.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: date
        type: string
        description: Production date.
      steps:
      - name: get-demand
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT item, projected_qty FROM DELI_DEMAND WHERE store='{{store_id}}' AND date='{{date}}'
      - name: check-ingredients
        type: call
        call: sap.get-stock
        with:
          plant: '{{store_id}}'
          category: deli_ingredients
      - name: notify-deli
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-deli
          text: Deli production plan for {{date}} is ready.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: stock
      path: /A_MatlStkInAcctMod
      operations:
      - name: get-stock
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates supply chain delay handler for Albertsons across supply-chain, sap, servicenow.

naftiko: '0.5'
info:
  label: Supply Chain Delay Handler
  description: Orchestrates supply chain delay handler for Albertsons across supply-chain, sap, servicenow.
  tags:
  - supply-chain
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: supply-chain-ops
    port: 8080
    tools:
    - name: supply-chain-delay-handler
      description: Orchestrates supply chain delay handler for Albertsons across supply-chain, sap, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Supply Chain Delay Handler — {{store_id}}
          category: supply-chain
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Supply Chain Delay Handler done.
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions a Microsoft Teams workspace, and sends a welcome notification to the hiring manager. Ensures day-one readiness for Albertsons store, pharmacy, and corporate staff.

naftiko: '0.5'
info:
  label: New Employee Onboarding Orchestration
  description: When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions a Microsoft Teams workspace, and sends a welcome notification to the hiring manager. Ensures day-one readiness for Albertsons store, pharmacy, and corporate staff.
  tags:
  - hr
  - onboarding
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-onboarding
    port: 8080
    tools:
    - name: trigger-employee-onboarding
      description: Given a Workday worker ID and start date, orchestrate the full onboarding sequence across ServiceNow for ticket creation and Microsoft Teams for welcome notification. Invoke when a new hire record is confirmed in Workday.
      inputParameters:
      - name: employee_id
        in: body
        type: string
        description: The Workday worker ID for the new hire.
      - name: start_date
        in: body
        type: string
        description: The new hire's start date in ISO 8601 format (YYYY-MM-DD).
      - name: department
        in: body
        type: string
        description: The department the employee is joining (e.g., Store Ops, Pharmacy, Corporate).
      steps:
      - name: get-worker
        type: call
        call: workday-onboard.get-worker
        with:
          employee_id: '{{employee_id}}'
      - name: create-onboarding-ticket
        type: call
        call: servicenow-onboard.create-incident
        with:
          short_description: 'Onboarding: {{get-worker.display_name}}'
          caller_id: '{{get-worker.manager_email}}'
          assignment_group: IT Onboarding
      - name: notify-manager
        type: call
        call: msteams-hr.send-message
        with:
          channel_id: '{{department}}-general'
          message: 'Welcome {{get-worker.display_name}} joining on {{start_date}}! Ticket: {{create-onboarding-ticket.number}}'
  consumes:
  - type: http
    namespace: workday-onboard
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: worker
      path: /albertsons/workers/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: servicenow-onboard
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_pass
    resources:
    - name: incident
      path: /table/incident
      inputParameters:
      - name: short_description
        in: body
      - name: caller_id
        in: body
      - name: assignment_group
        in: body
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-hr
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates churn prevention pipeline for Albertsons across loyalty, snowflake, salesforce.

naftiko: '0.5'
info:
  label: Churn Prevention Pipeline
  description: Orchestrates churn prevention pipeline for Albertsons across loyalty, snowflake, salesforce.
  tags:
  - loyalty
  - snowflake
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: loyalty-ops
    port: 8080
    tools:
    - name: churn-prevention-pipeline
      description: Orchestrates churn prevention pipeline for Albertsons across loyalty, snowflake, salesforce.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM CHURN_PREVENTION_PIPELINE
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Churn Prevention Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates supplier onboarding flow for Albertsons across supply-chain, sap, servicenow.

naftiko: '0.5'
info:
  label: Supplier Onboarding Flow
  description: Orchestrates supplier onboarding flow for Albertsons across supply-chain, sap, servicenow.
  tags:
  - supply-chain
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: procurement-ops
    port: 8080
    tools:
    - name: supplier-onboarding-flow
      description: Orchestrates supplier onboarding flow for Albertsons across supply-chain, sap, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Supplier Onboarding Flow — {{store_id}}
          category: supply-chain
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Supplier Onboarding Flow done.
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

When an employee departure is confirmed in Workday, deactivates the Microsoft Entra ID account and notifies the manager via Teams. Ensures complete offboarding for Albertsons store, pharmacy, and corporate employees.

naftiko: '0.5'
info:
  label: Employee Offboarding Orchestration
  description: When an employee departure is confirmed in Workday, deactivates the Microsoft Entra ID account and notifies the manager via Teams. Ensures complete offboarding for Albertsons store, pharmacy, and corporate employees.
  tags:
  - hr
  - offboarding
  - workday
  - microsoft-entra
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-offboarding
    port: 8080
    tools:
    - name: trigger-employee-offboarding
      description: Given a Workday employee ID and last working day, disable the Entra ID account and notify the manager in Teams. Use when an employee departure is confirmed in Workday.
      inputParameters:
      - name: employee_id
        in: body
        type: string
        description: The Workday worker ID of the departing employee.
      - name: last_working_day
        in: body
        type: string
        description: The employee's last working day in ISO 8601 format (YYYY-MM-DD).
      steps:
      - name: get-worker
        type: call
        call: workday-off.get-worker
        with:
          employee_id: '{{employee_id}}'
      - name: disable-entra-account
        type: call
        call: entra-id.disable-user
        with:
          userPrincipalName: '{{get-worker.email}}'
          accountEnabled: false
      - name: notify-manager
        type: call
        call: msteams-off.send-message
        with:
          channel_id: '{{get-worker.manager_email}}'
          message: 'Offboarding complete for {{get-worker.display_name}}. Last day: {{last_working_day}}. Account deactivated.'
  consumes:
  - type: http
    namespace: workday-off
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: worker
      path: /albertsons/workers/{{employee_id}}
      inputParameters:
      - name: employee_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: entra-id
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: user
      path: /users/{{userPrincipalName}}
      inputParameters:
      - name: userPrincipalName
        in: path
      - name: accountEnabled
        in: body
      operations:
      - name: disable-user
        method: PATCH
  - type: http
    namespace: msteams-off
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /users/{{channel_id}}/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates payment processing pipeline for Albertsons across procurement, sap, snowflake.

naftiko: '0.5'
info:
  label: Payment Processing Pipeline
  description: Orchestrates payment processing pipeline for Albertsons across procurement, sap, snowflake.
  tags:
  - procurement
  - sap
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: finance-ops
    port: 8080
    tools:
    - name: payment-processing-pipeline
      description: Orchestrates payment processing pipeline for Albertsons across procurement, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM PAYMENT_PROCESSING_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Payment Processing Pipeline — {{store_id}}
          category: procurement
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Manages curbside pickup for Albertsons by checking Salesforce orders, verifying Snowflake inventory, and notifying associates via Teams.

naftiko: '0.5'
info:
  label: Curbside Pickup Workflow
  description: Manages curbside pickup for Albertsons by checking Salesforce orders, verifying Snowflake inventory, and notifying associates via Teams.
  tags:
  - e-commerce
  - salesforce
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: ecommerce-ops
    port: 8080
    tools:
    - name: curbside-pickup-workflow
      description: Manages curbside pickup for Albertsons by checking orders and verifying inventory.
      inputParameters:
      - name: order_id
        type: string
        description: Order identifier.
      - name: store_id
        type: string
        description: Pickup store.
      steps:
      - name: get-order
        type: call
        call: salesforce.get-order
        with:
          order_id: '{{order_id}}'
      - name: verify-inventory
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT sku, available_qty FROM STORE_INVENTORY WHERE store='{{store_id}}' AND sku IN (SELECT sku FROM ORDER_ITEMS WHERE order_id='{{order_id}}')
      - name: notify-associate
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-curbside
          text: Curbside order {{order_id}} ready for picking.
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: orders
      path: /sobjects/Order/{{order_id}}
      inputParameters:
      - name: order_id
        in: path
      operations:
      - name: get-order
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates vendor performance scorecard for Albertsons across supply-chain, sap, snowflake.

naftiko: '0.5'
info:
  label: Vendor Performance Scorecard
  description: Orchestrates vendor performance scorecard for Albertsons across supply-chain, sap, snowflake.
  tags:
  - supply-chain
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: procurement-ops
    port: 8080
    tools:
    - name: vendor-performance-scorecard
      description: Orchestrates vendor performance scorecard for Albertsons across supply-chain, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM VENDOR_PERFORMANCE_SCORECARD
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Vendor Performance Scorecard done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates shrinkage investigation for Albertsons across store-ops, snowflake, servicenow.

naftiko: '0.5'
info:
  label: Shrinkage Investigation
  description: Orchestrates shrinkage investigation for Albertsons across store-ops, snowflake, servicenow.
  tags:
  - store-ops
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: loss-prevention
    port: 8080
    tools:
    - name: shrinkage-investigation
      description: Orchestrates shrinkage investigation for Albertsons across store-ops, snowflake, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM SHRINKAGE_INVESTIGATION
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Shrinkage Investigation — {{store_id}}
          category: store-ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Shrinkage Investigation done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Retrieves purchase order details from SAP S/4HANA given a PO number. Used by Albertsons procurement and finance teams to verify order status, vendor, and line-item details without accessing the ERP UI.

naftiko: '0.5'
info:
  label: SAP Purchase Order Lookup
  description: Retrieves purchase order details from SAP S/4HANA given a PO number. Used by Albertsons procurement and finance teams to verify order status, vendor, and line-item details without accessing the ERP UI.
  tags:
  - finance
  - procurement
  - sap-s4hana
capability:
  exposes:
  - type: mcp
    namespace: procurement
    port: 8080
    tools:
    - name: get-purchase-order
      description: Given a SAP purchase order number, retrieve full PO details including vendor, line items, delivery date, and status from SAP S/4HANA. Use when an agent or user needs to verify grocery or pharmacy procurement PO data.
      inputParameters:
      - name: po_number
        in: body
        type: string
        description: The SAP purchase order number (e.g., 4500098765).
      call: sap-s4.get-purchase-order
      with:
        PurchaseOrder: '{{po_number}}'
      outputParameters:
      - name: vendor
        type: string
        mapping: $.d.Supplier
      - name: status
        type: string
        mapping: $.d.PurchaseOrderStatus
      - name: total_net_amount
        type: string
        mapping: $.d.PurchaseOrderNetAmount
  consumes:
  - type: http
    namespace: sap-s4
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_PURCHASEORDER_PROCESS_SRV
    authentication:
      type: basic
      username: $secrets.sap_s4_user
      password: $secrets.sap_s4_pass
    resources:
    - name: purchase-order
      path: /A_PurchaseOrder('{{PurchaseOrder}}')
      inputParameters:
      - name: PurchaseOrder
        in: path
      operations:
      - name: get-purchase-order
        method: GET

Checks Datadog monitor status for Albertsons.

naftiko: '0.5'
info:
  label: Datadog Monitor Health
  description: Checks Datadog monitor status for Albertsons.
  tags:
  - monitoring
  - datadog
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: monitoring
    port: 8080
    tools:
    - name: check-monitor
      description: Check Datadog monitor.
      inputParameters:
      - name: monitor_id
        type: string
        description: Monitor ID.
      call: datadog.get-monitor
      with:
        monitor_id: '{{monitor_id}}'
      outputParameters:
      - name: state
        type: string
        mapping: $.overall_state
      - name: name
        type: string
        mapping: $.name
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: bearer
      token: $secrets.datadog_api_key
    resources:
    - name: monitors
      path: /monitor/{{monitor_id}}
      inputParameters:
      - name: monitor_id
        in: path
      operations:
      - name: get-monitor
        method: GET

Manages perishable markdowns for Albertsons by analyzing Snowflake expiration data, updating SAP prices, and notifying stores via Teams.

naftiko: '0.5'
info:
  label: Perishable Markdown Pipeline
  description: Manages perishable markdowns for Albertsons by analyzing Snowflake expiration data, updating SAP prices, and notifying stores via Teams.
  tags:
  - e-commerce
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: pricing-ops
    port: 8080
    tools:
    - name: perishable-markdown-pipeline
      description: Manages perishable markdowns for Albertsons by analyzing Snowflake expiration data and updating SAP.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: date
        type: string
        description: Date.
      steps:
      - name: get-expiring
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT sku, expiry_date, current_price FROM PERISHABLE_INVENTORY WHERE store='{{store_id}}' AND expiry_date <= DATEADD(day, 2, '{{date}}')
      - name: update-prices
        type: call
        call: sap.update-pricing
        with:
          plant: '{{store_id}}'
          markdown_type: perishable
      - name: notify-store
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-ops
          text: Perishable markdowns applied for {{date}}.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_SLSPRICINGCONDITIONRECORD_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: pricing
      path: /A_SlsPrcgCndnRecdValidity
      operations:
      - name: update-pricing
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates catalog sync pipeline for Albertsons across inventory, sap, snowflake.

naftiko: '0.5'
info:
  label: Catalog Sync Pipeline
  description: Orchestrates catalog sync pipeline for Albertsons across inventory, sap, snowflake.
  tags:
  - inventory
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: merchandising
    port: 8080
    tools:
    - name: catalog-sync-pipeline
      description: Orchestrates catalog sync pipeline for Albertsons across inventory, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM CATALOG_SYNC_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Catalog Sync Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates compliance review pipeline for Albertsons across compliance, servicenow, snowflake.

naftiko: '0.5'
info:
  label: Compliance Review Pipeline
  description: Orchestrates compliance review pipeline for Albertsons across compliance, servicenow, snowflake.
  tags:
  - compliance
  - servicenow
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: compliance
    port: 8080
    tools:
    - name: compliance-review-pipeline
      description: Orchestrates compliance review pipeline for Albertsons across compliance, servicenow, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM COMPLIANCE_REVIEW_PIPELINE
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Compliance Review Pipeline — {{store_id}}
          category: compliance
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Compliance Review Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Tracks grocery deliveries for Albertsons by checking SAP shipment status, updating Snowflake logistics, and notifying stores via Teams.

naftiko: '0.5'
info:
  label: Grocery Delivery Tracking
  description: Tracks grocery deliveries for Albertsons by checking SAP shipment status, updating Snowflake logistics, and notifying stores via Teams.
  tags:
  - supply-chain
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: logistics
    port: 8080
    tools:
    - name: grocery-delivery-tracking
      description: Tracks grocery deliveries for Albertsons by checking SAP shipment status and updating Snowflake logistics.
      inputParameters:
      - name: shipment_id
        type: string
        description: Shipment identifier.
      - name: store_id
        type: string
        description: Destination store.
      steps:
      - name: check-shipment
        type: call
        call: sap.get-delivery
        with:
          shipment_id: '{{shipment_id}}'
      - name: update-logistics
        type: call
        call: snowflake.run-query
        with:
          statement: UPDATE DELIVERY_TRACKING SET status='{{check-shipment.status}}' WHERE shipment_id='{{shipment_id}}'
      - name: notify-store
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-receiving
          text: 'Delivery {{shipment_id}} status: {{check-shipment.status}}.'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_OUTBOUND_DELIVERY_SRV_V2
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: deliveries
      path: /A_OutbDeliveryHeader('{{shipment_id}}')
      inputParameters:
      - name: shipment_id
        in: path
      operations:
      - name: get-delivery
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates store safety audit pipeline for Albertsons across store-ops, servicenow, workday.

naftiko: '0.5'
info:
  label: Store Safety Audit Pipeline
  description: Orchestrates store safety audit pipeline for Albertsons across store-ops, servicenow, workday.
  tags:
  - store-ops
  - servicenow
  - workday
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: safety-ops
    port: 8080
    tools:
    - name: store-safety-audit-pipeline
      description: Orchestrates store safety audit pipeline for Albertsons across store-ops, servicenow, workday.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Store Safety Audit Pipeline — {{store_id}}
          category: store-ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Store Safety Audit Pipeline done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Orchestrates cost optimization pipeline for Albertsons across infrastructure, snowflake, servicenow.

naftiko: '0.5'
info:
  label: Cost Optimization Pipeline
  description: Orchestrates cost optimization pipeline for Albertsons across infrastructure, snowflake, servicenow.
  tags:
  - infrastructure
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: finops
    port: 8080
    tools:
    - name: cost-optimization-pipeline
      description: Orchestrates cost optimization pipeline for Albertsons across infrastructure, snowflake, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM COST_OPTIMIZATION_PIPELINE
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Cost Optimization Pipeline — {{store_id}}
          category: infrastructure
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Cost Optimization Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates contract renewal alerts for Albertsons across procurement, sap, servicenow.

naftiko: '0.5'
info:
  label: Contract Renewal Alerts
  description: Orchestrates contract renewal alerts for Albertsons across procurement, sap, servicenow.
  tags:
  - procurement
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: procurement-ops
    port: 8080
    tools:
    - name: contract-renewal-alerts
      description: Orchestrates contract renewal alerts for Albertsons across procurement, sap, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Contract Renewal Alerts — {{store_id}}
          category: procurement
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Contract Renewal Alerts done.
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Retrieves employee profile from Workday for Albertsons.

naftiko: '0.5'
info:
  label: Workday Employee Directory
  description: Retrieves employee profile from Workday for Albertsons.
  tags:
  - hr
  - workday
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: hr
    port: 8080
    tools:
    - name: get-employee-dir
      description: Look up Workday employee.
      inputParameters:
      - name: worker_id
        type: string
        description: Workday worker ID.
      call: workday.get-worker
      with:
        worker_id: '{{worker_id}}'
      outputParameters:
      - name: name
        type: string
        mapping: $.worker.name.formatted
      - name: title
        type: string
        mapping: $.worker.position.title
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET

Retrieves SLO compliance history from Datadog for Albertsons customer-facing e-commerce and pharmacy applications, publishes the weekly report to Confluence, and refreshes the Power BI operations dashboard.

naftiko: '0.5'
info:
  label: Datadog Application SLO Report
  description: Retrieves SLO compliance history from Datadog for Albertsons customer-facing e-commerce and pharmacy applications, publishes the weekly report to Confluence, and refreshes the Power BI operations dashboard.
  tags:
  - observability
  - slo
  - datadog
  - confluence
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: slo-reporting
    port: 8080
    tools:
    - name: publish-slo-report
      description: Given a Datadog SLO ID list and report week, retrieve SLO compliance data, publish to Confluence, and refresh Power BI. Use for weekly SLO reviews for Albertsons.com, pharmacy portal, and loyalty API.
      inputParameters:
      - name: slo_ids
        in: body
        type: string
        description: Comma-separated Datadog SLO IDs to include in the report.
      - name: report_week
        in: body
        type: string
        description: The ISO week identifier for the report (e.g., 2025-W14).
      steps:
      - name: get-slo-history
        type: call
        call: datadog-slo.get-slo-history
        with:
          slo_ids: '{{slo_ids}}'
      - name: publish-confluence-page
        type: call
        call: confluence-slo.create-page
        with:
          space_key: OPS
          title: SLO Report — {{report_week}}
          body: 'Weekly SLO compliance: {{get-slo-history.summary}}'
      - name: refresh-powerbi
        type: call
        call: powerbi-slo.trigger-refresh
        with:
          dataset_id: $secrets.powerbi_slo_dataset_id
  consumes:
  - type: http
    namespace: datadog-slo
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: slo-history
      path: /slo/history
      inputParameters:
      - name: slo_ids
        in: query
      operations:
      - name: get-slo-history
        method: GET
  - type: http
    namespace: confluence-slo
    baseUri: https://albertsons.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: page
      path: /content
      inputParameters:
      - name: space_key
        in: body
      - name: title
        in: body
      - name: body
        in: body
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: powerbi-slo
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: refresh
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Orchestrates shipment tracking pipeline for Albertsons across supply-chain, sap, snowflake.

naftiko: '0.5'
info:
  label: Shipment Tracking Pipeline
  description: Orchestrates shipment tracking pipeline for Albertsons across supply-chain, sap, snowflake.
  tags:
  - supply-chain
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: logistics
    port: 8080
    tools:
    - name: shipment-tracking-pipeline
      description: Orchestrates shipment tracking pipeline for Albertsons across supply-chain, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM SHIPMENT_TRACKING_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Shipment Tracking Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Retrieves completed story points from Jira for the last sprint across Albertsons digital product teams, publishes the velocity report to Confluence, and posts a summary to the engineering Teams channel.

naftiko: '0.5'
info:
  label: Sprint Velocity Digest
  description: Retrieves completed story points from Jira for the last sprint across Albertsons digital product teams, publishes the velocity report to Confluence, and posts a summary to the engineering Teams channel.
  tags:
  - devops
  - reporting
  - jira
  - confluence
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: agile-reporting
    port: 8080
    tools:
    - name: digest-sprint-velocity
      description: Given a Jira project key and sprint ID, retrieve completed story points, publish a Confluence velocity page, and notify the engineering Teams channel. Use at the end of each sprint for Albertsons digital product teams.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: The Jira project key (e.g., ECOM, PHARMACY, LOYALTY).
      - name: sprint_id
        in: body
        type: string
        description: The Jira sprint ID to report on.
      steps:
      - name: get-sprint-data
        type: call
        call: jira-agile.get-sprint-issues
        with:
          project_key: '{{project_key}}'
          sprint_id: '{{sprint_id}}'
      - name: publish-confluence
        type: call
        call: confluence-agile.create-page
        with:
          space_key: ENG
          title: Sprint Velocity — {{project_key}} Sprint {{sprint_id}}
          body: 'Completed: {{get-sprint-data.completed_points}} story points. Issues: {{get-sprint-data.completed_issues}}'
      - name: notify-teams
        type: call
        call: msteams-agile.send-message
        with:
          channel_id: engineering-metrics
          message: 'Sprint {{sprint_id}} closed: {{get-sprint-data.completed_points}} story points for {{project_key}}. Report: {{publish-confluence.url}}'
  consumes:
  - type: http
    namespace: jira-agile
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: sprint-issues
      path: /search
      inputParameters:
      - name: project_key
        in: query
      - name: sprint_id
        in: query
      operations:
      - name: get-sprint-issues
        method: GET
  - type: http
    namespace: confluence-agile
    baseUri: https://albertsons.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: page
      path: /content
      inputParameters:
      - name: space_key
        in: body
      - name: title
        in: body
      - name: body
        in: body
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: msteams-agile
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates loyalty enrollment pipeline for Albertsons across loyalty, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Loyalty Enrollment Pipeline
  description: Orchestrates loyalty enrollment pipeline for Albertsons across loyalty, salesforce, snowflake.
  tags:
  - loyalty
  - salesforce
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: loyalty-ops
    port: 8080
    tools:
    - name: loyalty-enrollment-pipeline
      description: Orchestrates loyalty enrollment pipeline for Albertsons across loyalty, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM LOYALTY_ENROLLMENT_PIPELINE
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Loyalty Enrollment Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Checks workflow for Albertsons.

naftiko: '0.5'
info:
  label: GitHub Workflow Status
  description: Checks workflow for Albertsons.
  tags:
  - devops
  - github
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: devops
    port: 8080
    tools:
    - name: get-wf
      description: Check workflow.
      inputParameters:
      - name: repo
        type: string
        description: Repo.
      - name: wf
        type: string
        description: Workflow.
      call: github.get-run
      with:
        repo: '{{repo}}'
        wf: '{{wf}}'
      outputParameters:
      - name: conclusion
        type: string
        mapping: $.workflow_runs[0].conclusion
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: runs
      path: /repos/{{repo}}/actions/workflows/{{wf}}/runs?per_page=1
      inputParameters:
      - name: repo
        in: path
      - name: wf
        in: path
      operations:
      - name: get-run
        method: GET

Orchestrates recall response pipeline for Albertsons across inventory, sap, snowflake.

naftiko: '0.5'
info:
  label: Recall Response Pipeline
  description: Orchestrates recall response pipeline for Albertsons across inventory, sap, snowflake.
  tags:
  - inventory
  - sap
  - snowflake
  - salesforce
capability:
  exposes:
  - type: mcp
    namespace: product-safety
    port: 8080
    tools:
    - name: recall-response-pipeline
      description: Orchestrates recall response pipeline for Albertsons across inventory, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM RECALL_RESPONSE_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET

Orchestrates gift card inquiry handler for Albertsons across e-commerce, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Gift Card Inquiry Handler
  description: Orchestrates gift card inquiry handler for Albertsons across e-commerce, salesforce, snowflake.
  tags:
  - e-commerce
  - salesforce
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: customer-ops
    port: 8080
    tools:
    - name: gift-card-inquiry-handler
      description: Orchestrates gift card inquiry handler for Albertsons across e-commerce, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM GIFT_CARD_INQUIRY_HANDLER
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Gift Card Inquiry Handler — {{store_id}}
          category: e-commerce
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Retrieves a Just for U loyalty member's account details from Salesforce including rewards balance, tier status, and recent redemptions. Used by Albertsons customer service agents to resolve loyalty program inquiries.

naftiko: '0.5'
info:
  label: Loyalty Customer Account Lookup
  description: Retrieves a Just for U loyalty member's account details from Salesforce including rewards balance, tier status, and recent redemptions. Used by Albertsons customer service agents to resolve loyalty program inquiries.
  tags:
  - crm
  - loyalty
  - salesforce
  - customer-service
capability:
  exposes:
  - type: mcp
    namespace: loyalty-crm
    port: 8080
    tools:
    - name: get-loyalty-account
      description: Given a Just for U member ID or email, retrieve account details from Salesforce including rewards balance, tier status, and recent transactions. Use when a customer service agent needs to access a loyalty member account.
      inputParameters:
      - name: member_id
        in: body
        type: string
        description: The Albertsons Just for U loyalty member ID.
      - name: email
        in: body
        type: string
        description: The member's email address (alternative lookup key).
      call: salesforce-loyalty.search-contacts
      with:
        q: SELECT Id, Name, ABS_Loyalty_ID__c, ABS_Rewards_Balance__c, ABS_Tier__c FROM Contact WHERE ABS_Loyalty_ID__c = '{{member_id}}'
      outputParameters:
      - name: member_name
        type: string
        mapping: $.records[0].Name
      - name: rewards_balance
        type: string
        mapping: $.records[0].ABS_Rewards_Balance__c
      - name: tier
        type: string
        mapping: $.records[0].ABS_Tier__c
  consumes:
  - type: http
    namespace: salesforce-loyalty
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: contacts
      path: /query
      inputParameters:
      - name: q
        in: query
      operations:
      - name: search-contacts
        method: GET

Looks up a Salesforce case by ID for Albertsons.

naftiko: '0.5'
info:
  label: Salesforce Case Status Lookup
  description: Looks up a Salesforce case by ID for Albertsons.
  tags:
  - crm
  - salesforce
  - customer-service
capability:
  exposes:
  - type: mcp
    namespace: crm
    port: 8080
    tools:
    - name: get-case-status
      description: Look up Salesforce case status.
      inputParameters:
      - name: case_id
        type: string
        description: Salesforce case ID.
      call: salesforce.get-case
      with:
        case_id: '{{case_id}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.Status
      - name: priority
        type: string
        mapping: $.Priority
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case/{{case_id}}
      inputParameters:
      - name: case_id
        in: path
      operations:
      - name: get-case
        method: GET

Applies a Terraform Cloud workspace run to provision or update Albertsons AWS infrastructure, logs the outcome to Datadog, and notifies the platform engineering team. Automates infrastructure-as-code deployments for Albertsons digital retail platforms.

naftiko: '0.5'
info:
  label: Terraform Cloud Infrastructure Provisioning
  description: Applies a Terraform Cloud workspace run to provision or update Albertsons AWS infrastructure, logs the outcome to Datadog, and notifies the platform engineering team. Automates infrastructure-as-code deployments for Albertsons digital retail platforms.
  tags:
  - cloud
  - infrastructure
  - terraform
  - datadog
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: infra-provisioning
    port: 8080
    tools:
    - name: trigger-terraform-run
      description: Given a Terraform Cloud workspace ID and environment, trigger a plan-and-apply run, log the outcome to Datadog, and notify the platform team in Teams. Use when infrastructure changes need to be applied for Albertsons cloud environments.
      inputParameters:
      - name: workspace_id
        in: body
        type: string
        description: The Terraform Cloud workspace ID (e.g., ws-abc123).
      - name: environment
        in: body
        type: string
        description: The target environment (prod, staging, dev).
      steps:
      - name: create-terraform-run
        type: call
        call: terraform-cloud.create-run
        with:
          workspace_id: '{{workspace_id}}'
          auto_apply: true
      - name: log-datadog
        type: call
        call: datadog-infra.create-event
        with:
          title: 'Terraform run: {{workspace_id}}'
          text: Run {{create-terraform-run.run_id}} started for {{environment}}
          tags: env:{{environment}},workspace:{{workspace_id}}
      - name: notify-platform
        type: call
        call: msteams-infra.send-message
        with:
          channel_id: platform-engineering
          message: 'Terraform run started: workspace {{workspace_id}} ({{environment}}). Run ID: {{create-terraform-run.run_id}}'
  consumes:
  - type: http
    namespace: terraform-cloud
    baseUri: https://app.terraform.io/api/v2
    authentication:
      type: bearer
      token: $secrets.terraform_token
    resources:
    - name: run
      path: /runs
      inputParameters:
      - name: workspace_id
        in: body
      - name: auto_apply
        in: body
      operations:
      - name: create-run
        method: POST
  - type: http
    namespace: datadog-infra
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: event
      path: /events
      inputParameters:
      - name: title
        in: body
      - name: text
        in: body
      - name: tags
        in: body
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: msteams-infra
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates price change pipeline for Albertsons across e-commerce, sap, snowflake.

naftiko: '0.5'
info:
  label: Price Change Pipeline
  description: Orchestrates price change pipeline for Albertsons across e-commerce, sap, snowflake.
  tags:
  - e-commerce
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: pricing-ops
    port: 8080
    tools:
    - name: price-change-pipeline
      description: Orchestrates price change pipeline for Albertsons across e-commerce, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM PRICE_CHANGE_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Price Change Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Queries Entra ID group memberships and validates against Workday job roles to identify access requiring recertification. Creates Jira review tasks for the security team. Supports Albertsons quarterly access certification for privileged system access.

naftiko: '0.5'
info:
  label: Access Certification Review
  description: Queries Entra ID group memberships and validates against Workday job roles to identify access requiring recertification. Creates Jira review tasks for the security team. Supports Albertsons quarterly access certification for privileged system access.
  tags:
  - security
  - identity
  - access-management
  - workday
  - microsoft-entra
  - jira
capability:
  exposes:
  - type: mcp
    namespace: access-review
    port: 8080
    tools:
    - name: run-access-certification
      description: Given an Entra ID group ID and division scope, retrieve group memberships, validate against Workday roles, and create Jira review tasks for access mismatches. Use for quarterly access certification campaigns.
      inputParameters:
      - name: group_id
        in: body
        type: string
        description: The Entra ID group ID to certify (e.g., grp-abs-sap-admin).
      - name: division
        in: body
        type: string
        description: The Albertsons division for the access review scope.
      steps:
      - name: get-group-members
        type: call
        call: entra-access.get-group-members
        with:
          group_id: '{{group_id}}'
      - name: get-workday-roles
        type: call
        call: workday-access.get-workers
        with:
          division: '{{division}}'
      - name: create-review-task
        type: call
        call: jira-access.create-issue
        with:
          project_key: SEC
          summary: 'Access certification: {{group_id}} — {{division}}'
          description: '{{get-group-members.member_count}} members require recertification review in {{division}}.'
          issue_type: Task
  consumes:
  - type: http
    namespace: entra-access
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: group-members
      path: /groups/{{group_id}}/members
      inputParameters:
      - name: group_id
        in: path
      operations:
      - name: get-group-members
        method: GET
  - type: http
    namespace: workday-access
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      inputParameters:
      - name: division
        in: query
      operations:
      - name: get-workers
        method: GET
  - type: http
    namespace: jira-access
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: description
        in: body
      - name: issue_type
        in: body
      operations:
      - name: create-issue
        method: POST

Retrieves ServiceNow incident details for Albertsons.

naftiko: '0.5'
info:
  label: ServiceNow Incident Detail
  description: Retrieves ServiceNow incident details for Albertsons.
  tags:
  - itsm
  - servicenow
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: itsm
    port: 8080
    tools:
    - name: get-incident-detail
      description: Look up ServiceNow incident.
      inputParameters:
      - name: incident_number
        type: string
        description: Incident number.
      call: servicenow.get-incident
      with:
        incident_number: '{{incident_number}}'
      outputParameters:
      - name: state
        type: string
        mapping: $.result.state
      - name: priority
        type: string
        mapping: $.result.priority
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident?sysparm_query=number={{incident_number}}
      inputParameters:
      - name: incident_number
        in: query
      operations:
      - name: get-incident
        method: GET

Queries customer segments for Albertsons.

naftiko: '0.5'
info:
  label: Snowflake Customer Segments
  description: Queries customer segments for Albertsons.
  tags:
  - analytics
  - snowflake
  - loyalty
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: get-segments
      description: Query segments.
      inputParameters:
      - name: segment
        type: string
        description: Segment.
      call: snowflake.run-query
      with:
        segment: '{{segment}}'
      outputParameters:
      - name: count
        type: integer
        mapping: $.data[0].COUNT
      - name: spend
        type: number
        mapping: $.data[0].AVG_SPEND
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST

Triggers Power BI refresh for Albertsons.

naftiko: '0.5'
info:
  label: Power BI Refresh
  description: Triggers Power BI refresh for Albertsons.
  tags:
  - analytics
  - power-bi
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: refresh-dataset
      description: Trigger refresh.
      inputParameters:
      - name: dataset_id
        type: string
        description: Dataset ID.
      call: powerbi.refresh
      with:
        dataset_id: '{{dataset_id}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.value[0].status
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: datasets
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: refresh
        method: POST

Replenishes pharmacy inventory for Albertsons by checking SAP stock levels, creating transfer orders, and notifying pharmacists via Teams.

naftiko: '0.5'
info:
  label: Pharmacy Inventory Replenishment
  description: Replenishes pharmacy inventory for Albertsons by checking SAP stock levels, creating transfer orders, and notifying pharmacists via Teams.
  tags:
  - inventory
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: inventory-ops
    port: 8080
    tools:
    - name: pharmacy-inventory-replenishment
      description: Replenishes pharmacy inventory for Albertsons by checking SAP stock and creating transfer orders.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: drug_category
        type: string
        description: Drug category.
      steps:
      - name: check-stock
        type: call
        call: sap.get-stock
        with:
          category: '{{drug_category}}'
          plant: '{{store_id}}'
      - name: create-order
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Pharmacy replenishment: {{drug_category}} — Store {{store_id}}'
          assignment_group: Pharmacy_Ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: pharmacy-ops
          text: 'Pharmacy replenishment initiated for Store {{store_id}}: {{drug_category}}.'
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: stock
      path: /A_MatlStkInAcctMod
      operations:
      - name: get-stock
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates seasonal promotion setup for Albertsons across e-commerce, sap, snowflake.

naftiko: '0.5'
info:
  label: Seasonal Promotion Setup
  description: Orchestrates seasonal promotion setup for Albertsons across e-commerce, sap, snowflake.
  tags:
  - e-commerce
  - sap
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: merchandising
    port: 8080
    tools:
    - name: seasonal-promotion-setup
      description: Orchestrates seasonal promotion setup for Albertsons across e-commerce, sap, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM SEASONAL_PROMOTION_SETUP
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Seasonal Promotion Setup done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates energy monitoring pipeline for Albertsons across store-ops, snowflake, sap.

naftiko: '0.5'
info:
  label: Energy Monitoring Pipeline
  description: Orchestrates energy monitoring pipeline for Albertsons across store-ops, snowflake, sap.
  tags:
  - store-ops
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: facilities
    port: 8080
    tools:
    - name: energy-monitoring-pipeline
      description: Orchestrates energy monitoring pipeline for Albertsons across store-ops, snowflake, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM ENERGY_MONITORING_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Energy Monitoring Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Creates a GitHub release tag for an Albertsons digital platform, publishes release notes to Confluence, and notifies the engineering Teams channel. Coordinates software release activities for Albertsons.com, pharmacy apps, and loyalty platforms.

naftiko: '0.5'
info:
  label: GitHub Deployment Release Coordination
  description: Creates a GitHub release tag for an Albertsons digital platform, publishes release notes to Confluence, and notifies the engineering Teams channel. Coordinates software release activities for Albertsons.com, pharmacy apps, and loyalty platforms.
  tags:
  - devops
  - release-management
  - github
  - confluence
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: release-mgmt
    port: 8080
    tools:
    - name: coordinate-release
      description: Given a GitHub repository, version tag, and release notes, create the GitHub release, publish to Confluence, and notify the engineering Teams channel. Use when releasing a new version of an Albertsons digital platform.
      inputParameters:
      - name: repo_owner
        in: body
        type: string
        description: The GitHub organization or owner name (e.g., albertsons-digital).
      - name: repo_name
        in: body
        type: string
        description: The GitHub repository name (e.g., albertsons-app, pharmacy-api, loyalty-service).
      - name: version_tag
        in: body
        type: string
        description: The semantic version tag (e.g., v4.2.0).
      - name: release_notes
        in: body
        type: string
        description: The release notes describing changes in this version.
      steps:
      - name: create-github-release
        type: call
        call: github-release.create-release
        with:
          owner: '{{repo_owner}}'
          repo: '{{repo_name}}'
          tag_name: '{{version_tag}}'
          body: '{{release_notes}}'
      - name: publish-confluence
        type: call
        call: confluence-release.create-page
        with:
          space_key: ENG
          title: 'Release: {{repo_name}} {{version_tag}}'
          body: '{{release_notes}}'
      - name: notify-engineering
        type: call
        call: msteams-release.send-message
        with:
          channel_id: engineering-releases
          message: 'Released {{version_tag}} for {{repo_name}}. Notes: {{publish-confluence.url}}'
  consumes:
  - type: http
    namespace: github-release
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: release
      path: /repos/{{owner}}/{{repo}}/releases
      inputParameters:
      - name: owner
        in: path
      - name: repo
        in: path
      - name: tag_name
        in: body
      - name: body
        in: body
      operations:
      - name: create-release
        method: POST
  - type: http
    namespace: confluence-release
    baseUri: https://albertsons.atlassian.net/wiki/rest/api
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: page
      path: /content
      inputParameters:
      - name: space_key
        in: body
      - name: title
        in: body
      - name: body
        in: body
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: msteams-release
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Orchestrates remodel coordination for Albertsons across store-ops, sap, servicenow.

naftiko: '0.5'
info:
  label: Remodel Coordination
  description: Orchestrates remodel coordination for Albertsons across store-ops, sap, servicenow.
  tags:
  - store-ops
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: construction
    port: 8080
    tools:
    - name: remodel-coordination
      description: Orchestrates remodel coordination for Albertsons across store-ops, sap, servicenow.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Remodel Coordination — {{store_id}}
          category: store-ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Remodel Coordination done.
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates markdown optimization pipeline for Albertsons across e-commerce, snowflake, sap.

naftiko: '0.5'
info:
  label: Markdown Optimization Pipeline
  description: Orchestrates markdown optimization pipeline for Albertsons across e-commerce, snowflake, sap.
  tags:
  - e-commerce
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: pricing-ops
    port: 8080
    tools:
    - name: markdown-optimization-pipeline
      description: Orchestrates markdown optimization pipeline for Albertsons across e-commerce, snowflake, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM MARKDOWN_OPTIMIZATION_PIPELINE
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Markdown Optimization Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Queries LinkedIn Talent Solutions for candidates matching active Albertsons corporate and store operations requisitions, and creates Jira recruiting tasks for recruiter follow-up on qualified candidates.

naftiko: '0.5'
info:
  label: LinkedIn Grocery Retail Talent Pipeline Enrichment
  description: Queries LinkedIn Talent Solutions for candidates matching active Albertsons corporate and store operations requisitions, and creates Jira recruiting tasks for recruiter follow-up on qualified candidates.
  tags:
  - hr
  - recruiting
  - linkedin
  - jira
capability:
  exposes:
  - type: mcp
    namespace: talent-acquisition
    port: 8080
    tools:
    - name: enrich-talent-pipeline
      description: Given a LinkedIn job posting ID and role discipline, retrieve matching candidate profiles and create a Jira recruiting task for follow-up. Use when sourcing candidates for Albertsons corporate or operations leadership roles.
      inputParameters:
      - name: job_posting_id
        in: body
        type: string
        description: The LinkedIn job posting ID for the active requisition.
      - name: discipline
        in: body
        type: string
        description: The role discipline (e.g., Merchandising, Finance, Technology, Operations).
      steps:
      - name: get-linkedin-candidates
        type: call
        call: linkedin-talent.search-candidates
        with:
          jobPostingId: '{{job_posting_id}}'
          discipline: '{{discipline}}'
      - name: create-recruiter-task
        type: call
        call: jira-recruiting.create-issue
        with:
          project_key: RECRUIT
          summary: 'Candidate pipeline: {{discipline}} — {{job_posting_id}}'
          description: '{{get-linkedin-candidates.total_count}} candidates identified for {{discipline}} requisition.'
          issue_type: Task
  consumes:
  - type: http
    namespace: linkedin-talent
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: candidates
      path: /talentSearch
      inputParameters:
      - name: jobPostingId
        in: query
      - name: discipline
        in: query
      operations:
      - name: search-candidates
        method: GET
  - type: http
    namespace: jira-recruiting
    baseUri: https://albertsons.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issue
      path: /issue
      inputParameters:
      - name: project_key
        in: body
      - name: summary
        in: body
      - name: description
        in: body
      - name: issue_type
        in: body
      operations:
      - name: create-issue
        method: POST

Orchestrates loyalty points reconciliation for Albertsons across loyalty, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Loyalty Points Reconciliation
  description: Orchestrates loyalty points reconciliation for Albertsons across loyalty, salesforce, snowflake.
  tags:
  - loyalty
  - salesforce
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: loyalty-ops
    port: 8080
    tools:
    - name: loyalty-points-reconciliation
      description: Orchestrates loyalty points reconciliation for Albertsons across loyalty, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM LOYALTY_POINTS_RECONCILIATION
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Loyalty Points Reconciliation — {{store_id}}
          category: loyalty
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Orchestrates customer feedback analysis for Albertsons across customer-service, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Customer Feedback Analysis
  description: Orchestrates customer feedback analysis for Albertsons across customer-service, salesforce, snowflake.
  tags:
  - customer-service
  - salesforce
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: customer-feedback-analysis
      description: Orchestrates customer feedback analysis for Albertsons across customer-service, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM CUSTOMER_FEEDBACK_ANALYSIS
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Customer Feedback Analysis done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Gets headcount for Albertsons.

naftiko: '0.5'
info:
  label: Workday Headcount
  description: Gets headcount for Albertsons.
  tags:
  - hr
  - workday
  - store-ops
capability:
  exposes:
  - type: mcp
    namespace: hr
    port: 8080
    tools:
    - name: get-hc
      description: Get headcount.
      inputParameters:
      - name: dept
        type: string
        description: Department.
      call: workday.get-hc
      with:
        dept: '{{dept}}'
      outputParameters:
      - name: total
        type: integer
        mapping: $.headcount.total
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: hc
      path: /albertsons/headcount
      operations:
      - name: get-hc
        method: GET

When a critical CVE is identified, queries Datadog security signals, creates a ServiceNow security incident, and notifies the CISO team in Microsoft Teams. Enables rapid vulnerability response for Albertsons PCI-compliant retail systems.

naftiko: '0.5'
info:
  label: Security CVE Vulnerability Triage
  description: When a critical CVE is identified, queries Datadog security signals, creates a ServiceNow security incident, and notifies the CISO team in Microsoft Teams. Enables rapid vulnerability response for Albertsons PCI-compliant retail systems.
  tags:
  - security
  - cve
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: security-ops
    port: 8080
    tools:
    - name: triage-cve
      description: Given a CVE identifier, affected system, and severity, retrieve Datadog security signals, create a ServiceNow security incident, and notify the security team in Teams. Use when a critical or high CVE requires triage in Albertsons PCI-scope systems.
      inputParameters:
      - name: cve_id
        in: body
        type: string
        description: The CVE identifier (e.g., CVE-2024-12345).
      - name: affected_system
        in: body
        type: string
        description: The name of the affected system (e.g., POS, e-commerce, loyalty-api).
      - name: severity
        in: body
        type: string
        description: The CVE severity level (critical, high, medium, low).
      steps:
      - name: get-security-signals
        type: call
        call: datadog-sec.list-signals
        with:
          query: cve:{{cve_id}}
      - name: create-security-incident
        type: call
        call: servicenow-sec.create-incident
        with:
          short_description: CVE {{cve_id}} ({{severity}}) on {{affected_system}}
          category: Security
          priority: '1'
      - name: notify-security-team
        type: call
        call: msteams-sec.send-message
        with:
          channel_id: security-alerts
          message: 'CVE {{cve_id}} ({{severity}}) on {{affected_system}}. Incident: {{create-security-incident.number}}'
  consumes:
  - type: http
    namespace: datadog-sec
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: signals
      path: /security_analytics/signals/search
      inputParameters:
      - name: query
        in: body
      operations:
      - name: list-signals
        method: POST
  - type: http
    namespace: servicenow-sec
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_pass
    resources:
    - name: incident
      path: /table/incident
      inputParameters:
      - name: short_description
        in: body
      - name: category
        in: body
      - name: priority
        in: body
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-sec
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: message
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      - name: message
        in: body
      operations:
      - name: send-message
        method: POST

Queries inventory for Albertsons.

naftiko: '0.5'
info:
  label: Snowflake Inventory Query
  description: Queries inventory for Albertsons.
  tags:
  - inventory
  - snowflake
  - supply-chain
capability:
  exposes:
  - type: mcp
    namespace: analytics
    port: 8080
    tools:
    - name: query-inv
      description: Query inventory.
      inputParameters:
      - name: loc
        type: string
        description: Location.
      call: snowflake.run-query
      with:
        loc: '{{loc}}'
      outputParameters:
      - name: units
        type: integer
        mapping: $.data[0].UNITS
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST

Orchestrates maintenance request workflow for Albertsons across store-ops, servicenow, sap.

naftiko: '0.5'
info:
  label: Maintenance Request Workflow
  description: Orchestrates maintenance request workflow for Albertsons across store-ops, servicenow, sap.
  tags:
  - store-ops
  - servicenow
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: facilities
    port: 8080
    tools:
    - name: maintenance-request-workflow
      description: Orchestrates maintenance request workflow for Albertsons across store-ops, servicenow, sap.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: check-erp
        type: call
        call: sap.get-data
        with:
          entity: '{{store_id}}'
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Maintenance Request Workflow — {{store_id}}
          category: store-ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Maintenance Request Workflow done.
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: entities
      path: /A_BusinessPartner
      operations:
      - name: get-data
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates emergency notification pipeline for Albertsons across store-ops, workday, microsoft-teams.

naftiko: '0.5'
info:
  label: Emergency Notification Pipeline
  description: Orchestrates emergency notification pipeline for Albertsons across store-ops, workday, microsoft-teams.
  tags:
  - store-ops
  - workday
  - microsoft-teams
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: emergency-ops
    port: 8080
    tools:
    - name: emergency-notification-pipeline
      description: Orchestrates emergency notification pipeline for Albertsons across store-ops, workday, microsoft-teams.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: create-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: Emergency Notification Pipeline — {{store_id}}
          category: store-ops
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Emergency Notification Pipeline done.
      - name: get-hr
        type: call
        call: workday.get-workers
        with:
          store: '{{store_id}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /albertsons/workers
      operations:
      - name: get-workers
        method: GET

Tracks fresh produce waste for Albertsons by logging Snowflake shrinkage data, creating SAP adjustments, and alerting managers via Teams.

naftiko: '0.5'
info:
  label: Fresh Produce Waste Tracking
  description: Tracks fresh produce waste for Albertsons by logging Snowflake shrinkage data, creating SAP adjustments, and alerting managers via Teams.
  tags:
  - inventory
  - snowflake
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: store-ops
    port: 8080
    tools:
    - name: fresh-produce-waste-tracking
      description: Tracks fresh produce waste for Albertsons by logging Snowflake shrinkage data and SAP adjustments.
      inputParameters:
      - name: store_id
        type: string
        description: Store identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: get-waste-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT category, waste_qty, waste_value FROM PRODUCE_WASTE WHERE store='{{store_id}}' AND date='{{date}}'
      - name: post-adjustment
        type: call
        call: sap.post-adjustment
        with:
          plant: '{{store_id}}'
          type: produce_waste
      - name: alert-manager
        type: call
        call: msteams.send-message
        with:
          channel_id: store-{{store_id}}-ops
          text: Produce waste report for {{date}} posted.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_DOCUMENT_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: adjustments
      path: /A_MaterialDocumentHeader
      operations:
      - name: post-adjustment
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Orchestrates cx survey pipeline for Albertsons across customer-service, salesforce, snowflake.

naftiko: '0.5'
info:
  label: Cx Survey Pipeline
  description: Orchestrates cx survey pipeline for Albertsons across customer-service, salesforce, snowflake.
  tags:
  - customer-service
  - salesforce
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: customer-ops
    port: 8080
    tools:
    - name: cx-survey-pipeline
      description: Orchestrates cx survey pipeline for Albertsons across customer-service, salesforce, snowflake.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM CX_SURVEY_PIPELINE
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Cx Survey Pipeline done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Verifies vendor deliveries for Albertsons by matching SAP PO data, logging Snowflake receipts, and creating ServiceNow discrepancy tickets.

naftiko: '0.5'
info:
  label: Vendor Delivery Verification
  description: Verifies vendor deliveries for Albertsons by matching SAP PO data, logging Snowflake receipts, and creating ServiceNow discrepancy tickets.
  tags:
  - supply-chain
  - sap
  - snowflake
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: procurement-ops
    port: 8080
    tools:
    - name: vendor-delivery-verification
      description: Verifies vendor deliveries for Albertsons by matching SAP PO data and logging Snowflake receipts.
      inputParameters:
      - name: po_number
        type: string
        description: Purchase order number.
      - name: receipt_doc
        type: string
        description: Receiving document number.
      steps:
      - name: get-po
        type: call
        call: sap.get-po
        with:
          po_number: '{{po_number}}'
      - name: log-receipt
        type: call
        call: snowflake.run-query
        with:
          statement: INSERT INTO DELIVERY_RECEIPTS VALUES ('{{po_number}}', '{{receipt_doc}}', CURRENT_TIMESTAMP())
      - name: flag-discrepancy
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'Delivery verification: PO {{po_number}}'
          category: supply-chain
  consumes:
  - type: http
    namespace: sap
    baseUri: https://albertsons-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder('{{po_number}}')
      inputParameters:
      - name: po_number
        in: path
      operations:
      - name: get-po
        method: GET
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://albertsons.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST

Orchestrates qbr report generator for Albertsons across analytics, snowflake, salesforce.

naftiko: '0.5'
info:
  label: Qbr Report Generator
  description: Orchestrates qbr report generator for Albertsons across analytics, snowflake, salesforce.
  tags:
  - analytics
  - snowflake
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: finance-ops
    port: 8080
    tools:
    - name: qbr-report-generator
      description: Orchestrates qbr report generator for Albertsons across analytics, snowflake, salesforce.
      inputParameters:
      - name: store_id
        type: string
        description: Store or entity identifier.
      - name: date
        type: string
        description: Date in YYYY-MM-DD.
      steps:
      - name: query-data
        type: call
        call: snowflake.run-query
        with:
          statement: SELECT * FROM QBR_REPORT_GENERATOR
      - name: get-sf
        type: call
        call: salesforce.query
        with:
          q: SELECT Id FROM Account
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: ops-{{store_id}}
          text: Qbr Report Generator done.
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://albertsons.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: run-query
        method: POST
  - type: http
    namespace: salesforce
    baseUri: https://albertsons.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: query
      path: /query
      operations:
      - name: query
        method: GET
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channels
      path: /teams/{{team_id}}/channels/{{channel_id}}/messages
      operations:
      - name: send-message
        method: POST

Retrieves the current status, value, and stage of a Salesforce opportunity by ID, for use in sales pipeline reviews and CRM status checks.

naftiko: '0.5'
info:
  label: Salesforce Opportunity Status Lookup
  description: Retrieves the current status, value, and stage of a Salesforce opportunity by ID, for use in sales pipeline reviews and CRM status checks.
  tags:
  - sales
  - crm
  - salesforce
  - reporting
capability:
  exposes:
  - type: mcp
    namespace: crm-sales
    port: 8080
    tools:
    - name: get-opportunity
      description: Look up a Salesforce opportunity by ID. Returns stage, amount, close date, and account name. Use for pipeline reviews or to surface deal context during customer calls.
      inputParameters:
      - name: opportunity_id
        in: body
        type: string
        description: The Salesforce opportunity record ID, e.g. 0065G00001abc.
      call: salesforce.get-opportunity
      with:
        opportunity_id: '{{opportunity_id}}'
      outputParameters:
      - name: name
        type: string
        mapping: $.Name
      - name: stage
        type: string
        mapping: $.StageName
      - name: amount
        type: number
        mapping: $.Amount
      - name: close_date
        type: string
        mapping: $.CloseDate
      - name: account_name
        type: string
        mapping: $.Account.Name
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://amgen.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: opportunities
      path: /sobjects/Opportunity/{{opportunity_id}}
      inputParameters:
      - name: opportunity_id
        in: path
      operations:
      - name: get-opportunity
        method: GET

Orchestrates bioreactor scale-up validation by comparing process parameters across scales, generating equivalency reports, and notifying process development.

naftiko: '0.5'
info:
  label: Bioreactor Scale-Up Validation Orchestration
  description: Orchestrates bioreactor scale-up validation by comparing process parameters across scales, generating equivalency reports, and notifying process development.
  tags:
  - manufacturing
  - rd
  - quality
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: scale-up-validation
    port: 8080
    tools:
    - name: validate-scale-up
      description: Given small-scale and large-scale batch IDs, compare process parameters, generate equivalency report, and notify team. Use when process development validates scale-up.
      inputParameters:
      - name: small_scale_batch
        in: body
        type: string
        description: Small-scale batch identifier.
      - name: large_scale_batch
        in: body
        type: string
        description: Large-scale batch identifier.
      steps:
      - name: compare-parameters
        type: call
        call: snowflake.execute-query
        with:
          query_name: scale_up_comparison
          params: '{{small_scale_batch}},{{large_scale_batch}}'
      - name: create-validation-record
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Scale-up validation: {{small_scale_batch}} vs {{large_scale_batch}}'
          category: process_validation
          assigned_group: Process_Development
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: process-development
          text: 'Scale-up comparison complete. Titer equivalence: {{compare-parameters.titer_equivalence}}%. CQA within spec: {{compare-parameters.cqa_pass}}. Task: {{create-validation-record.number}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the current health status of Amgen's monitored infrastructure hosts and services from Datadog, returning a consolidated health snapshot.

naftiko: '0.5'
info:
  label: Datadog Infrastructure Health Check
  description: Retrieves the current health status of Amgen's monitored infrastructure hosts and services from Datadog, returning a consolidated health snapshot.
  tags:
  - observability
  - datadog
  - monitoring
  - infrastructure
capability:
  exposes:
  - type: mcp
    namespace: infra-monitoring
    port: 8080
    tools:
    - name: get-infrastructure-health
      description: Query Datadog for the current status of all monitored hosts and active alerts. Returns a health summary suitable for ops dashboards and incident triage.
      inputParameters:
      - name: environment
        in: body
        type: string
        description: 'The deployment environment to query: production, staging, or development.'
      call: datadog.list-monitors
      with:
        tags: env:{{environment}}
      outputParameters:
      - name: monitors
        type: array
        mapping: $.monitors
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: monitors
      path: /monitor
      operations:
      - name: list-monitors
        method: GET
        inputParameters:
        - name: tags
          in: query

When a supply chain risk is identified for a critical raw material, creates a ServiceNow procurement task, updates the Salesforce supply record, and alerts the procurement team in Teams.

naftiko: '0.5'
info:
  label: Supply Chain Disruption Alert
  description: When a supply chain risk is identified for a critical raw material, creates a ServiceNow procurement task, updates the Salesforce supply record, and alerts the procurement team in Teams.
  tags:
  - supply-chain
  - procurement
  - servicenow
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: supply-chain-ops
    port: 8080
    tools:
    - name: handle-supply-disruption
      description: Given a material ID, supplier name, and disruption severity, create a ServiceNow procurement task, update the Salesforce supply record, and notify the procurement team in Teams.
      inputParameters:
      - name: material_id
        in: body
        type: string
        description: The SAP material ID for the at-risk raw material.
      - name: supplier_name
        in: body
        type: string
        description: The supplier name experiencing the disruption.
      - name: disruption_type
        in: body
        type: string
        description: 'Type of disruption: shortage, delay, quality_issue, or force_majeure.'
      - name: severity
        in: body
        type: string
        description: 'Disruption severity: critical, high, medium, or low.'
      steps:
      - name: create-procurement-task
        type: call
        call: servicenow-sc.create-task
        with:
          short_description: 'Supply disruption: {{material_id}} from {{supplier_name}}'
          description: 'Disruption type: {{disruption_type}}. Severity: {{severity}}.'
          assignment_group: Procurement
      - name: update-supply-record
        type: call
        call: salesforce-sc.update-record
        with:
          object_type: Supply_Record__c
          material_id: '{{material_id}}'
          status: Disrupted
          disruption_type: '{{disruption_type}}'
      - name: alert-procurement
        type: call
        call: msteams-sc.post-channel-message
        with:
          channel_id: procurement-alerts
          message: 'Supply Disruption: {{material_id}} from {{supplier_name}} | Type: {{disruption_type}} | Severity: {{severity}} | Task: {{create-procurement-task.number}}'
  consumes:
  - type: http
    namespace: servicenow-sc
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: salesforce-sc
    baseUri: https://amgen.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: supply-records
      path: /sobjects/Supply_Record__c
      operations:
      - name: update-record
        method: PATCH
  - type: http
    namespace: msteams-sc
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When an employee changes roles in Workday, updates their Okta group memberships, adjusts Salesforce profile permissions, and notifies the new manager via Teams.

naftiko: '0.5'
info:
  label: Workday Role Change Provisioning
  description: When an employee changes roles in Workday, updates their Okta group memberships, adjusts Salesforce profile permissions, and notifies the new manager via Teams.
  tags:
  - hr
  - identity
  - workday
  - okta
  - salesforce
capability:
  exposes:
  - type: mcp
    namespace: hr-role-change
    port: 8080
    tools:
    - name: sync-role-change
      description: Given a Workday employee ID and new role details, update Okta group assignments, adjust Salesforce profile, and notify the new manager in Teams.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: The Workday worker ID for the employee changing roles.
      - name: new_role
        in: body
        type: string
        description: The new job role or title.
      - name: new_manager_upn
        in: body
        type: string
        description: The UPN of the new manager.
      steps:
      - name: get-worker
        type: call
        call: workday-role.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: update-okta-groups
        type: call
        call: okta-role.update-user-groups
        with:
          user_id: '{{get-worker.okta_user_id}}'
          new_department: '{{get-worker.new_department}}'
      - name: notify-new-manager
        type: call
        call: msteams-role.send-message
        with:
          recipient_upn: '{{new_manager_upn}}'
          message: '{{get-worker.full_name}} has been assigned to your team in role: {{new_role}}. Okta and Salesforce access updated.'
  consumes:
  - type: http
    namespace: workday-role
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /amgen/workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: okta-role
    baseUri: https://amgen.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_api_token
      placement: header
    resources:
    - name: users
      path: /users/{{user_id}}/groups
      inputParameters:
      - name: user_id
        in: path
      operations:
      - name: update-user-groups
        method: PUT
  - type: http
    namespace: msteams-role
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Returns current headcount by department and cost center from Workday, suitable for finance planning and headcount reporting.

naftiko: '0.5'
info:
  label: Payroll Headcount Snapshot
  description: Returns current headcount by department and cost center from Workday, suitable for finance planning and headcount reporting.
  tags:
  - hr
  - finance
  - reporting
  - workday
  - headcount
capability:
  exposes:
  - type: mcp
    namespace: hr-reporting
    port: 8080
    tools:
    - name: get-headcount-by-department
      description: Returns a list of active Amgen employees grouped by department and cost center from Workday. Use for headcount planning, budget reviews, and workforce analytics.
      call: workday-hc.headcount-report
      outputParameters:
      - name: employees
        type: array
        mapping: $.data
  consumes:
  - type: http
    namespace: workday-hc
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: headcount
      path: /amgen/reports/headcount
      operations:
      - name: headcount-report
        method: GET

Assembles a New Drug Application submission package by gathering documents from Veeva Vault, creating the eCTD structure, and notifying the regulatory team.

naftiko: '0.5'
info:
  label: NDA Submission Package Orchestration
  description: Assembles a New Drug Application submission package by gathering documents from Veeva Vault, creating the eCTD structure, and notifying the regulatory team.
  tags:
  - regulatory
  - clinical
  - veeva-vault
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: nda-submission
    port: 8080
    tools:
    - name: assemble-nda-package
      description: Given an NDA number and molecule name, gather documents, create eCTD structure, and notify team. Use when regulatory affairs prepares an NDA filing.
      inputParameters:
      - name: nda_number
        in: body
        type: string
        description: NDA application number.
      - name: molecule_name
        in: body
        type: string
        description: Drug molecule name.
      steps:
      - name: gather-documents
        type: call
        call: veeva-vault.query-documents
        with:
          nda_number: '{{nda_number}}'
          doc_type: ectd
      - name: create-submission
        type: call
        call: veeva-vault.create-submission
        with:
          nda_number: '{{nda_number}}'
          molecule: '{{molecule_name}}'
          document_ids: '{{gather-documents.document_ids}}'
      - name: create-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'NDA submission: {{nda_number}} - {{molecule_name}}'
          category: regulatory_submission
          assigned_group: Regulatory_Affairs
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: regulatory-submissions
          text: 'NDA {{nda_number}} package assembled for {{molecule_name}}. Documents: {{gather-documents.count}}. Task: {{create-task.number}}'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://amgen-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /query
      operations:
      - name: query-documents
        method: POST
    - name: submissions
      path: /objects/submission__c
      operations:
      - name: create-submission
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a cold chain temperature excursion is detected during biologic shipment, creates a deviation, quarantines the batch, notifies quality, and initiates stability assessment.

naftiko: '0.5'
info:
  label: Cold Chain Temperature Excursion Orchestration
  description: When a cold chain temperature excursion is detected during biologic shipment, creates a deviation, quarantines the batch, notifies quality, and initiates stability assessment.
  tags:
  - supply-chain
  - quality
  - manufacturing
  - servicenow
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: cold-chain
    port: 8080
    tools:
    - name: handle-temp-excursion
      description: Given a shipment ID, batch number, and temperature reading, create deviation, quarantine batch, notify quality, and start assessment. Use when cold chain monitoring detects temperature breach.
      inputParameters:
      - name: shipment_id
        in: body
        type: string
        description: Shipment tracking identifier.
      - name: batch_number
        in: body
        type: string
        description: Affected batch number.
      - name: temperature_reading
        in: body
        type: string
        description: Recorded temperature reading.
      steps:
      - name: create-deviation
        type: call
        call: servicenow.create-deviation
        with:
          description: 'Cold chain excursion: Shipment {{shipment_id}}, Batch {{batch_number}}, Temp {{temperature_reading}}'
          area: cold_chain
          priority: '1'
      - name: quarantine-batch
        type: call
        call: sap-erp.update-batch-status
        with:
          batch: '{{batch_number}}'
          status: quarantine
      - name: notify-quality
        type: call
        call: msteams.send-message
        with:
          channel_id: quality-supply-chain
          text: 'COLD CHAIN ALERT: Shipment {{shipment_id}}, Batch {{batch_number}} quarantined. Temp: {{temperature_reading}}. Deviation: {{create-deviation.number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: deviations
      path: /table/u_deviation
      operations:
      - name: create-deviation
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://amgen-s4.sap.com/sap/opu/odata/sap/PP_BATCH_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: batches
      path: /A_Batch('{{batch}}')
      inputParameters:
      - name: batch
        in: path
      operations:
      - name: update-batch-status
        method: PATCH
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves a pending expense report from SAP Concur, validates it against travel policy, and routes it for manager approval via ServiceNow.

naftiko: '0.5'
info:
  label: SAP Concur Expense Report Approval
  description: Retrieves a pending expense report from SAP Concur, validates it against travel policy, and routes it for manager approval via ServiceNow.
  tags:
  - finance
  - expense-management
  - sap-concur
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: expense-mgmt
    port: 8080
    tools:
    - name: process-expense-report
      description: Given a SAP Concur expense report ID and employee ID, retrieve the report, validate against Amgen travel policy, and create a ServiceNow approval task for the manager.
      inputParameters:
      - name: expense_report_id
        in: body
        type: string
        description: The SAP Concur expense report identifier.
      - name: employee_id
        in: body
        type: string
        description: The employee ID submitting the expense report.
      steps:
      - name: get-expense-report
        type: call
        call: sap-concur.get-expense-report
        with:
          report_id: '{{expense_report_id}}'
      - name: create-approval-task
        type: call
        call: servicenow-exp.create-task
        with:
          short_description: 'Expense approval: {{employee_id}} — {{expense_report_id}}'
          description: 'Amount: {{get-expense-report.total_amount}} {{get-expense-report.currency}}. Period: {{get-expense-report.period}}.'
          assignment_group: Finance_Expense
  consumes:
  - type: http
    namespace: sap-concur
    baseUri: https://www.concursolutions.com/api/v3.0
    authentication:
      type: bearer
      token: $secrets.concur_token
    resources:
    - name: expense-reports
      path: /expense/reports/{{report_id}}
      inputParameters:
      - name: report_id
        in: path
      operations:
      - name: get-expense-report
        method: GET
  - type: http
    namespace: servicenow-exp
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/task
      operations:
      - name: create-task
        method: POST

When a new clinical trial site is approved in Veeva Vault, creates a ServiceNow task for site setup, notifies the clinical operations team in Teams, and logs the activation in Salesforce.

naftiko: '0.5'
info:
  label: Clinical Trial Site Activation
  description: When a new clinical trial site is approved in Veeva Vault, creates a ServiceNow task for site setup, notifies the clinical operations team in Teams, and logs the activation in Salesforce.
  tags:
  - clinical-trials
  - veeva
  - servicenow
  - salesforce
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: clinical-ops
    port: 8080
    tools:
    - name: activate-trial-site
      description: Given a Veeva Vault study ID and site ID, create a ServiceNow setup task, log the site in Salesforce, and notify the clinical operations team via Teams.
      inputParameters:
      - name: vault_study_id
        in: body
        type: string
        description: The Veeva Vault study document ID for the clinical trial.
      - name: site_id
        in: body
        type: string
        description: The clinical site identifier to be activated.
      - name: site_name
        in: body
        type: string
        description: The human-readable name of the clinical trial site.
      steps:
      - name: create-setup-task
        type: call
        call: servicenow-clin.create-task
        with:
          short_description: 'Site activation: {{site_name}} for study {{vault_study_id}}'
          assignment_group: Clinical_Operations
      - name: log-in-salesforce
        type: call
        call: salesforce-clin.create-record
        with:
          object_type: Clinical_Site__c
          study_id: '{{vault_study_id}}'
          site_id: '{{site_id}}'
          site_name: '{{site_name}}'
          status: Activated
      - name: notify-team
        type: call
        call: msteams-clin.post-channel-message
        with:
          channel_id: clinical-ops-alerts
          message: 'Site {{site_name}} (ID: {{site_id}}) activated for study {{vault_study_id}}. ServiceNow task: {{create-setup-task.number}}.'
  consumes:
  - type: http
    namespace: servicenow-clin
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: salesforce-clin
    baseUri: https://amgen.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: sobjects
      path: /sobjects/{{object_type}}
      inputParameters:
      - name: object_type
        in: path
      operations:
      - name: create-record
        method: POST
  - type: http
    namespace: msteams-clin
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When CrowdStrike detects a high-severity endpoint detection, creates a ServiceNow security incident, isolates the endpoint via CrowdStrike API, and alerts the SOC team in Teams.

naftiko: '0.5'
info:
  label: CrowdStrike Security Alert Triage
  description: When CrowdStrike detects a high-severity endpoint detection, creates a ServiceNow security incident, isolates the endpoint via CrowdStrike API, and alerts the SOC team in Teams.
  tags:
  - security
  - crowdstrike
  - servicenow
  - incident-response
  - soc
capability:
  exposes:
  - type: mcp
    namespace: security-ops
    port: 8080
    tools:
    - name: handle-endpoint-detection
      description: Given a CrowdStrike detection ID and host ID, create a ServiceNow security incident, isolate the host via CrowdStrike, and alert the SOC channel in Teams.
      inputParameters:
      - name: detection_id
        in: body
        type: string
        description: The CrowdStrike detection ID.
      - name: host_id
        in: body
        type: string
        description: The CrowdStrike host/device ID for the affected endpoint.
      - name: severity
        in: body
        type: string
        description: 'Detection severity: critical, high, medium, or low.'
      steps:
      - name: create-security-incident
        type: call
        call: servicenow-soc.create-incident
        with:
          short_description: CrowdStrike detection {{detection_id}} — {{severity}} severity
          category: security
          assignment_group: SOC
          urgency: '1'
      - name: isolate-host
        type: call
        call: crowdstrike.contain-host
        with:
          host_id: '{{host_id}}'
      - name: alert-soc
        type: call
        call: msteams-soc.post-channel-message
        with:
          channel_id: soc-alerts
          message: 'SECURITY ALERT: CrowdStrike detection {{detection_id}} ({{severity}}) on host {{host_id}}. Host isolated. Incident: {{create-security-incident.number}}.'
  consumes:
  - type: http
    namespace: servicenow-soc
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: crowdstrike
    baseUri: https://api.crowdstrike.com
    authentication:
      type: bearer
      token: $secrets.crowdstrike_token
    resources:
    - name: host-containment
      path: /devices/entities/devices-actions/v2
      operations:
      - name: contain-host
        method: POST
  - type: http
    namespace: msteams-soc
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager in Teams.

naftiko: '0.5'
info:
  label: LinkedIn Talent Acquisition Signal
  description: When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager in Teams.
  tags:
  - hr
  - recruiting
  - linkedin
  - workday
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: talent-acquisition
    port: 8080
    tools:
    - name: enrich-candidate-profile
      description: Given a LinkedIn member URN and a Workday job requisition ID, fetch the LinkedIn profile and create or enrich the candidate record in Workday, then notify the hiring manager in Teams.
      inputParameters:
      - name: linkedin_member_urn
        in: body
        type: string
        description: The LinkedIn member URN for the candidate.
      - name: job_req_id
        in: body
        type: string
        description: The Workday job requisition ID the candidate applied for.
      - name: hiring_manager_upn
        in: body
        type: string
        description: The UPN of the hiring manager to notify.
      steps:
      - name: get-linkedin-profile
        type: call
        call: linkedin.get-profile
        with:
          member_urn: '{{linkedin_member_urn}}'
      - name: create-candidate
        type: call
        call: workday-recruit.create-candidate
        with:
          job_req_id: '{{job_req_id}}'
          first_name: '{{get-linkedin-profile.firstName}}'
          last_name: '{{get-linkedin-profile.lastName}}'
          headline: '{{get-linkedin-profile.headline}}'
      - name: notify-hiring-manager
        type: call
        call: msteams-recruit.send-message
        with:
          recipient_upn: '{{hiring_manager_upn}}'
          message: 'New candidate: {{get-linkedin-profile.firstName}} {{get-linkedin-profile.lastName}} applied for req {{job_req_id}}. Title: {{get-linkedin-profile.headline}}. Workday record: {{create-candidate.candidate_id}}.'
  consumes:
  - type: http
    namespace: linkedin
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: profiles
      path: /people/{{member_urn}}
      inputParameters:
      - name: member_urn
        in: path
      operations:
      - name: get-profile
        method: GET
  - type: http
    namespace: workday-recruit
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: candidates
      path: /amgen/jobRequisitions/{{job_req_id}}/candidates
      inputParameters:
      - name: job_req_id
        in: path
      operations:
      - name: create-candidate
        method: POST
  - type: http
    namespace: msteams-recruit
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Generates a weekly account health digest from Salesforce, summarizing open opportunities, recent activities, and support cases for strategic accounts, posted to the sales Teams channel.

naftiko: '0.5'
info:
  label: Salesforce Account Health Digest
  description: Generates a weekly account health digest from Salesforce, summarizing open opportunities, recent activities, and support cases for strategic accounts, posted to the sales Teams channel.
  tags:
  - sales
  - crm
  - salesforce
  - reporting
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: account-health
    port: 8080
    tools:
    - name: digest-account-health
      description: Given a Salesforce account ID, retrieve open opportunities, recent activities, and open cases, then post a health digest to the sales Teams channel.
      inputParameters:
      - name: account_id
        in: body
        type: string
        description: The Salesforce account ID, e.g. 0015G00001xyz.
      - name: teams_channel_id
        in: body
        type: string
        description: The Teams channel ID where the digest should be posted.
      steps:
      - name: get-account
        type: call
        call: salesforce-acct.get-account
        with:
          account_id: '{{account_id}}'
      - name: get-opportunities
        type: call
        call: salesforce-acct.get-account-opportunities
        with:
          account_id: '{{account_id}}'
      - name: post-digest
        type: call
        call: msteams-acct.post-channel-message
        with:
          channel_id: '{{teams_channel_id}}'
          message: 'Account Health: {{get-account.name}} | Open Opps: {{get-opportunities.total_count}} | Total Pipeline: ${{get-opportunities.total_amount}} | Health Score: {{get-account.health_score}}'
  consumes:
  - type: http
    namespace: salesforce-acct
    baseUri: https://amgen.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: accounts
      path: /sobjects/Account/{{account_id}}
      inputParameters:
      - name: account_id
        in: path
      operations:
      - name: get-account
        method: GET
    - name: account-opportunities
      path: /sobjects/Account/{{account_id}}/Opportunities
      inputParameters:
      - name: account_id
        in: path
      operations:
      - name: get-account-opportunities
        method: GET
  - type: http
    namespace: msteams-acct
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Triggers a refresh of the commercial performance Power BI dashboard.

naftiko: '0.5'
info:
  label: Power BI Commercial Dashboard Refresh
  description: Triggers a refresh of the commercial performance Power BI dashboard.
  tags:
  - commercial
  - analytics
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: bi-refresh
    port: 8080
    tools:
    - name: refresh-commercial-dashboard
      description: Given a dataset ID, trigger a Power BI refresh. Use when commercial teams need updated data.
      inputParameters:
      - name: dataset_id
        in: body
        type: string
        description: Power BI dataset ID.
      call: powerbi.trigger-refresh
      with:
        dataset_id: '{{dataset_id}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.status
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: datasets
      path: /datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Triggers a Tableau workbook extract refresh and notifies stakeholders in Teams when the refresh completes or fails.

naftiko: '0.5'
info:
  label: Tableau Dashboard Refresh Trigger
  description: Triggers a Tableau workbook extract refresh and notifies stakeholders in Teams when the refresh completes or fails.
  tags:
  - data
  - analytics
  - tableau
  - reporting
capability:
  exposes:
  - type: mcp
    namespace: bi-reporting
    port: 8080
    tools:
    - name: refresh-tableau-workbook
      description: Given a Tableau workbook ID and site name, trigger an extract refresh and notify the designated stakeholder channel in Teams when complete.
      inputParameters:
      - name: workbook_id
        in: body
        type: string
        description: The Tableau workbook ID to refresh.
      - name: site_name
        in: body
        type: string
        description: The Tableau site name, e.g. amgen.
      - name: notification_channel
        in: body
        type: string
        description: The Teams channel ID to notify on completion.
      steps:
      - name: trigger-refresh
        type: call
        call: tableau.refresh-workbook
        with:
          workbook_id: '{{workbook_id}}'
          site: '{{site_name}}'
      - name: notify-stakeholders
        type: call
        call: msteams-bi.post-channel-message
        with:
          channel_id: '{{notification_channel}}'
          message: 'Tableau workbook {{workbook_id}} refresh triggered. Job ID: {{trigger-refresh.job_id}}.'
  consumes:
  - type: http
    namespace: tableau
    baseUri: https://tableau.amgen.com/api/2.8
    authentication:
      type: apikey
      key: X-Tableau-Auth
      value: $secrets.tableau_token
      placement: header
    resources:
    - name: workbook-refresh
      path: /sites/{{site}}/workbooks/{{workbook_id}}/refresh
      inputParameters:
      - name: site
        in: path
      - name: workbook_id
        in: path
      operations:
      - name: refresh-workbook
        method: POST
  - type: http
    namespace: msteams-bi
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When GitHub Advanced Security finds a critical code scanning alert, automatically creates a Jira security issue and notifies the security engineering team in Teams.

naftiko: '0.5'
info:
  label: GitHub Security Scan to Jira
  description: When GitHub Advanced Security finds a critical code scanning alert, automatically creates a Jira security issue and notifies the security engineering team in Teams.
  tags:
  - security
  - devops
  - github
  - jira
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: appsec
    port: 8080
    tools:
    - name: handle-code-scanning-alert
      description: Given a GitHub code scanning alert ID and repository, create a Jira security issue for remediation and notify the AppSec team in Teams.
      inputParameters:
      - name: repo_name
        in: body
        type: string
        description: The GitHub repository in org/repo format.
      - name: alert_number
        in: body
        type: integer
        description: The GitHub code scanning alert number.
      - name: alert_severity
        in: body
        type: string
        description: 'Alert severity: critical, high, medium, or low.'
      - name: rule_description
        in: body
        type: string
        description: The code scanning rule description.
      steps:
      - name: get-alert
        type: call
        call: github.get-code-scanning-alert
        with:
          repo: '{{repo_name}}'
          alert_number: '{{alert_number}}'
      - name: create-security-issue
        type: call
        call: jira-appsec.create-issue
        with:
          project_key: SEC
          issuetype: Security Vulnerability
          summary: '[{{alert_severity}}] {{rule_description}} in {{repo_name}}'
          description: 'GitHub alert #{{alert_number}} in {{repo_name}}. Rule: {{rule_description}}. File: {{get-alert.file_path}}.'
      - name: notify-appsec
        type: call
        call: msteams-appsec.post-channel-message
        with:
          channel_id: appsec-alerts
          message: 'Code Scan Alert: {{repo_name}} | {{alert_severity}} | {{rule_description}} | Jira: {{create-security-issue.key}}'
  consumes:
  - type: http
    namespace: github
    baseUri: https://api.github.com
    authentication:
      type: bearer
      token: $secrets.github_token
    resources:
    - name: code-scanning-alerts
      path: /repos/{{repo}}/code-scanning/alerts/{{alert_number}}
      inputParameters:
      - name: repo
        in: path
      - name: alert_number
        in: path
      operations:
      - name: get-code-scanning-alert
        method: GET
  - type: http
    namespace: jira-appsec
    baseUri: https://amgen.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-appsec
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Retrieves the current development phase and key milestones for a drug molecule in the pipeline tracking system.

naftiko: '0.5'
info:
  label: Drug Molecule Pipeline Status Lookup
  description: Retrieves the current development phase and key milestones for a drug molecule in the pipeline tracking system.
  tags:
  - rd
  - clinical
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: pipeline-tracker
    port: 8080
    tools:
    - name: get-molecule-status
      description: Given a molecule ID, return the development phase, next milestone, and projected timeline. Use when R&D leadership needs pipeline visibility.
      inputParameters:
      - name: molecule_id
        in: body
        type: string
        description: Internal molecule identifier.
      call: snowflake.execute-query
      with:
        query_name: molecule_pipeline_status
        params: '{{molecule_id}}'
      outputParameters:
      - name: phase
        type: string
        mapping: $.data[0].phase
      - name: next_milestone
        type: string
        mapping: $.data[0].next_milestone
      - name: projected_date
        type: string
        mapping: $.data[0].projected_date
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

Generates a daily sprint status digest from Jira, summarizing completed, in-progress, and blocked issues, then posts it to the engineering Teams channel.

naftiko: '0.5'
info:
  label: Jira Sprint Digest Report
  description: Generates a daily sprint status digest from Jira, summarizing completed, in-progress, and blocked issues, then posts it to the engineering Teams channel.
  tags:
  - devops
  - jira
  - reporting
  - sprint
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: sprint-reporting
    port: 8080
    tools:
    - name: digest-sprint-status
      description: Given a Jira project key and sprint name, fetch all sprint issues and post a summary digest to the engineering Teams channel. Use for daily stand-up prep and sprint reviews.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: The Jira project key, e.g. ENG or BIONF.
      - name: sprint_name
        in: body
        type: string
        description: The Jira sprint name to summarize.
      - name: teams_channel_id
        in: body
        type: string
        description: The Teams channel ID to post the digest to.
      steps:
      - name: get-sprint-issues
        type: call
        call: jira-sprint.search-issues
        with:
          jql: project = {{project_key}} AND sprint = '{{sprint_name}}'
      - name: post-digest
        type: call
        call: msteams-sprint.post-channel-message
        with:
          channel_id: '{{teams_channel_id}}'
          message: 'Sprint Digest — {{project_key}} / {{sprint_name}}: Total: {{get-sprint-issues.total}} | Done: {{get-sprint-issues.done_count}} | In Progress: {{get-sprint-issues.inprogress_count}} | Blocked: {{get-sprint-issues.blocked_count}}'
  consumes:
  - type: http
    namespace: jira-sprint
    baseUri: https://amgen.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /search
      operations:
      - name: search-issues
        method: GET
        inputParameters:
        - name: jql
          in: query
  - type: http
    namespace: msteams-sprint
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Creates a ServiceNow change request for infrastructure changes, routes it to the CAB board, and notifies requestors in Teams upon approval or rejection.

naftiko: '0.5'
info:
  label: Change Management Approval Workflow
  description: Creates a ServiceNow change request for infrastructure changes, routes it to the CAB board, and notifies requestors in Teams upon approval or rejection.
  tags:
  - itsm
  - change-management
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: change-mgmt
    port: 8080
    tools:
    - name: create-change-request
      description: Given change details, create a ServiceNow change request and notify the requestor in Teams. Use for any infrastructure or application change requiring CAB approval.
      inputParameters:
      - name: short_description
        in: body
        type: string
        description: Brief description of the change, e.g. Upgrade Kubernetes cluster to v1.30.
      - name: change_type
        in: body
        type: string
        description: 'Change type: normal, standard, or emergency.'
      - name: risk_level
        in: body
        type: string
        description: 'Risk level: low, medium, high, or critical.'
      - name: requestor_upn
        in: body
        type: string
        description: The UPN of the change requestor for Teams notification.
      steps:
      - name: create-cr
        type: call
        call: servicenow-chg.create-change
        with:
          short_description: '{{short_description}}'
          type: '{{change_type}}'
          risk: '{{risk_level}}'
          assignment_group: CAB
      - name: notify-requestor
        type: call
        call: msteams-chg.send-message
        with:
          recipient_upn: '{{requestor_upn}}'
          message: 'Your change request has been submitted: {{create-cr.number}}. Type: {{change_type}}. Risk: {{risk_level}}. Pending CAB review.'
  consumes:
  - type: http
    namespace: servicenow-chg
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: change-requests
      path: /table/change_request
      operations:
      - name: create-change
        method: POST
  - type: http
    namespace: msteams-chg
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the status of regulatory submission documents from Veeva Vault and cross-references open action items in ServiceNow for a given regulatory filing.

naftiko: '0.5'
info:
  label: Regulatory Submission Document Tracker
  description: Retrieves the status of regulatory submission documents from Veeva Vault and cross-references open action items in ServiceNow for a given regulatory filing.
  tags:
  - regulatory
  - veeva
  - servicenow
  - compliance
capability:
  exposes:
  - type: mcp
    namespace: regulatory-ops
    port: 8080
    tools:
    - name: get-submission-status
      description: Given a Veeva Vault document ID for a regulatory submission, retrieve document status and cross-reference any open ServiceNow action items. Use for regulatory filing status checks.
      inputParameters:
      - name: vault_doc_id
        in: body
        type: string
        description: The Veeva Vault document ID for the regulatory submission.
      steps:
      - name: get-vault-doc
        type: call
        call: veeva-vault.get-document
        with:
          doc_id: '{{vault_doc_id}}'
      - name: get-action-items
        type: call
        call: servicenow-reg.query-tasks
        with:
          correlation_id: '{{vault_doc_id}}'
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://amgen.veevavault.com/api/v23.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /objects/documents/{{doc_id}}
      inputParameters:
      - name: doc_id
        in: path
      operations:
      - name: get-document
        method: GET
  - type: http
    namespace: servicenow-reg
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/task
      operations:
      - name: query-tasks
        method: GET

Tracks cell line development milestones by querying the LIMS for clone data, updating Jira tasks, and notifying the cell biology team.

naftiko: '0.5'
info:
  label: Cell Line Development Tracking Orchestration
  description: Tracks cell line development milestones by querying the LIMS for clone data, updating Jira tasks, and notifying the cell biology team.
  tags:
  - rd
  - manufacturing
  - jira
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: cell-line-dev
    port: 8080
    tools:
    - name: update-cell-line-status
      description: Given a cell line ID, query clone selection data, update Jira, and notify the team. Use when cell biology reaches development milestones.
      inputParameters:
      - name: cell_line_id
        in: body
        type: string
        description: Cell line identifier.
      steps:
      - name: get-clone-data
        type: call
        call: snowflake.execute-query
        with:
          query_name: cell_line_clone_data
          params: '{{cell_line_id}}'
      - name: update-jira
        type: call
        call: jira.update-issue
        with:
          issue_key: CLD-{{cell_line_id}}
          status: '{{get-clone-data.current_stage}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: cell-biology
          text: 'Cell line {{cell_line_id}} update: Stage {{get-clone-data.current_stage}}. Top clone titer: {{get-clone-data.top_titer}} g/L.'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: jira
    baseUri: https://amgen.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue/{{issue_key}}
      inputParameters:
      - name: issue_key
        in: path
      operations:
      - name: update-issue
        method: PUT
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the current GxP validation status for a regulated system from ServiceNow, returning validation lifecycle details for compliance reporting.

naftiko: '0.5'
info:
  label: GxP System Validation Status Check
  description: Retrieves the current GxP validation status for a regulated system from ServiceNow, returning validation lifecycle details for compliance reporting.
  tags:
  - compliance
  - gxp
  - validation
  - servicenow
  - regulatory
capability:
  exposes:
  - type: mcp
    namespace: gxp-compliance
    port: 8080
    tools:
    - name: get-system-validation-status
      description: Given a GxP system name or CMDB CI ID, retrieve its current validation status, last qualification date, and next revalidation due date from ServiceNow.
      inputParameters:
      - name: system_ci_id
        in: body
        type: string
        description: The ServiceNow CMDB configuration item ID for the GxP system.
      call: servicenow-gxp.get-ci
      with:
        ci_id: '{{system_ci_id}}'
      outputParameters:
      - name: system_name
        type: string
        mapping: $.result.name
      - name: validation_status
        type: string
        mapping: $.result.u_validation_status
      - name: last_qualified
        type: string
        mapping: $.result.u_last_qualified_date
      - name: next_revalidation
        type: string
        mapping: $.result.u_next_revalidation_date
  consumes:
  - type: http
    namespace: servicenow-gxp
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: cmdb-ci
      path: /table/cmdb_ci/{{ci_id}}
      inputParameters:
      - name: ci_id
        in: path
      operations:
      - name: get-ci
        method: GET

Manages drug product lot release by checking QC results, verifying stability data, generating the certificate of analysis, and notifying distribution.

naftiko: '0.5'
info:
  label: Drug Product Lot Release Orchestration
  description: Manages drug product lot release by checking QC results, verifying stability data, generating the certificate of analysis, and notifying distribution.
  tags:
  - quality
  - manufacturing
  - sap
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: lot-release
    port: 8080
    tools:
    - name: release-drug-product-lot
      description: Given a batch number and product code, verify QC, check stability, create CoA, and notify distribution. Use when QA releases a drug product lot.
      inputParameters:
      - name: batch_number
        in: body
        type: string
        description: Batch number.
      - name: product_code
        in: body
        type: string
        description: Drug product code.
      steps:
      - name: get-qc-results
        type: call
        call: sap-erp.get-inspection
        with:
          batch: '{{batch_number}}'
          material: '{{product_code}}'
      - name: release-batch
        type: call
        call: sap-erp.release-batch
        with:
          batch: '{{batch_number}}'
          status: released
      - name: create-coa-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'CoA: Batch {{batch_number}} - {{product_code}}'
          category: quality_release
          assigned_group: Quality_Assurance
      - name: notify-distribution
        type: call
        call: msteams.send-message
        with:
          channel_id: drug-product-distribution
          text: 'Lot {{batch_number}} ({{product_code}}) released. QC: {{get-qc-results.result}}. CoA task: {{create-coa-task.number}}'
  consumes:
  - type: http
    namespace: sap-erp
    baseUri: https://amgen-s4.sap.com/sap/opu/odata/sap/QM_INSPECTION_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: inspections
      path: /A_InspectionResult
      operations:
      - name: get-inspection
        method: GET
    - name: batches
      path: /A_BatchRelease
      operations:
      - name: release-batch
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Retrieves the current status of an Investigational New Drug application from the regulatory tracking system by IND number.

naftiko: '0.5'
info:
  label: FDA IND Submission Status Lookup
  description: Retrieves the current status of an Investigational New Drug application from the regulatory tracking system by IND number.
  tags:
  - regulatory
  - clinical
  - veeva-vault
capability:
  exposes:
  - type: mcp
    namespace: regulatory-submissions
    port: 8080
    tools:
    - name: get-ind-status
      description: Given an IND number, return the current review status, FDA division, and expected response date. Use when regulatory affairs checks IND submission progress.
      inputParameters:
      - name: ind_number
        in: body
        type: string
        description: FDA IND application number.
      call: veeva-vault.get-submission
      with:
        ind_number: '{{ind_number}}'
      outputParameters:
      - name: status
        type: string
        mapping: $.data.status
      - name: fda_division
        type: string
        mapping: $.data.review_division
      - name: expected_response
        type: string
        mapping: $.data.target_date
  consumes:
  - type: http
    namespace: veeva-vault
    baseUri: https://amgen-regulatory.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: submissions
      path: /objects/submission__c/{{ind_number}}
      inputParameters:
      - name: ind_number
        in: path
      operations:
      - name: get-submission
        method: GET

When protein characterization experiments complete, ingests analytical results into Snowflake, validates data quality, and notifies the R&D team.

naftiko: '0.5'
info:
  label: Protein Characterization Data Pipeline
  description: When protein characterization experiments complete, ingests analytical results into Snowflake, validates data quality, and notifies the R&D team.
  tags:
  - rd
  - analytics
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: protein-analytics
    port: 8080
    tools:
    - name: process-characterization-data
      description: Given an experiment ID and data path, ingest results, validate quality, and notify researchers. Use when analytical lab completes protein characterization.
      inputParameters:
      - name: experiment_id
        in: body
        type: string
        description: Experiment identifier.
      - name: data_path
        in: body
        type: string
        description: S3 path to results file.
      steps:
      - name: ingest-data
        type: call
        call: snowflake.execute-query
        with:
          query_name: ingest_protein_characterization
          params: '{{experiment_id}},{{data_path}}'
      - name: validate-quality
        type: call
        call: snowflake.execute-query
        with:
          query_name: validate_analytical_quality
          params: '{{experiment_id}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: rd-analytical
          text: 'Protein characterization {{experiment_id}} processed. Quality: {{validate-quality.pass_rate}}% pass.'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a Snowflake data quality check fails, creates a Jira data quality issue and notifies the data engineering team via Microsoft Teams.

naftiko: '0.5'
info:
  label: Snowflake Data Quality Alert
  description: When a Snowflake data quality check fails, creates a Jira data quality issue and notifies the data engineering team via Microsoft Teams.
  tags:
  - data
  - analytics
  - snowflake
  - jira
  - data-quality
capability:
  exposes:
  - type: mcp
    namespace: data-quality
    port: 8080
    tools:
    - name: handle-data-quality-failure
      description: Given a Snowflake data quality check failure for a specific table, open a Jira data quality issue and notify the data engineering team in Teams.
      inputParameters:
      - name: table_name
        in: body
        type: string
        description: The fully qualified Snowflake table name that failed the quality check.
      - name: check_name
        in: body
        type: string
        description: The name of the data quality check that failed.
      - name: failure_detail
        in: body
        type: string
        description: Description of what failed and relevant metrics.
      steps:
      - name: create-dq-issue
        type: call
        call: jira-dq.create-issue
        with:
          project_key: DATA
          issuetype: Bug
          summary: '[DQ Failure] {{table_name}} — {{check_name}}'
          description: 'Data quality check {{check_name}} failed on table {{table_name}}. Detail: {{failure_detail}}.'
      - name: notify-data-team
        type: call
        call: msteams-dq.post-channel-message
        with:
          channel_id: data-engineering-alerts
          message: 'Data Quality Failure: {{table_name}} | Check: {{check_name}} | Jira: {{create-dq-issue.key}}'
  consumes:
  - type: http
    namespace: jira-dq
    baseUri: https://amgen.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-dq
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Orchestrates PK data analysis by extracting concentration data from Snowflake, running noncompartmental analysis, generating reports, and notifying the clinical pharmacology team.

naftiko: '0.5'
info:
  label: Pharmacokinetics Data Analysis Orchestration
  description: Orchestrates PK data analysis by extracting concentration data from Snowflake, running noncompartmental analysis, generating reports, and notifying the clinical pharmacology team.
  tags:
  - clinical
  - rd
  - analytics
  - snowflake
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: pk-analysis
    port: 8080
    tools:
    - name: run-pk-analysis
      description: Given a study ID and analyte, extract PK data, run NCA, generate report, and notify team. Use when clinical pharmacology performs PK analysis.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      - name: analyte
        in: body
        type: string
        description: Analyte name.
      steps:
      - name: extract-pk-data
        type: call
        call: snowflake.execute-query
        with:
          query_name: extract_pk_concentrations
          params: '{{study_id}},{{analyte}}'
      - name: run-nca
        type: call
        call: snowflake.execute-query
        with:
          query_name: pk_nca_analysis
          params: '{{study_id}},{{analyte}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: clinical-pharmacology
          text: 'PK analysis complete for {{study_id}} - {{analyte}}. Cmax: {{run-nca.cmax}}. AUC: {{run-nca.auc}}. Half-life: {{run-nca.half_life}}h.'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When an employee termination is recorded in Workday, revokes Microsoft 365 access, closes all open ServiceNow tickets assigned to the user, and notifies the HR business partner via Teams.

naftiko: '0.5'
info:
  label: Employee Offboarding Workflow
  description: When an employee termination is recorded in Workday, revokes Microsoft 365 access, closes all open ServiceNow tickets assigned to the user, and notifies the HR business partner via Teams.
  tags:
  - hr
  - offboarding
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-offboarding
    port: 8080
    tools:
    - name: trigger-employee-offboarding
      description: Given a Workday employee ID and termination date, revoke Microsoft 365 licenses, disable the Azure AD account, close open ServiceNow tickets, and alert the HR business partner in Teams.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: The Workday worker ID for the departing employee.
      - name: termination_date
        in: body
        type: string
        description: The effective termination date in ISO 8601 format.
      - name: hr_bp_upn
        in: body
        type: string
        description: The UPN of the HR business partner to notify, e.g. jsmith@amgen.com.
      steps:
      - name: get-worker
        type: call
        call: workday-off.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: disable-account
        type: call
        call: msgraph-off.disable-user
        with:
          user_principal_name: '{{get-worker.work_email}}'
      - name: revoke-licenses
        type: call
        call: msgraph-off.remove-license
        with:
          user_principal_name: '{{get-worker.work_email}}'
      - name: notify-hr-bp
        type: call
        call: msteams-off.send-message
        with:
          recipient_upn: '{{hr_bp_upn}}'
          message: 'Offboarding complete for {{get-worker.full_name}} (termination: {{termination_date}}). M365 access revoked.'
  consumes:
  - type: http
    namespace: workday-off
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /amgen/workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: msgraph-off
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: users
      path: /users/{{user_principal_name}}
      inputParameters:
      - name: user_principal_name
        in: path
      operations:
      - name: disable-user
        method: PATCH
      - name: remove-license
        method: POST
  - type: http
    namespace: msteams-off
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Submits a clinical study report from Veeva Vault to OpenAI for summarization and stores the structured summary back in SharePoint for regulatory affairs teams.

naftiko: '0.5'
info:
  label: AI Document Summarization for Clinical Reports
  description: Submits a clinical study report from Veeva Vault to OpenAI for summarization and stores the structured summary back in SharePoint for regulatory affairs teams.
  tags:
  - ai
  - clinical-trials
  - veeva
  - openai
  - sharepoint
capability:
  exposes:
  - type: mcp
    namespace: ai-clinical
    port: 8080
    tools:
    - name: summarize-clinical-report
      description: Given a Veeva Vault document ID for a clinical report, retrieve the document, submit it to OpenAI for a structured summary, and store the result in SharePoint.
      inputParameters:
      - name: vault_doc_id
        in: body
        type: string
        description: The Veeva Vault document ID for the clinical study report.
      - name: sharepoint_site_id
        in: body
        type: string
        description: The SharePoint site ID where the summary should be stored.
      steps:
      - name: get-vault-document
        type: call
        call: veeva-ai.get-document
        with:
          doc_id: '{{vault_doc_id}}'
      - name: generate-summary
        type: call
        call: openai.create-completion
        with:
          model: gpt-4o
          prompt: 'Summarize the following clinical study report in structured format with sections for Objective, Methods, Results, and Conclusion: {{get-vault-document.content}}'
      - name: store-summary
        type: call
        call: sharepoint-ai.create-file
        with:
          site_id: '{{sharepoint_site_id}}'
          file_name: summary_{{vault_doc_id}}.txt
          content: '{{generate-summary.text}}'
  consumes:
  - type: http
    namespace: veeva-ai
    baseUri: https://amgen.veevavault.com/api/v23.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: documents
      path: /objects/documents/{{doc_id}}
      inputParameters:
      - name: doc_id
        in: path
      operations:
      - name: get-document
        method: GET
  - type: http
    namespace: openai
    baseUri: https://api.openai.com/v1
    authentication:
      type: bearer
      token: $secrets.openai_api_key
    resources:
    - name: completions
      path: /chat/completions
      operations:
      - name: create-completion
        method: POST
  - type: http
    namespace: sharepoint-ai
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: drive-items
      path: /sites/{{site_id}}/drive/items/root:/{{file_name}}:/content
      inputParameters:
      - name: site_id
        in: path
      - name: file_name
        in: path
      operations:
      - name: create-file
        method: PUT

Monitors drug product stability studies by checking timepoint results, flagging out-of-trend data, and notifying the stability team.

naftiko: '0.5'
info:
  label: Stability Study Monitoring Orchestration
  description: Monitors drug product stability studies by checking timepoint results, flagging out-of-trend data, and notifying the stability team.
  tags:
  - quality
  - rd
  - manufacturing
  - snowflake
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: stability-monitoring
    port: 8080
    tools:
    - name: check-stability-timepoint
      description: Given a stability protocol ID and timepoint, check results, flag trends, and notify team. Use when stability lab reports new timepoint data.
      inputParameters:
      - name: protocol_id
        in: body
        type: string
        description: Stability protocol identifier.
      - name: timepoint
        in: body
        type: string
        description: Timepoint in months.
      steps:
      - name: get-results
        type: call
        call: snowflake.execute-query
        with:
          query_name: stability_timepoint_results
          params: '{{protocol_id}},{{timepoint}}'
      - name: check-trends
        type: call
        call: snowflake.execute-query
        with:
          query_name: stability_trend_analysis
          params: '{{protocol_id}}'
      - name: notify-team
        type: call
        call: msteams.send-message
        with:
          channel_id: stability-studies
          text: 'Stability {{protocol_id}} T={{timepoint}}mo: All specs met: {{get-results.all_pass}}. Trend alert: {{check-trends.trend_flag}}.'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When an AWS cost anomaly is detected, annotates the event in Datadog, opens a ServiceNow ticket for FinOps review, and posts a summary to the finance alerts Teams channel.

naftiko: '0.5'
info:
  label: Cloud Cost Anomaly Responder
  description: When an AWS cost anomaly is detected, annotates the event in Datadog, opens a ServiceNow ticket for FinOps review, and posts a summary to the finance alerts Teams channel.
  tags:
  - finops
  - cloud
  - aws
  - datadog
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: cloud-finops
    port: 8080
    tools:
    - name: handle-cost-anomaly
      description: Given an AWS cost anomaly ID, affected service, and estimated overage, create a Datadog event annotation, open a ServiceNow FinOps ticket, and notify the finance channel in Teams.
      inputParameters:
      - name: anomaly_id
        in: body
        type: string
        description: The AWS Cost Anomaly Detection anomaly ID.
      - name: aws_service
        in: body
        type: string
        description: The AWS service generating the anomaly, e.g. EC2, S3, RDS.
      - name: estimated_overage_usd
        in: body
        type: number
        description: Estimated dollar overage detected.
      - name: business_unit
        in: body
        type: string
        description: The Amgen business unit owning the AWS account.
      steps:
      - name: annotate-datadog
        type: call
        call: datadog-finops.create-event
        with:
          title: 'AWS Cost Anomaly: {{aws_service}}'
          text: 'Anomaly {{anomaly_id}} — estimated overage: ${{estimated_overage_usd}} — BU: {{business_unit}}'
          alert_type: warning
      - name: create-finops-ticket
        type: call
        call: servicenow-finops.create-incident
        with:
          short_description: AWS cost anomaly on {{aws_service}} — ${{estimated_overage_usd}} overage
          description: 'Anomaly {{anomaly_id}} on {{aws_service}} for {{business_unit}}. Datadog event: {{annotate-datadog.id}}.'
          assignment_group: FinOps
      - name: notify-finance
        type: call
        call: msteams-finops.post-channel-message
        with:
          channel_id: cloud-finance-alerts
          message: 'AWS Cost Anomaly: {{aws_service}} | Overage: ${{estimated_overage_usd}} | BU: {{business_unit}} | Ticket: {{create-finops-ticket.number}}'
  consumes:
  - type: http
    namespace: datadog-finops
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: servicenow-finops
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-finops
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When a vendor invoice is received in SAP Ariba, validates it against the SAP purchase order, routes it for approval via ServiceNow, and notifies the finance team in Teams.

naftiko: '0.5'
info:
  label: Invoice Processing and Approval
  description: When a vendor invoice is received in SAP Ariba, validates it against the SAP purchase order, routes it for approval via ServiceNow, and notifies the finance team in Teams.
  tags:
  - finance
  - procurement
  - sap-ariba
  - servicenow
  - invoice-processing
capability:
  exposes:
  - type: mcp
    namespace: finance-ap
    port: 8080
    tools:
    - name: process-vendor-invoice
      description: Given an Ariba invoice ID and SAP PO number, validate the invoice against the PO in SAP, create a ServiceNow approval task, and notify the finance team in Microsoft Teams.
      inputParameters:
      - name: ariba_invoice_id
        in: body
        type: string
        description: The SAP Ariba invoice identifier.
      - name: po_number
        in: body
        type: string
        description: The SAP purchase order number to validate against.
      - name: vendor_name
        in: body
        type: string
        description: The vendor name for notification context.
      steps:
      - name: get-invoice
        type: call
        call: sap-ariba.get-invoice
        with:
          invoice_id: '{{ariba_invoice_id}}'
      - name: validate-po
        type: call
        call: sap-po.get-po
        with:
          po_number: '{{po_number}}'
      - name: create-approval-task
        type: call
        call: servicenow-ap.create-task
        with:
          short_description: 'Invoice approval: {{vendor_name}} - {{ariba_invoice_id}}'
          description: 'Invoice {{ariba_invoice_id}} from {{vendor_name}} against PO {{po_number}}. Amount: {{get-invoice.total_amount}} {{get-invoice.currency}}.'
          assignment_group: Finance_AP
      - name: notify-finance
        type: call
        call: msteams-ap.send-message
        with:
          recipient_upn: finance-ap@amgen.com
          message: 'Invoice {{ariba_invoice_id}} from {{vendor_name}} pending approval. PO: {{po_number}}. Task: {{create-approval-task.number}}.'
  consumes:
  - type: http
    namespace: sap-ariba
    baseUri: https://openapi.ariba.com/api/invoice/v1
    authentication:
      type: bearer
      token: $secrets.ariba_token
    resources:
    - name: invoices
      path: /invoices/{{invoice_id}}
      inputParameters:
      - name: invoice_id
        in: path
      operations:
      - name: get-invoice
        method: GET
  - type: http
    namespace: sap-po
    baseUri: https://amgen-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: purchase-orders
      path: /A_PurchaseOrder('{{po_number}}')
      inputParameters:
      - name: po_number
        in: path
      operations:
      - name: get-po
        method: GET
  - type: http
    namespace: servicenow-ap
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams-ap
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

Generates a competitive intelligence report on biosimilar market activity by querying Snowflake analytics for patent expirations, competitor filings, and market share data.

naftiko: '0.5'
info:
  label: Biosimilar Competitive Intelligence Report
  description: Generates a competitive intelligence report on biosimilar market activity by querying Snowflake analytics for patent expirations, competitor filings, and market share data.
  tags:
  - commercial
  - analytics
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: competitive-intel
    port: 8080
    tools:
    - name: get-biosimilar-report
      description: Given a therapeutic area and molecule name, return competitive landscape data including biosimilar filings, patent status, and market share. Use when commercial strategy needs competitive intelligence.
      inputParameters:
      - name: therapeutic_area
        in: body
        type: string
        description: Therapeutic area, e.g. 'oncology', 'inflammation'.
      - name: molecule_name
        in: body
        type: string
        description: Reference molecule name.
      call: snowflake.execute-query
      with:
        query_name: biosimilar_competitive_report
        params: '{{therapeutic_area}},{{molecule_name}}'
      outputParameters:
      - name: biosimilar_count
        type: integer
        mapping: $.data[0].biosimilar_count
      - name: market_share
        type: number
        mapping: $.data[0].originator_market_share
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: statements
      path: /statements
      operations:
      - name: execute-query
        method: POST

Monitors bioreactor fermentation parameters and when out-of-spec conditions occur, creates a deviation, alerts manufacturing, and logs data in the process historian.

naftiko: '0.5'
info:
  label: Bioprocess Fermentation Monitoring Orchestration
  description: Monitors bioreactor fermentation parameters and when out-of-spec conditions occur, creates a deviation, alerts manufacturing, and logs data in the process historian.
  tags:
  - manufacturing
  - quality
  - servicenow
  - sap
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: bioprocess-monitoring
    port: 8080
    tools:
    - name: handle-fermentation-excursion
      description: Given a bioreactor ID, parameter name, and measured value, create a deviation, alert the team, and log data. Use when bioreactor monitoring detects out-of-spec conditions.
      inputParameters:
      - name: bioreactor_id
        in: body
        type: string
        description: Bioreactor identifier.
      - name: parameter_name
        in: body
        type: string
        description: 'Parameter name: pH, dissolved_oxygen, temperature, agitation.'
      - name: measured_value
        in: body
        type: string
        description: The measured out-of-spec value.
      steps:
      - name: create-deviation
        type: call
        call: servicenow.create-deviation
        with:
          description: 'Fermentation excursion: {{parameter_name}} = {{measured_value}} at bioreactor {{bioreactor_id}}'
          area: bioprocess
          priority: '2'
      - name: log-event
        type: call
        call: sap-erp.create-process-event
        with:
          equipment: '{{bioreactor_id}}'
          parameter: '{{parameter_name}}'
          value: '{{measured_value}}'
      - name: alert-team
        type: call
        call: msteams.send-message
        with:
          channel_id: bioprocess-ops
          text: 'ALERT: Bioreactor {{bioreactor_id}} - {{parameter_name}} excursion: {{measured_value}}. Deviation: {{create-deviation.number}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: deviations
      path: /table/u_deviation
      operations:
      - name: create-deviation
        method: POST
  - type: http
    namespace: sap-erp
    baseUri: https://amgen-s4.sap.com/sap/opu/odata/sap/PP_PROCESS_SRV
    authentication:
      type: basic
      username: $secrets.sap_user
      password: $secrets.sap_password
    resources:
    - name: events
      path: /A_ProcessEvent
      operations:
      - name: create-process-event
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a complex ServiceNow incident is created, submits the incident description to OpenAI for AI-assisted triage categorization and recommended resolution steps, updating the ticket with the analysis.

naftiko: '0.5'
info:
  label: Intelligent Incident Triage with OpenAI
  description: When a complex ServiceNow incident is created, submits the incident description to OpenAI for AI-assisted triage categorization and recommended resolution steps, updating the ticket with the analysis.
  tags:
  - ai
  - itsm
  - servicenow
  - openai
  - incident-response
capability:
  exposes:
  - type: mcp
    namespace: ai-triage
    port: 8080
    tools:
    - name: triage-incident-with-ai
      description: Given a ServiceNow incident number, retrieve the incident, submit to OpenAI for root cause and resolution recommendations, and update the ServiceNow record with the AI analysis.
      inputParameters:
      - name: incident_number
        in: body
        type: string
        description: The ServiceNow incident number, e.g. INC0012345.
      steps:
      - name: get-incident
        type: call
        call: servicenow-ai.get-incident
        with:
          number: '{{incident_number}}'
      - name: analyze-incident
        type: call
        call: openai-triage.create-completion
        with:
          model: gpt-4o
          prompt: 'Analyze this IT incident and provide: 1) Probable root cause, 2) Recommended resolution steps, 3) Priority suggestion. Incident: {{get-incident.short_description}} — {{get-incident.description}}'
      - name: update-incident
        type: call
        call: servicenow-ai.update-incident
        with:
          number: '{{incident_number}}'
          work_notes: 'AI Triage Analysis: {{analyze-incident.text}}'
  consumes:
  - type: http
    namespace: servicenow-ai
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: get-incident
        method: GET
        inputParameters:
        - name: number
          in: query
      - name: update-incident
        method: PATCH
  - type: http
    namespace: openai-triage
    baseUri: https://api.openai.com/v1
    authentication:
      type: bearer
      token: $secrets.openai_api_key
    resources:
    - name: completions
      path: /chat/completions
      operations:
      - name: create-completion
        method: POST

Retrieves employer brand and talent pipeline metrics from LinkedIn.

naftiko: '0.5'
info:
  label: LinkedIn Talent Pipeline Report
  description: Retrieves employer brand and talent pipeline metrics from LinkedIn.
  tags:
  - hr
  - marketing
  - linkedin
capability:
  exposes:
  - type: mcp
    namespace: employer-brand
    port: 8080
    tools:
    - name: get-talent-metrics
      description: Return LinkedIn follower count, engagement rate, and talent pipeline size. Use when HR needs employer brand data.
      inputParameters:
      - name: time_period
        in: body
        type: string
        description: Reporting period.
      call: linkedin.get-organization-stats
      with:
        period: '{{time_period}}'
      outputParameters:
      - name: follower_count
        type: integer
        mapping: $.data.followerCount
      - name: engagement_rate
        type: number
        mapping: $.data.engagementRate
  consumes:
  - type: http
    namespace: linkedin
    baseUri: https://api.linkedin.com/v2
    authentication:
      type: bearer
      token: $secrets.linkedin_token
    resources:
    - name: stats
      path: /organizationPageStatistics
      operations:
      - name: get-organization-stats
        method: GET

Searches Amgen SharePoint document libraries by keyword.

naftiko: '0.5'
info:
  label: SharePoint Document Search
  description: Searches Amgen SharePoint document libraries by keyword.
  tags:
  - documentation
  - collaboration
  - sharepoint
capability:
  exposes:
  - type: mcp
    namespace: doc-search
    port: 8080
    tools:
    - name: search-sharepoint
      description: Given a search query, return matching documents with titles and links. Use when employees search SharePoint.
      inputParameters:
      - name: query
        in: body
        type: string
        description: Search keywords.
      call: sharepoint.search
      with:
        querytext: '{{query}}'
      outputParameters:
      - name: result_count
        type: integer
        mapping: $.PrimaryQueryResult.RelevantResults.TotalRows
  consumes:
  - type: http
    namespace: sharepoint
    baseUri: https://amgen.sharepoint.com/_api
    authentication:
      type: bearer
      token: $secrets.sharepoint_token
    resources:
    - name: search
      path: /search/query?querytext='{{querytext}}'
      inputParameters:
      - name: querytext
        in: query
      operations:
      - name: search
        method: GET

Queries Snowflake for failed or long-running data pipeline tasks and reports their status, enabling data engineering teams to triage issues quickly.

naftiko: '0.5'
info:
  label: Snowflake Data Pipeline Health Check
  description: Queries Snowflake for failed or long-running data pipeline tasks and reports their status, enabling data engineering teams to triage issues quickly.
  tags:
  - data
  - analytics
  - snowflake
  - pipeline-monitoring
capability:
  exposes:
  - type: mcp
    namespace: data-ops
    port: 8080
    tools:
    - name: get-pipeline-task-failures
      description: Query Snowflake task history for failed or suspended pipeline tasks in a given database and schema. Use to triage data engineering issues and SLA breaches.
      inputParameters:
      - name: database_name
        in: body
        type: string
        description: The Snowflake database to query, e.g. AMGEN_ANALYTICS.
      - name: schema_name
        in: body
        type: string
        description: The Snowflake schema to query, e.g. PIPELINES.
      - name: lookback_hours
        in: body
        type: integer
        description: Number of hours to look back in task history, e.g. 24.
      call: snowflake.query-task-history
      with:
        database: '{{database_name}}'
        schema: '{{schema_name}}'
        hours: '{{lookback_hours}}'
      outputParameters:
      - name: failed_tasks
        type: array
        mapping: $.data
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://amgen.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: task-history
      path: /databases/{{database}}/schemas/{{schema}}/tasks/history
      inputParameters:
      - name: database
        in: path
      - name: schema
        in: path
      - name: hours
        in: query
      operations:
      - name: query-task-history
        method: GET

When a serious adverse event is reported for a biologic therapy, logs it in the safety database, notifies pharmacovigilance, creates a regulatory filing task, and updates the CTMS.

naftiko: '0.5'
info:
  label: Biologic Drug Adverse Event Reporting Orchestration
  description: When a serious adverse event is reported for a biologic therapy, logs it in the safety database, notifies pharmacovigilance, creates a regulatory filing task, and updates the CTMS.
  tags:
  - clinical
  - regulatory
  - safety
  - oracle
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: drug-safety
    port: 8080
    tools:
    - name: report-adverse-event
      description: Given a study ID, patient ID, event description, and severity, log the event, alert pharmacovigilance, create filing task, and update CTMS. Use when clinical sites report serious adverse events.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Clinical study identifier.
      - name: patient_id
        in: body
        type: string
        description: Patient subject identifier.
      - name: event_description
        in: body
        type: string
        description: Description of the adverse event.
      - name: severity
        in: body
        type: string
        description: 'Severity: mild, moderate, severe, life-threatening.'
      steps:
      - name: log-safety-event
        type: call
        call: oracle-argus.create-case
        with:
          study_id: '{{study_id}}'
          subject_id: '{{patient_id}}'
          description: '{{event_description}}'
          seriousness: '{{severity}}'
      - name: notify-pharmacovigilance
        type: call
        call: msteams.send-message
        with:
          channel_id: pharmacovigilance
          text: 'SAE Alert - Study {{study_id}}, Patient {{patient_id}}: {{event_description}} ({{severity}}). Argus case: {{log-safety-event.case_number}}'
      - name: create-regulatory-task
        type: call
        call: servicenow.create-task
        with:
          short_description: Regulatory SAE report - {{log-safety-event.case_number}}
          category: regulatory_filing
          priority: '1'
          assigned_group: Drug_Safety
  consumes:
  - type: http
    namespace: oracle-argus
    baseUri: https://amgen-argus.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_argus_token
    resources:
    - name: cases
      path: /cases
      operations:
      - name: create-case
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST

When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Microsoft 365 access, and sends a Microsoft Teams welcome message to the new employee.

naftiko: '0.5'
info:
  label: Employee Onboarding Orchestrator
  description: When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Microsoft 365 access, and sends a Microsoft Teams welcome message to the new employee.
  tags:
  - hr
  - onboarding
  - workday
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: hr-onboarding
    port: 8080
    tools:
    - name: trigger-employee-onboarding
      description: Given a Workday employee ID and start date, orchestrate the full onboarding sequence across ServiceNow, Microsoft Teams, and Microsoft Graph. Creates the onboarding ticket, grants M365 license, and sends a welcome message.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: The Workday worker ID for the new hire, e.g. WD-00123.
      - name: start_date
        in: body
        type: string
        description: The employee start date in ISO 8601 format, e.g. 2026-04-01.
      - name: department
        in: body
        type: string
        description: The business department the new hire is joining, e.g. Research & Development.
      steps:
      - name: get-worker
        type: call
        call: workday.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: create-onboarding-ticket
        type: call
        call: servicenow.create-incident
        with:
          short_description: 'New hire onboarding: {{get-worker.full_name}}'
          category: hr_onboarding
          assignment_group: IT_Onboarding
          caller_id: '{{get-worker.work_email}}'
      - name: provision-m365
        type: call
        call: msgraph.assign-license
        with:
          user_principal_name: '{{get-worker.work_email}}'
          sku_id: enterprisepack
      - name: send-welcome
        type: call
        call: msteams.send-message
        with:
          recipient_upn: '{{get-worker.work_email}}'
          message: Welcome to Amgen, {{get-worker.first_name}}! Your IT onboarding ticket is {{create-onboarding-ticket.number}}. Your Microsoft 365 access has been provisioned.
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /amgen/workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msgraph
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: user-licenses
      path: /users/{{user_principal_name}}/assignLicense
      inputParameters:
      - name: user_principal_name
        in: path
      operations:
      - name: assign-license
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: chats
      path: /users/{{recipient_upn}}/chats
      inputParameters:
      - name: recipient_upn
        in: path
      operations:
      - name: send-message
        method: POST

When a critical Datadog alert fires, creates a ServiceNow incident, posts an alert to the Microsoft Teams ops channel, and pages the on-call engineer.

naftiko: '0.5'
info:
  label: IT Incident Response Chain
  description: When a critical Datadog alert fires, creates a ServiceNow incident, posts an alert to the Microsoft Teams ops channel, and pages the on-call engineer.
  tags:
  - itsm
  - incident-response
  - datadog
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: it-ops
    port: 8080
    tools:
    - name: handle-critical-alert
      description: Given a Datadog alert ID, severity, and affected service, create a ServiceNow incident and notify the IT operations channel in Microsoft Teams. Use when a Datadog monitor reaches critical state.
      inputParameters:
      - name: alert_id
        in: body
        type: string
        description: The Datadog alert or monitor ID.
      - name: severity
        in: body
        type: string
        description: 'Alert severity level: critical, high, medium, or low.'
      - name: service_name
        in: body
        type: string
        description: The name of the affected service or application.
      - name: alert_message
        in: body
        type: string
        description: The alert message body from Datadog.
      steps:
      - name: create-incident
        type: call
        call: servicenow-ops.create-incident
        with:
          short_description: '{{severity}} alert: {{service_name}} - {{alert_id}}'
          description: '{{alert_message}}'
          urgency: '1'
          impact: '1'
          assignment_group: IT_Operations
      - name: post-alert
        type: call
        call: msteams-ops.post-channel-message
        with:
          channel_id: it-ops-alerts
          message: 'INCIDENT: {{severity}} alert on {{service_name}} | Datadog: {{alert_id}} | ServiceNow: {{create-incident.number}}'
  consumes:
  - type: http
    namespace: servicenow-ops
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: incidents
      path: /table/incident
      operations:
      - name: create-incident
        method: POST
  - type: http
    namespace: msteams-ops
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

On a GitHub Actions pipeline failure on a protected branch, opens a Jira bug, creates a Datadog deployment marker, and alerts the engineering team in Microsoft Teams.

naftiko: '0.5'
info:
  label: GitHub CI/CD Pipeline Failure Response
  description: On a GitHub Actions pipeline failure on a protected branch, opens a Jira bug, creates a Datadog deployment marker, and alerts the engineering team in Microsoft Teams.
  tags:
  - devops
  - cicd
  - github
  - jira
  - datadog
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: devops-cicd
    port: 8080
    tools:
    - name: handle-pipeline-failure
      description: Given a GitHub Actions workflow run failure event, create a Datadog deployment marker, open a Jira bug for engineering triage, and alert the engineering channel in Teams.
      inputParameters:
      - name: repo_name
        in: body
        type: string
        description: The GitHub repository name in org/repo format, e.g. amgen/bioinfo-pipeline.
      - name: workflow_name
        in: body
        type: string
        description: The name of the GitHub Actions workflow that failed.
      - name: branch_name
        in: body
        type: string
        description: The branch where the failure occurred.
      - name: commit_sha
        in: body
        type: string
        description: The commit SHA that triggered the workflow.
      - name: run_url
        in: body
        type: string
        description: URL to the failed GitHub Actions workflow run.
      steps:
      - name: create-dd-marker
        type: call
        call: datadog-cicd.create-event
        with:
          title: 'Pipeline failure: {{repo_name}}'
          text: Workflow {{workflow_name}} failed on {{branch_name}} at {{commit_sha}}
          alert_type: error
      - name: create-jira-bug
        type: call
        call: jira.create-issue
        with:
          project_key: ENG
          issuetype: Bug
          summary: '[CI Failure] {{repo_name}} / {{branch_name}} — {{workflow_name}}'
          description: 'Pipeline failure on {{branch_name}}. Commit: {{commit_sha}}. Run: {{run_url}}. Datadog: {{create-dd-marker.id}}.'
      - name: notify-engineering
        type: call
        call: msteams-cicd.post-channel-message
        with:
          channel_id: engineering-alerts
          message: 'Pipeline Failure: {{repo_name}} | Branch: {{branch_name}} | Workflow: {{workflow_name}} | Jira: {{create-jira-bug.key}} | Run: {{run_url}}'
  consumes:
  - type: http
    namespace: datadog-cicd
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apikey
      key: DD-API-KEY
      value: $secrets.datadog_api_key
      placement: header
    resources:
    - name: events
      path: /events
      operations:
      - name: create-event
        method: POST
  - type: http
    namespace: jira
    baseUri: https://amgen.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: issues
      path: /issue
      operations:
      - name: create-issue
        method: POST
  - type: http
    namespace: msteams-cicd
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Generates a Power BI embed token for a specific report and workspace, enabling secure embedding in Amgen's internal portal.

naftiko: '0.5'
info:
  label: Power BI Report Embed Token Generator
  description: Generates a Power BI embed token for a specific report and workspace, enabling secure embedding in Amgen's internal portal.
  tags:
  - data
  - analytics
  - power-bi
  - reporting
capability:
  exposes:
  - type: mcp
    namespace: powerbi-reporting
    port: 8080
    tools:
    - name: get-report-embed-token
      description: Given a Power BI workspace ID and report ID, generate a secure embed token for use in Amgen's internal analytics portal.
      inputParameters:
      - name: workspace_id
        in: body
        type: string
        description: The Power BI workspace (group) ID.
      - name: report_id
        in: body
        type: string
        description: The Power BI report ID to generate a token for.
      call: powerbi.generate-embed-token
      with:
        workspace_id: '{{workspace_id}}'
        report_id: '{{report_id}}'
      outputParameters:
      - name: token
        type: string
        mapping: $.token
      - name: expiration
        type: string
        mapping: $.expiration
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: embed-token
      path: /groups/{{workspace_id}}/reports/{{report_id}}/GenerateToken
      inputParameters:
      - name: workspace_id
        in: path
      - name: report_id
        in: path
      operations:
      - name: generate-embed-token
        method: POST

Manages contract renewals by checking expiring contracts in Ariba, creating renewal tasks, and notifying procurement leadership.

naftiko: '0.5'
info:
  label: SAP Ariba Contract Renewal Orchestration
  description: Manages contract renewals by checking expiring contracts in Ariba, creating renewal tasks, and notifying procurement leadership.
  tags:
  - procurement
  - sap-ariba
  - servicenow
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: contract-renewal
    port: 8080
    tools:
    - name: process-contract-renewal
      description: Given a contract ID, check terms, create renewal task, and notify procurement. Use when contracts approach expiration.
      inputParameters:
      - name: contract_id
        in: body
        type: string
        description: SAP Ariba contract ID.
      steps:
      - name: get-contract
        type: call
        call: ariba.get-contract
        with:
          id: '{{contract_id}}'
      - name: create-renewal-task
        type: call
        call: servicenow.create-task
        with:
          short_description: 'Contract renewal: {{get-contract.title}}'
          category: procurement
          assigned_group: Strategic_Sourcing
          due_date: '{{get-contract.expiry_date}}'
      - name: notify
        type: call
        call: msteams.send-message
        with:
          channel_id: procurement
          text: 'Contract {{contract_id}} expiring {{get-contract.expiry_date}}: {{get-contract.title}}. Task: {{create-renewal-task.number}}'
  consumes:
  - type: http
    namespace: ariba
    baseUri: https://openapi.ariba.com/api/contract-management/v1
    authentication:
      type: bearer
      token: $secrets.ariba_token
    resources:
    - name: contracts
      path: /contracts/{{id}}
      inputParameters:
      - name: id
        in: path
      operations:
      - name: get-contract
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: tasks
      path: /table/sc_task
      operations:
      - name: create-task
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

Uses OpenAI to generate a structured summary of a clinical study report or protocol document.

naftiko: '0.5'
info:
  label: OpenAI Clinical Document Summarization
  description: Uses OpenAI to generate a structured summary of a clinical study report or protocol document.
  tags:
  - clinical
  - ai
  - openai
capability:
  exposes:
  - type: mcp
    namespace: doc-summarization
    port: 8080
    tools:
    - name: summarize-clinical-document
      description: Given document text, generate a structured summary. Use when clinical teams need quick document overviews.
      inputParameters:
      - name: document_text
        in: body
        type: string
        description: Clinical document text.
      call: openai.create-completion
      with:
        model: gpt-4
        prompt: 'Summarize this clinical document: {{document_text}}'
      outputParameters:
      - name: summary
        type: string
        mapping: $.choices[0].message.content
  consumes:
  - type: http
    namespace: openai
    baseUri: https://api.openai.com/v1
    authentication:
      type: bearer
      token: $secrets.openai_api_key
    resources:
    - name: completions
      path: /chat/completions
      operations:
      - name: create-completion
        method: POST

Randomizes a patient into a clinical trial arm by verifying eligibility, executing randomization, updating CTMS, and notifying the site coordinator.

naftiko: '0.5'
info:
  label: Clinical Trial Randomization Orchestration
  description: Randomizes a patient into a clinical trial arm by verifying eligibility, executing randomization, updating CTMS, and notifying the site coordinator.
  tags:
  - clinical
  - rd
  - oracle
  - microsoft-teams
capability:
  exposes:
  - type: mcp
    namespace: trial-randomization
    port: 8080
    tools:
    - name: randomize-patient
      description: Given a study ID, site ID, and patient ID, verify eligibility, randomize, update CTMS, and notify. Use when sites randomize patients into clinical trials.
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: Study identifier.
      - name: site_id
        in: body
        type: string
        description: Site identifier.
      - name: patient_id
        in: body
        type: string
        description: Patient identifier.
      steps:
      - name: verify-eligibility
        type: call
        call: oracle-clinical.check-eligibility
        with:
          study_id: '{{study_id}}'
          patient_id: '{{patient_id}}'
      - name: execute-randomization
        type: call
        call: oracle-clinical.randomize
        with:
          study_id: '{{study_id}}'
          site_id: '{{site_id}}'
          patient_id: '{{patient_id}}'
      - name: notify-site
        type: call
        call: msteams.send-message
        with:
          channel_id: clinical-sites
          text: 'Patient {{patient_id}} randomized in study {{study_id}} at site {{site_id}}. Arm: {{execute-randomization.treatment_arm}}. Kit: {{execute-randomization.kit_number}}.'
  consumes:
  - type: http
    namespace: oracle-clinical
    baseUri: https://amgen-ctms.oracle.com/api/v2
    authentication:
      type: bearer
      token: $secrets.oracle_ctms_token
    resources:
    - name: eligibility
      path: /studies/{{study_id}}/patients/{{patient_id}}/eligibility
      inputParameters:
      - name: study_id
        in: path
      - name: patient_id
        in: path
      operations:
      - name: check-eligibility
        method: GET
    - name: randomization
      path: /studies/{{study_id}}/randomize
      inputParameters:
      - name: study_id
        in: path
      operations:
      - name: randomize
        method: POST
  - type: http
    namespace: msteams
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msteams_token
    resources:
    - name: messages
      path: /teams/{{channel_id}}/channels/general/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: send-message
        method: POST

When a pharmacovigilance signal is flagged in the safety database, creates a ServiceNow case for medical affairs review and notifies the drug safety team in Teams.

naftiko: '0.5'
info:
  label: Drug Safety Signal Notification
  description: When a pharmacovigilance signal is flagged in the safety database, creates a ServiceNow case for medical affairs review and notifies the drug safety team in Teams.
  tags:
  - pharmacovigilance
  - drug-safety
  - servicenow
  - microsoft-teams
  - compliance
capability:
  exposes:
  - type: mcp
    namespace: drug-safety
    port: 8080
    tools:
    - name: notify-safety-signal
      description: Given a drug safety signal ID and product name, create a ServiceNow case for medical affairs review and notify the pharmacovigilance team in Teams.
      inputParameters:
      - name: signal_id
        in: body
        type: string
        description: The pharmacovigilance safety signal identifier.
      - name: product_name
        in: body
        type: string
        description: The Amgen product name associated with the signal.
      - name: signal_type
        in: body
        type: string
        description: The type of safety signal, e.g. adverse_event, labeling_update.
      - name: severity
        in: body
        type: string
        description: 'Signal severity: serious, non-serious.'
      steps:
      - name: create-safety-case
        type: call
        call: servicenow-safety.create-case
        with:
          short_description: 'Safety signal: {{product_name}} — {{signal_type}} ({{severity}})'
          category: pharmacovigilance
          assignment_group: Medical_Affairs
          description: 'Signal ID: {{signal_id}}. Product: {{product_name}}. Type: {{signal_type}}. Severity: {{severity}}.'
      - name: notify-pv-team
        type: call
        call: msteams-safety.post-channel-message
        with:
          channel_id: drug-safety-alerts
          message: 'Safety Signal: {{product_name}} | Type: {{signal_type}} | Severity: {{severity}} | Case: {{create-safety-case.number}}'
  consumes:
  - type: http
    namespace: servicenow-safety
    baseUri: https://amgen.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: cases
      path: /table/sn_customerservice_case
      operations:
      - name: create-case
        method: POST
  - type: http
    namespace: msteams-safety
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

When a new employee joins Amgen, provisions the appropriate Okta application assignments based on their department and role, as defined in Workday.

naftiko: '0.5'
info:
  label: Okta User Access Provisioning
  description: When a new employee joins Amgen, provisions the appropriate Okta application assignments based on their department and role, as defined in Workday.
  tags:
  - identity
  - security
  - okta
  - workday
  - access-management
capability:
  exposes:
  - type: mcp
    namespace: identity-provisioning
    port: 8080
    tools:
    - name: provision-okta-access
      description: Given a Workday employee ID, retrieve their role and department, then assign the appropriate Okta application groups. Use during onboarding or role changes.
      inputParameters:
      - name: workday_employee_id
        in: body
        type: string
        description: The Workday worker ID for the employee.
      - name: okta_user_id
        in: body
        type: string
        description: The Okta user ID for the employee.
      steps:
      - name: get-worker-profile
        type: call
        call: workday-okta.get-worker
        with:
          worker_id: '{{workday_employee_id}}'
      - name: assign-okta-groups
        type: call
        call: okta.assign-group
        with:
          user_id: '{{okta_user_id}}'
          department: '{{get-worker-profile.department}}'
          job_title: '{{get-worker-profile.job_title}}'
  consumes:
  - type: http
    namespace: workday-okta
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers
      path: /amgen/workers/{{worker_id}}
      inputParameters:
      - name: worker_id
        in: path
      operations:
      - name: get-worker
        method: GET
  - type: http
    namespace: okta
    baseUri: https://amgen.okta.com/api/v1
    authentication:
      type: apikey
      key: Authorization
      value: $secrets.okta_api_token
      placement: header
    resources:
    - name: group-members
      path: /groups/{{group_id}}/users/{{user_id}}
      inputParameters:
      - name: group_id
        in: path
      - name: user_id
        in: path
      operations:
      - name: assign-group
        method: PUT

Retrieves the version history of a Veeva Vault regulatory document and checks it against compliance audit requirements, returning a structured audit trail.

naftiko: '0.5'
info:
  label: Veeva Vault Document Version Audit
  description: Retrieves the version history of a Veeva Vault regulatory document and checks it against compliance audit requirements, returning a structured audit trail.
  tags:
  - regulatory
  - compliance
  - veeva
  - audit
capability:
  exposes:
  - type: mcp
    namespace: doc-audit
    port: 8080
    tools:
    - name: audit-document-versions
      description: Given a Veeva Vault document ID, retrieve all version history entries and return a structured audit trail for compliance review.
      inputParameters:
      - name: vault_doc_id
        in: body
        type: string
        description: The Veeva Vault document ID to audit.
      call: veeva-audit.get-document-versions
      with:
        doc_id: '{{vault_doc_id}}'
      outputParameters:
      - name: versions
        type: array
        mapping: $.data
  consumes:
  - type: http
    namespace: veeva-audit
    baseUri: https://amgen.veevavault.com/api/v23.1
    authentication:
      type: bearer
      token: $secrets.veeva_vault_token
    resources:
    - name: document-versions
      path: /objects/documents/{{doc_id}}/versions
      inputParameters:
      - name: doc_id
        in: path
      operations:
      - name: get-document-versions
        method: GET

Creates a new Terraform Cloud workspace for a given project and environment, applies initial variable sets, and notifies the infrastructure team in Teams.

naftiko: '0.5'
info:
  label: Terraform Cloud Workspace Provisioning
  description: Creates a new Terraform Cloud workspace for a given project and environment, applies initial variable sets, and notifies the infrastructure team in Teams.
  tags:
  - cloud
  - infrastructure
  - terraform
  - devops
capability:
  exposes:
  - type: mcp
    namespace: infra-provisioning
    port: 8080
    tools:
    - name: provision-terraform-workspace
      description: Given a project name and environment, create a Terraform Cloud workspace, configure variable sets, and notify the infrastructure team in Teams.
      inputParameters:
      - name: project_name
        in: body
        type: string
        description: The project name for the new workspace, e.g. genomics-pipeline.
      - name: environment
        in: body
        type: string
        description: 'The deployment environment: dev, staging, or prod.'
      - name: terraform_org
        in: body
        type: string
        description: The Terraform Cloud organization name, e.g. amgen.
      steps:
      - name: create-workspace
        type: call
        call: terraform.create-workspace
        with:
          org: '{{terraform_org}}'
          name: '{{project_name}}-{{environment}}'
      - name: notify-infra
        type: call
        call: msteams-tf.post-channel-message
        with:
          channel_id: infrastructure-team
          message: 'Terraform workspace created: {{project_name}}-{{environment}} in org {{terraform_org}}. ID: {{create-workspace.workspace_id}}.'
  consumes:
  - type: http
    namespace: terraform
    baseUri: https://app.terraform.io/api/v2
    authentication:
      type: bearer
      token: $secrets.terraform_token
    resources:
    - name: workspaces
      path: /organizations/{{org}}/workspaces
      inputParameters:
      - name: org
        in: path
      operations:
      - name: create-workspace
        method: POST
  - type: http
    namespace: msteams-tf
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: channel-messages
      path: /teams/{{channel_id}}/channels/messages
      inputParameters:
      - name: channel_id
        in: path
      operations:
      - name: post-channel-message
        method: POST

Retrieves campaign performance metrics from Google Analytics for a specified property and date range, returning sessions, conversions, and bounce rate for marketing analytics.

naftiko: '0.5'
info:
  label: Google Analytics Campaign Performance
  description: Retrieves campaign performance metrics from Google Analytics for a specified property and date range, returning sessions, conversions, and bounce rate for marketing analytics.
  tags:
  - marketing
  - analytics
  - google-analytics
capability:
  exposes:
  - type: mcp
    namespace: marketing-analytics
    port: 8080
    tools:
    - name: get-campaign-metrics
      description: Query Google Analytics for campaign performance metrics. Returns sessions, conversions, bounce rate, and average session duration.
      inputParameters:
      - name: property_id
        in: body
        type: string
        description: The Google Analytics property ID.
      - name: campaign_name
        in: body
        type: string
        description: The campaign name to filter by.
      - name: start_date
        in: body
        type: string
        description: Report start date in YYYY-MM-DD format.
      - name: end_date
        in: body
        type: string
        description: Report end date in YYYY-MM-DD format.
      call: ga.run-report
      with:
        property_id: '{{property_id}}'
        dimensions: sessionCampaignName
        metrics: sessions,conversions,bounceRate
        date_range_start: '{{start_date}}'
        date_range_end: '{{end_date}}'
        filter: '{{campaign_name}}'
      outputParameters:
      - name: sessions
        type: string
        mapping: $.rows[0].metricValues[0].value
      - name: conversions
        type: string
        mapping: $.rows[0].metricValues[1].value
      - name: bounce_rate
        type: string
        mapping: $.rows[0].metricValues[2].value
  consumes:
  - type: http
    namespace: ga
    baseUri: https://analyticsdata.googleapis.com/v1beta
    authentication:
      type: bearer
      token: $secrets.google_analytics_token
    resources:
    - name: reports
      path: /properties/{{property_id}}:runReport
      inputParameters:
      - name: property_id
        in: path
      operations:
      - name: run-report
        method: POST

Triggers a Power BI dataset refresh for a specified workspace and dataset, used by analytics teams to ensure dashboards reflect latest clinical or commercial data.

naftiko: '0.5'
info:
  label: Power BI Dashboard Refresh Trigger
  description: Triggers a Power BI dataset refresh for a specified workspace and dataset, used by analytics teams to ensure dashboards reflect latest clinical or commercial data.
  tags:
  - analytics
  - reporting
  - power-bi
capability:
  exposes:
  - type: mcp
    namespace: analytics-refresh
    port: 8080
    tools:
    - name: refresh-dashboard
      description: Trigger a Power BI dataset refresh by workspace and dataset ID. Returns refresh request status.
      inputParameters:
      - name: workspace_id
        in: body
        type: string
        description: The Power BI workspace (group) ID.
      - name: dataset_id
        in: body
        type: string
        description: The Power BI dataset ID to refresh.
      call: powerbi.trigger-refresh
      with:
        workspace_id: '{{workspace_id}}'
        dataset_id: '{{dataset_id}}'
      outputParameters:
      - name: request_id
        type: string
        mapping: $.requestId
  consumes:
  - type: http
    namespace: powerbi
    baseUri: https://api.powerbi.com/v1.0/myorg
    authentication:
      type: bearer
      token: $secrets.powerbi_token
    resources:
    - name: refreshes
      path: /groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes
      inputParameters:
      - name: workspace_id
        in: path
      - name: dataset_id
        in: path
      operations:
      - name: trigger-refresh
        method: POST

Queries metric values from a monitoring dashboard. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca Metric Dashboard Query
  description: Queries metric values from a monitoring dashboard. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - jira
capability:
  exposes:
  - type: mcp
    namespace: jira
    port: 8080
    tools:
    - name: get-metric_dashboard_query
      description: Queries metric values from a monitoring dashboard. Used by AstraZeneca teams.
      inputParameters:
      - name: metric_name
        in: body
        type: string
        description: The metric_name to look up.
      call: jira.get-metric_name
      with:
        metric_name: '{{metric_name}}'
  consumes:
  - type: http
    namespace: jira
    baseUri: https://astrazeneca.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_metric_dashboard_q
        method: GET

Checks availability of an API endpoint. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca API Endpoint Status
  description: Checks availability of an API endpoint. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - grafana
capability:
  exposes:
  - type: mcp
    namespace: grafana
    port: 8080
    tools:
    - name: get-api_endpoint_status
      description: Checks availability of an API endpoint. Used by AstraZeneca teams.
      inputParameters:
      - name: endpoint_url
        in: body
        type: string
        description: The endpoint_url to look up.
      call: grafana.get-endpoint_url
      with:
        endpoint_url: '{{endpoint_url}}'
  consumes:
  - type: http
    namespace: grafana
    baseUri: https://astrazeneca-grafana.com/api
    authentication:
      type: bearer
      token: $secrets.grafana_api_key
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_api_endpoint_statu
        method: GET

Checks the health status of a monitored service. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca Service Health Check
  description: Checks the health status of a monitored service. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - salesforce
capability:
  exposes:
  - type: mcp
    namespace: salesforce
    port: 8080
    tools:
    - name: get-service_health_check
      description: Checks the health status of a monitored service. Used by AstraZeneca teams.
      inputParameters:
      - name: health_target
        in: body
        type: string
        description: The health_target to look up.
      call: salesforce.get-health_target
      with:
        health_target: '{{health_target}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://astrazeneca.my.salesforce.com/services/data/v58.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_service_health_che
        method: GET

Processes a Data Subject Access Request by searching for personal data in Workday, Salesforce, and ServiceNow, compiling results into a SharePoint package, and tracking the request in ServiceNow.

naftiko: '0.5'
info:
  label: DSAR Privacy Request Orchestrator
  description: Processes a Data Subject Access Request by searching for personal data in Workday, Salesforce, and ServiceNow, compiling results into a SharePoint package, and tracking the request in ServiceNow.
  tags:
  - privacy
  - compliance
  - gdpr
  - workday
  - salesforce
  - servicenow
  - sharepoint
capability:
  exposes:
  - type: mcp
    namespace: privacy-dsar
    port: 8080
    tools:
    - name: process-dsar
      description: 'Process a DSAR: search personal data across systems, compile results, and track completion.'
      inputParameters:
      - name: request_id
        in: body
        type: string
        description: The DSAR request identifier.
      - name: data_subject_email
        in: body
        type: string
        description: The email address of the data subject.
      - name: data_subject_name
        in: body
        type: string
        description: The full name of the data subject.
      steps:
      - name: search-workday
        type: call
        call: workday.search-workers
        with:
          email: '{{data_subject_email}}'
      - name: search-salesforce
        type: call
        call: salesforce.search-contacts
        with:
          email: '{{data_subject_email}}'
      - name: search-servicenow
        type: call
        call: servicenow.search-records
        with:
          table: sys_user
          email: '{{data_subject_email}}'
      - name: compile-package
        type: call
        call: sharepoint.create-folder
        with:
          site_id: privacy_dsar_site
          folder_path: DSAR/{{request_id}}_{{data_subject_name}}
      - name: update-tracking
        type: call
        call: servicenow.create-record
        with:
          table: u_dsar_requests
          request_id: '{{request_id}}'
          subject_name: '{{data_subject_name}}'
          systems_searched: Workday, Salesforce, ServiceNow
          package_url: '{{compile-package.url}}'
          status: data_compiled
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1/astrazeneca
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: workers-search
      path: /workers?email={{email}}
      inputParameters:
      - name: email
        in: query
      operations:
      - name: search-workers
        method: GET
  - type: http
    namespace: salesforce
    baseUri: https://astrazeneca.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: contacts-search
      path: /parameterizedSearch/?q={{email}}&sobject=Contact
      inputParameters:
      - name: email
        in: query
      operations:
      - name: search-contacts
        method: GET
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: table-search
      path: /table/{{table}}?sysparm_query=email={{email}}
      inputParameters:
      - name: table
        in: path
      - name: email
        in: query
      operations:
      - name: search-records
        method: GET
    - name: table
      path: /table/{{table}}
      inputParameters:
      - name: table
        in: path
      operations:
      - name: create-record
        method: POST
  - type: http
    namespace: sharepoint
    baseUri: https://graph.microsoft.com/v1.0/sites
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: drive-items
      path: /{{site_id}}/drive/root:/{{folder_path}}
      inputParameters:
      - name: site_id
        in: path
      - name: folder_path
        in: path
      operations:
      - name: create-folder
        method: POST

When a medical information request arrives via Salesforce Service Cloud, retrieves the HCP profile, searches Veeva Vault for approved response documents, creates a case in ServiceNow, and sends the response via Microsoft Outlook.

naftiko: '0.5'
info:
  label: Medical Information Request Orchestrator
  description: When a medical information request arrives via Salesforce Service Cloud, retrieves the HCP profile, searches Veeva Vault for approved response documents, creates a case in ServiceNow, and sends the response via Microsoft Outlook.
  tags:
  - medical-affairs
  - medical-information
  - salesforce
  - veeva
  - servicenow
  - microsoft-outlook
capability:
  exposes:
  - type: mcp
    namespace: medical-information
    port: 8080
    tools:
    - name: process-med-info-request
      description: 'Process a medical information request end-to-end: retrieve HCP context, find approved response, log case, and send reply.'
      inputParameters:
      - name: case_id
        in: body
        type: string
        description: The Salesforce Service Cloud case ID.
      - name: product_name
        in: body
        type: string
        description: The drug product referenced in the inquiry.
      - name: topic
        in: body
        type: string
        description: The medical topic of the inquiry.
      steps:
      - name: get-case
        type: call
        call: salesforce.get-case
        with:
          case_id: '{{case_id}}'
      - name: search-vault-docs
        type: call
        call: veeva.search-documents
        with:
          query: product:{{product_name}} AND topic:{{topic}} AND status:Approved
      - name: log-mi-case
        type: call
        call: servicenow.create-record
        with:
          table: u_medical_information
          short_description: 'MI Request: {{product_name}} - {{topic}}'
          hcp_name: '{{get-case.contact_name}}'
          document_id: '{{search-vault-docs.documents[0].id}}'
      - name: send-response
        type: call
        call: outlook.send-mail
        with:
          to: '{{get-case.contact_email}}'
          subject: 'AstraZeneca Medical Information: {{product_name}} - {{topic}}'
          body: 'Dear {{get-case.contact_name}}, please find the attached response document regarding {{product_name}}. Reference: {{log-mi-case.sys_id}}'
          attachment_url: '{{search-vault-docs.documents[0].download_url}}'
  consumes:
  - type: http
    namespace: salesforce
    baseUri: https://astrazeneca.my.salesforce.com/services/data/v59.0
    authentication:
      type: bearer
      token: $secrets.salesforce_token
    resources:
    - name: cases
      path: /sobjects/Case/{{case_id}}
      inputParameters:
      - name: case_id
        in: path
      operations:
      - name: get-case
        method: GET
  - type: http
    namespace: veeva
    baseUri: https://astrazeneca.veevavault.com/api/v24.1
    authentication:
      type: bearer
      token: $secrets.veeva_session_id
    resources:
    - name: search
      path: /objects/documents/search
      operations:
      - name: search-documents
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: table
      path: /table/{{table}}
      inputParameters:
      - name: table
        in: path
      operations:
      - name: create-record
        method: POST
  - type: http
    namespace: outlook
    baseUri: https://graph.microsoft.com/v1.0
    authentication:
      type: bearer
      token: $secrets.msgraph_token
    resources:
    - name: send-mail
      path: /me/sendMail
      operations:
      - name: send-mail
        method: POST

Checks the current status of a project. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca Project Status Check
  description: Checks the current status of a project. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - datadog
capability:
  exposes:
  - type: mcp
    namespace: datadog
    port: 8080
    tools:
    - name: get-project_status_check
      description: Checks the current status of a project. Used by AstraZeneca teams.
      inputParameters:
      - name: project_key
        in: body
        type: string
        description: The project_key to look up.
      call: datadog.get-project_key
      with:
        project_key: '{{project_key}}'
  consumes:
  - type: http
    namespace: datadog
    baseUri: https://api.datadoghq.com/api/v1
    authentication:
      type: apiKey
      key: $secrets.datadog_api_key
      header: DD-API-KEY
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_project_status_che
        method: GET

Tracks asset lifecycle stages, schedules replacements, manages disposal, and updates CMDB.

naftiko: '0.5'
info:
  label: IT Asset Lifecycle Pipeline
  description: Tracks asset lifecycle stages, schedules replacements, manages disposal, and updates CMDB.
  tags:
  - operations
  - servicenow
  - snowflake
  - slack
capability:
  exposes:
  - type: mcp
    namespace: operations
    port: 8080
    tools:
    - name: it_asset_lifecycle_pipeline
      description: Orchestrate it asset lifecycle pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-servicenow
        type: call
        call: servicenow.get-resource
        with:
          resource_id: '{{resource_id}}'
      - name: process-snowflake
        type: call
        call: snowflake.process-resource
        with:
          data: '{{get-servicenow.result}}'
      - name: create-slack
        type: call
        call: slack.create-resource
        with:
          channel: '{{notification_channel}}'
          text: IT Asset Lifecycle Pipeline step 3 complete.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-op
        method: POST
  - type: http
    namespace: snowflake
    baseUri: https://astrazeneca.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: snowflake-op
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-op
        method: POST

Retrieves user account details from the directory. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca User Account Lookup
  description: Retrieves user account details from the directory. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - snowflake
capability:
  exposes:
  - type: mcp
    namespace: snowflake
    port: 8080
    tools:
    - name: get-user_account_lookup
      description: Retrieves user account details from the directory. Used by AstraZeneca teams.
      inputParameters:
      - name: user_id
        in: body
        type: string
        description: The user_id to look up.
      call: snowflake.get-user_id
      with:
        user_id: '{{user_id}}'
  consumes:
  - type: http
    namespace: snowflake
    baseUri: https://astrazeneca.snowflakecomputing.com/api/v2
    authentication:
      type: bearer
      token: $secrets.snowflake_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_user_account_looku
        method: GET

Retrieves vulnerability scan results. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca Security Scan Results
  description: Retrieves vulnerability scan results. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - slack
capability:
  exposes:
  - type: mcp
    namespace: slack
    port: 8080
    tools:
    - name: get-security_scan_results
      description: Retrieves vulnerability scan results. Used by AstraZeneca teams.
      inputParameters:
      - name: scan_id
        in: body
        type: string
        description: The scan_id to look up.
      call: slack.get-scan_id
      with:
        scan_id: '{{scan_id}}'
  consumes:
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_security_scan_resu
        method: GET

Provisions new employee accounts, assigns training, creates IT tickets, and notifies managers.

naftiko: '0.5'
info:
  label: Employee Onboarding Automation Pipeline
  description: Provisions new employee accounts, assigns training, creates IT tickets, and notifies managers.
  tags:
  - hr
  - workday
  - servicenow
  - slack
capability:
  exposes:
  - type: mcp
    namespace: hr
    port: 8080
    tools:
    - name: employee_onboarding_automation
      description: Orchestrate employee onboarding automation pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-workday
        type: call
        call: workday.get-resource
        with:
          resource_id: '{{resource_id}}'
      - name: process-servicenow
        type: call
        call: servicenow.process-resource
        with:
          data: '{{get-workday.result}}'
      - name: create-slack
        type: call
        call: slack.create-resource
        with:
          channel: '{{notification_channel}}'
          text: Employee Onboarding Automation Pipeline step 3 complete.
  consumes:
  - type: http
    namespace: workday
    baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/astrazeneca
    authentication:
      type: bearer
      token: $secrets.workday_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: workday-op
        method: POST
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-op
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-op
        method: POST

Validates change requests, routes for approval, schedules implementation, and notifies stakeholders.

naftiko: '0.5'
info:
  label: Change Management Approval Pipeline
  description: Validates change requests, routes for approval, schedules implementation, and notifies stakeholders.
  tags:
  - itsm
  - servicenow
  - jira
  - slack
capability:
  exposes:
  - type: mcp
    namespace: itsm
    port: 8080
    tools:
    - name: change_management_approval_pipeline
      description: Orchestrate change management approval pipeline workflow.
      inputParameters:
      - name: resource_id
        in: body
        type: string
        description: Primary resource identifier.
      steps:
      - name: get-servicenow
        type: call
        call: servicenow.get-resource
        with:
          resource_id: '{{resource_id}}'
      - name: process-jira
        type: call
        call: jira.process-resource
        with:
          data: '{{get-servicenow.result}}'
      - name: create-slack
        type: call
        call: slack.create-resource
        with:
          channel: '{{notification_channel}}'
          text: Change Management Approval Pipeline step 3 complete.
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: servicenow-op
        method: POST
  - type: http
    namespace: jira
    baseUri: https://astrazeneca.atlassian.net/rest/api/3
    authentication:
      type: basic
      username: $secrets.jira_user
      password: $secrets.jira_api_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: jira-op
        method: POST
  - type: http
    namespace: slack
    baseUri: https://slack.com/api
    authentication:
      type: bearer
      token: $secrets.slack_bot_token
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: slack-op
        method: POST

Searches application logs for matching patterns. Used by AstraZeneca teams.

naftiko: '0.5'
info:
  label: AstraZeneca Log Search Query
  description: Searches application logs for matching patterns. Used by AstraZeneca teams.
  tags:
  - pharmaceutical
  - servicenow
capability:
  exposes:
  - type: mcp
    namespace: servicenow
    port: 8080
    tools:
    - name: get-log_search_query
      description: Searches application logs for matching patterns. Used by AstraZeneca teams.
      inputParameters:
      - name: search_query
        in: body
        type: string
        description: The search_query to look up.
      call: servicenow.get-search_query
      with:
        search_query: '{{search_query}}'
  consumes:
  - type: http
    namespace: servicenow
    baseUri: https://astrazeneca.service-now.com/api/now
    authentication:
      type: basic
      username: $secrets.servicenow_user
      password: $secrets.servicenow_password
    resources:
    - name: resources
      path: /resources/{{resource_id}}
      operations:
      - name: astrazeneca_servicenow_log_sea
        method: GET

Launches a clinical trial patient recruitment campaign by creating a Salesforce Marketing Cloud email journey, publishing trial information to the AstraZeneca website via the CMS, and tracking campaign performance in Google Analytics.

naftiko: '0.5'
info:
  label: Patient Recruitment Campaign Orchestrator
  description: Launches a clinical trial patient recruitment campaign by creating a Salesforce Marketing Cloud email journey, publishing trial information to the AstraZeneca website via the CMS, and tracking campaign performance in Google Analytics.
  tags:
  - clinical-trials
  - patient-recruitment
  - salesforce-marketing-cloud
  - google-analytics
capability:
  exposes:
  - type: mcp
    namespace: patient-recruitment
    port: 8080
    tools:
    - name: launch-recruitment-campaign
      description: 'Orchestrate patient recruitment: create email journey, publish trial listing, and configure analytics tracking.'
      inputParameters:
      - name: study_id
        in: body
        type: string
        description: The clinical trial protocol number.
      - name: study_title
        in: body
        type: string
        description: The public study title.
      - name: therapeutic_area
        in: body
        type: string
        description: The therapeutic area.
      - name: target_audience_list
        in: body
        type: string
        description: Salesforce Marketing Cloud data extension name for the target audience.
      steps:
      - name: create-email-journey
        type: call
        call: sfmc.create-journey
        with:
          name: Recruitment - {{study_title}}
          data_extension: '{{target_audience_list}}'
          template: clinical_trial_recruitment
          study_id: '{{study_id}}'
      - name: publish-trial-page
        type: call
        call: cms.create-page
        with:
          title: '{{study_title}} - Clinical Trial Recruitment'
          category: clinical-trials/{{therapeutic_area}}
          study_id: '{{study_id}}'
      - name: configure-analytics
        type: call
        call: google-analytics.create-custom-dimension
        with:
          property_id: $secrets.ga_property_id
          dimension_name: study_{{study_id}}_recruitment
  consumes:
  - type: http
    namespace: sfmc
    baseUri: https://astrazeneca.rest.marketingcloudapis.com/interaction/v1
    authentication:
      type: bearer
      token: $secrets.sfmc_token
    resources:
    - name: journeys
      path: /interactions
      operations:
      - name: create-journey
        method: POST
  - type: http
    namespace: cms
    baseUri: https://cms.astrazeneca.com/api/v2
    authentication:
      type: bearer
      token: $secrets.cms_token
    resources:
    - name: pages
      path: /pages
      operations:
      - name: create-page
        method: POST
  - type: http
    namespace: google-analytics
    baseUri: https://analyticsadmin.googleapis.com/v1beta
    authentication:
      type: bearer
      token: $secrets.google_analytics_token
    resources:
    - name: custom-dimensions
      path: /properties/{{property_id}}/customDimensions
      inputParameters:
      - name: property_id
        in: path
      operations:
      - name: create-custom-dimension
        method: POST